Your work days are brighter here.At Workday, it all began with a conversation over breakfast. When our founders met at a sunny California diner, they came up with an idea to revolutionize the enterprise software market. And when we began to rise, one thing that really set us apart was our culture. A culture which was driven by our value of putting our people first. And ever since, the happiness, development, and contribution of every Workmate is central to who we are. Our Workmates believe a healthy employee-centric, collaborative culture is the essential mix of ingredients for success in business. That’s why we look after our people, communities and the planet while still being profitable. Feel encouraged to shine, however that manifests: you don’t need to hide who you are. You can feel the energy and the passion, it's what makes us unique. Inspired to make a brighter work day for all and transform with us to the next stage of our growth journey? Bring your brightest version of you and have a brighter work day here.About the TeamWorkday is using the latest software development and cloud technologies to build platforms and application services to support our growth while also ensuring the protection of Workday data and infrastructure.The Application Security organization is tasked with the delivery of technical solutions and standards in support of Workday's SSDLC program. We empower Workday's Product and Technology teams to rapidly deploy secure software!About the RoleDo you have a passion for security? In this role, you will be working with group of passionate engineers across a number of teams who are focused on the development and deployment of a robust set of application security tools and services. As Application Security Engineer, you are tasked with driving security into Workday's platform and ensuring software and services are designed and implemented with security in mind from the very beginning.We build and maintain security toolchains for Workday's application and service platforms with design choices tending to lean toward innovative technology stacks. Seamless integration of toolsets into service pipelines reducing security induced friction is one of our primary goals. The toolchains developed are a critical part of the shift left initiatives at Workday. You will have the flexibility of a hybrid schedule.About YouBasic Qualifications4-5+ years of experience in Cyber Security Engineering or Software Engineering or Public Cloud PlatformExpertise in Python or Java scripting plus API integration experienceExperience with security frameworks, such as NISTExperience with public cloud technologies, GCP and/or AWS preferredBachelor's degree or higher in relevant fieldsOther Qualifications Experience with one or more of the security tools commonly used in development pipelines e.g. SAST, DAST or IAST tools, Fuzzing tools, Twistlock, Snyk, Hashicorp VaultAt least one modern programming language alongside your Python knowlegde e.g. Golang, Ruby, Java 8+, Scala, Rust, JavaScriptExperience analyzing threats and vulnerabilities to determine security impactExperience creating shared libraries or services to be consumed by other internal teamsBuilding Dockerized applications, and container orchestration in public and private cloudsExperience in developing, deploying, and supporting security specific solutions including the automation of repeatable security tasks and controlsAre you being referred to one of our roles? If so, ask your connection at Workday about our Employee Referral process!
View Original Job Posting