Reporting to the Manager, HRIS, the HRIS Security & Compliance Analyst safeguards the integrity, confidentiality, and availability of HR Technologies and employee data. Is responsible for administering system access, monitors compliance with internal policies and external regulations, and partners with HR, IT, Legal, and Risk and Audit teams to ensure secure and compliant HR technology operations. Serves as the subject matter expert for Workday security assignments, policies distributions and updates, risk mitigation, and data governance best practices. The role also proactively identifies risks, recommends process improvements, and contributes to the overall security strategy, ensuring the Workday environment remains secure, compliant, and well-governed.
ESSENTIAL DUTIES AND RESPONSIBILITIES1. Security Administration Responsible for HRIS security administration, including user access management, role-based permissions, security documentation, change controls, and security enhancements across platforms like Workday, Kainos, and SharePoint. Configures and maintains Workday security roles and domain policies to ensure users have the appropriate access needed to perform their responsibilities while upholding compliance and least-privilege principles, leveraging advanced experience to troubleshoot complex security model issues and guide stakeholders on secure design decisions.
2. System Governance & Controls Conducts ongoing security governance activities such as access audits, segregation of duties reviews, compliance checks, and monitoring for unauthorized activity or policy violations with the ability to independently lead recurring governance cycles and interpret control requirements with minimal oversight. Partners with IT Security and cross functional teams to maintain HRIS security standards, validate secure integrations, support system upgrades/releases, and ensure alignment with enterprise cybersecurity frameworks.
3. Compliance & Risk Management Ensures regulatory and enterprise compliance (e.g., HIPAA); supports internal/external audits; manages data privacy, retention, and governance standards; and identifies and mitigates security risks.
4. Training & Stakeholder Support Partners with stakeholders to prioritize and execute security enhancements, collaborates with cross functional teams to ensure consistent compliance across HR operations, and educates HR and business users on data privacy, security protocols, and best practices, drawing on expanded expertise to advise leaders on governance impacts.
5. Performs other duties as assigned to support the e?cient operation of the department.
EDUCATION, EXPERIENCE AND QUALIFICATIONS- Bachelor's degree in business, Information Systems, HR Technology, Cybersecurity, or related field required.
- Minimum two (2) years of hands-on Workday experience, with Workday Pro certification is preferred. Proficiency in Workday HCM Core, Security or Reporting is required.
- Minimum two (2) years of hands-on experience in a technology governance and compliance function required.
- Related, relevant, and/or direct experience may be considered in lieu of minimum educational requirements indicated above.
KNOWLEDGE, SKILLS AND ABILITIES (KSA)- Technical Proficiency & Analytics: Advanced knowledge of Microsoft Excel is required, with proficiency in MS Teams and PowerPoint preferred. HR data management and security audits are essential. Proficiency in writing and reading Workday audit reports are required.
- Project Management & Communication: Strong project management skills with the ability to prioritize multiple tasks effectively. Exceptional written, verbal, and interpersonal communication skills to collaborate across teams and business partners.
- Personal Qualities & Work Ethic: Self-motivated and highly organized individual with a customer-focused mindset, able to work accurately under pressure and deadlines. Demonstrates critical thinking, confidentiality, and independent judgment in a dynamic work environment.
- Risk Assessment & Critical Thinking: Ability to evaluate and prioritize real risks by identifying gaps, judging severity, and applying least-privilege, zero-trust, and secure-by-design principles to distinguish meaningful threats from procedural noise.
- Analytical & Investigative Skills: Able to ask the right questions or dig into logs, configurations, and documentation to spot inconsistencies or missing controls while maintaining consistency across multiple audits.
- Ethical Judgment & Integrity: Able to handle sensitive information responsibly; remain objective and unbiased; and know when to escalate issues appropriately.
LICENSES, CERTIFICATIONS AND REGISTRATIONS- At the discretion of the San Manuel Tribal Gaming Commission, you may be required to obtain and maintain a gaming license.
- No Driving Responsibilities: Role does not require a driver's license or insurance.
PHYSICAL REQUIREMENTS/ WORKING CONDITIONS - ENVIRONMENTThe physical demands and working environment described here are representative of those that an employee encounters and must be met by an employee to successfully perform the essential functions of this job.
- Primary work environment is in a climate-controlled office setting.
- Work requires travel to attend meetings, trade shows, and conferences.
- Incumbents may be required to work evening, weekend and holiday shifts.
- Must be able to work in a fast-paced, high-demand environment.
- Strength sufficient to exert up to 10 pounds of force occasionally and/or a negligible amount of force frequently or constantly to lift, carry, push, pull or otherwise move objects and/or move up to 40 pounds occasionally.
- Sedentary work: involves sitting most of the time. Constantly operates a computer and other office productivity machinery, such as a calculator, copy machine, and computer printer.
- Physical activities that apply to the essential functions of the position are balancing, stooping, kneeling, crouching, reaching, pushing, pulling, lifting, grasping, talking, hearing, and repetitive motions.
- Hearing sufficient to hear conversational levels in person, via videoconference and over the telephone.
- Speech sufficient to make oneself heard and understood in person, in front of groups, in meetings, via videoconference and over the telephone.
- Visual acuity that meets the requirements of the position: The worker is required to have close visual acuity to perform an activity such as preparing and analyzing data and figures; transcribing; viewing a computer terminal; expansive reading and visual inspection of employees, visitors or facility.
- Mobility sufficient to safely move in an office environment, walk, stoop, bend and kneel, and enter, exit and operate a motor vehicle in the course of travel to promotional events, meetings, conferences, trade shows and San Manuel properties.
- Endurance sufficient to sit, walk and stand for extended periods, and maintain efficiency throughout the entire work shift and during extended work hours.
- The employee may be exposed to fumes or airborne particles including secondhand smoke.
Reasonable accommodation will be made in compliance with all applicable law.
As one of the largest private employers in the Inland Empire, San Manuel deeply cares about the future, growth and well-being of its employees. Join our team today!
Never miss an opportunity! Create an alert based on the job you applied for.