Workday Security Lead

Job Title: Workday Security Lead

Industry: Healthcare
Location: Boston, MA preferred, but will consider remote candidates in the following states: AL, FL, GA, LA, MA, MO, NH, OH, SC, TX, RI, MD
FLSA Status: Exempt

---

Overview

The Workday Security Lead is responsible for the strategic architecture, governance, administration, and optimization of the Workday security model. This senior-level role requires deep expertise in Workday security structures, including security groups, domain security policies, business process security, role assignments, and segregation of duties.

This individual will lead enterprise-wide Workday security initiatives, including role design, access governance, compliance, audit readiness, and long-term security roadmap planning. The role partners closely with HR, Finance, Payroll, IT, Compliance, and executive leadership to ensure solutions are secure, scalable, and aligned with regulatory and business requirements.

---

Key Responsibilities

<>Security Architecture & Administration

• Design and configure Workday security structures, including security groups, domain policies, and role-based access controls
• Oversee provisioning, deprovisioning, role assignments, and access governance processes
• Develop and maintain security frameworks, approval standards, and monitoring controls
• Ensure secure configuration, compliance, and governance across the Workday platform
• Manage security-related changes, including testing, validation, and production readiness
• Support Workday release cycles and coordinate security activities across teams

<>Governance, Risk & Compliance

• Lead security audits, segregation of duties (SoD) assessments, and control evaluations
• Establish standards for access reviews, documentation, and audit evidence retention
• Ensure compliance with regulatory frameworks (e.g., SOX, HIPAA, GDPR)
• Partner with audit and compliance teams on remediation and control improvements

<>Collaboration & Leadership

• Drive alignment across HR, Finance, Payroll, IT, and Compliance stakeholders
• Present security strategy, risks, and recommendations to leadership
• Mentor Workday security analysts and administrators
• Develop governance documentation, role design standards, and operating procedures

<>Cross-Functional Integration

• Coordinate security design and validation across integrated systems and functional areas
• Partner with cybersecurity, identity, and enterprise architecture teams
• Support system upgrades and ensure secure interoperability across platforms
• Standardize security reporting and access review outputs

---

Qualifications

<>Required

• Bachelor’s degree (or equivalent experience) in Computer Science, Cybersecurity, Information Systems, or related field
• 7+ years of experience in enterprise application security, including strong Workday security experience
• Expertise in Workday security models, role-based configurations, and access governance
• Experience leading security governance, audit readiness, and compliance initiatives in a regulated environment

<>Preferred

• Workday Security Administration certification and/or Workday HCM Pro
• CISSP, CISA, or related certifications
• Experience in healthcare or similarly complex, regulated environments
• Proven experience with SOX compliance or audit remediation

---

Key Skills

• Deep knowledge of Workday security groups, domain security, and business process security
• Strong understanding of access governance, segregation of duties, and audit controls
• Experience with regulatory frameworks (SOX, SOC, HIPAA, GDPR)
• Excellent leadership, communication, and stakeholder management skills
• Ability to design scalable, compliant, and sustainable security solutions
• Strong project management and problem-solving capabilities

---

Additional Information

• This role operates within a highly regulated healthcare environment and requires a strong focus on compliance, risk management, and data security
• Candidates should demonstrate the ability to design and maintain secure, scalable Workday environments aligned with enterprise strategy

CLIENT does not discriminate in employment on the basis of race, color, religion, sex (including pregnancy and gender identity), national origin, political affiliation, sexual orientation, marital status, disability, genetic information, age, membership in an employee organization, retaliation, parental status, military service, or other non-merit factor.