Your work days are brighter here.At Workday, it all began with a conversation over breakfast. When our founders met at a sunny California diner, they came up with an idea to revolutionize the enterprise software market. And when we began to rise, one thing that really set us apart was our culture. A culture which was driven by our value of putting our people first. And ever since, the happiness, development, and contribution of every Workmate is central to who we are. Our Workmates believe a healthy employee-centric, collaborative culture is the essential mix of ingredients for success in business. That’s why we look after our people, communities and the planet while still being profitable. Feel encouraged to shine, however that manifests: you don’t need to hide who you are. You can feel the energy and the passion, it's what makes us unique. Inspired to make a brighter work day for all and transform with us to the next stage of our growth journey? Bring your brightest version of you and have a brighter work day here.About the TeamWorkday is looking for a highly motivated and dedicated Sr. Cybersecurity Engineer to join our Data Loss Prevention (DLP) Security team. The ideal candidate must demonstrate a comprehensive understanding of enterprise DLP, have the technical skills to independently research and address technical issues and handle events, and be experienced collaborating in a distributed team.This includes detailing processes and procedures related to security tooling, partnering with peer organizations for changes, developing robust security controls, assisting with active security events, participating in on-call rotation, continually improving operating methods, and more. As part of the Operational Technology Security organization, the DLP Security team supports and partners with multiple teams across the business, including the wider Security organisation, Business Technology (BT), Legal & Compliance, Internal Audit, etc.About the RolePrimarily responsible for running day to day enterprise operations including, but not limited to:Conducting analysis and trending of events detected from endpoint security solutions, SaaS solutions, email DLP, and other security applications.Prioritising and handling raised DLP alerts and security events.Defining custom rules and tuning existing rules, policies, alerts, etc. based on partner needs or situational conditions.Aggregating DLP data and developing performance indicators for measuring the efficiency of the DLP solution, related rule efficacy, and security controls.Developing new, and enhancing existing, procedures to improve operational efficiencies, and reporting accuracy.Regularly reviewing BAU processes to ensure they are fit for purpose.Defining and implementing process and technology improvements related to preventing unauthorized disclosure, modification, removal, or destruction of information.Monitoring the use of DLP solutions and ensuring a consistent process of improvement is in place.Maintaining awareness of emerging threats to data protection, system integrity, and network availability.Conducting threat hunting exercises using existing security applications.Analysing reports from DLP tooling and providing relevant metrics to senior management.Running deployed DLP technologies and their integration points with Configuration Management Database (CMDB), email infrastructure, SaaS environments, LDAP (e.g. Active Directory), etc. About YouBasic Qualifications (Senior)Bachelor's degree or higher in a relevant field.4+ years of experience in a DLP or cybersecurity engineering operations role.Experience detecting and responding to cybersecurity incidents in an Information Technology environment.Deep technical knowledge of DLP architecture, system policies, rules, etc.Solid understanding of data classification concepts and processes;Experience creating regular expressions.General knowledge across common IT security fundamentals, such as networking, network security, servers, applications, email gateways, cloud environments (AWS, Azure, etc), systems, data protection, and SaaS products.General knowledge of operational security tools such as: email protection systems, privileged access management, hardware authentication devices, next-gen antivirus, multi-factor authentication solutions, etc.Familiarity with NIST CSF and ITIL standards.Basic Qualifications (Mid-Senior)Bachelor's degree or higher in a relevant field.2-3+ years of experience in a DLP or cybersecurity engineering operations role.Experience detecting and responding to cybersecurity incidents in an Information Technology environment.Technical knowledge of DLP architecture, system policies, rules, etc.Solid understanding of data classification concepts and processes;Experience creating regular expressions.General knowledge across common IT security fundamentals, such as networking, network security, servers, applications, email gateways, cloud environments (AWS, Azure, etc), systems, data protection, and SaaS products.General knowledge of operational security tools such as: email protection systems, privileged access management, hardware authentication devices, next-gen antivirus, multi-factor authentication solutions, etc.Familiarity with NIST CSF and ITIL standards.Other QualificationsCISSP, Security+, or relevant security certifications are a plus.Demonstrable understanding of Splunk searching and reporting capabilities.Strong organizational, multi-tasking, and time management skills.Ability to analyse technical information from various sources.Strong verbal and written skills to successfully communicate technical details and thoughts through non-technical terminology to various levels of managementWork well in team environments with internal and external resources, as well as work independently on tasks.Are you being referred to one of our roles? If so, ask your connection at Workday about our Employee Referral process!
View Original Job Posting