Senior Cybersecurity Engineer

Your work days are brighter here.At Workday, it all began with a conversation over breakfast. When our founders met at a sunny California diner, they came up with an idea to revolutionize the enterprise software market. And when we began to rise, one thing that really set us apart was our culture. A culture which was driven by our value of putting our people first. And ever since, the happiness, development, and contribution of every Workmate is central to who we are. Our Workmates believe a healthy employee-centric, collaborative culture is the essential mix of ingredients for success in business. That’s why we look after our people, communities and the planet while still being profitable. Feel encouraged to shine, however that manifests: you don’t need to hide who you are. You can feel the energy and the passion, it's what makes us unique. Inspired to make a brighter work day for all and transform with us to the next stage of our growth journey? Bring your brightest version of you and have a brighter work day here.About the TeamWorkday is looking for a Sr. Cybersecurity Engineer to join our Crisis & Incident Management team. This is a critical security program that provides support to the entire Workday organization in managing security and privacy events.This includes following the Workday Incident Response plan, creating/reviewing playbooks based on need, ensuring all tickets are closed out in a timely manner, identifying opportunities for improvement or concerns with processes to the appropriate team, developing and reporting metrics, detailing processes related to security tooling, being available after regular work hours, partnering with peer organizations for developing and changing automation processes, continually improving our processes, and more.The Crisis & Incident Management team supports and partners with all departments and levels of the organization, working cohesively, effectively and also continually looks for improvements to minimize human involvement by creating and improving automation.About the RoleManaging and documenting all privacy and security incidents completely, on-time, with regular updates.Ensures all follow-up activities are conducted for investigations (e.g., policy updates, patching, etc.).Participate in internal/external audits and be able to clearly and concisely explain the programs both internally and externally.Escalate issues to leadership as required.Gather data, analyze and draft metrics reports, including department, project, key indicators, and dashboards.Primary contact for possible escalation of privacy and security incidents and events.Comfortable with being on-call and working past expected leave time if an issue should arise.Ability to quickly develop excellent working relationships with peers and key stakeholders such as business partners, legal, privacy, internal audit, risk, and technology specialists.Facilitate incident meetings effectively and efficiently.Recognize opportunities for improvement in areas of responsibility and take initiative to work with peers to implement changes or clearly communicate their findings, suggested solutions, and other relevant information to management.Ensure cyber security incident contacts (employees who help assist to resolve issues) and playbooks are kept up to date at all times.Comfortable running crisis level security events with minimal oversight.Develop automation in JIRA, Slack, Splunk, etc.Partner with peer security organizations, in supporting risk mitigation, assist with alignment of security standards, maintain all critical business operations, address issues in a timely manner, and work on program initiatives.Be able to speak on security topics across a wide variety of technical or non-technical audiences.About YouBasic Qualifications:Extremely high sense of responsibility and integrityBachelor’s Degree or higher in relevant field (e.g. Information Security, Computer Science)5+ years working in a cybersecurity organization.Exceptional written and verbal communication skills enabling effective articulation of issues both internally and externally.Ability to coordinate the activities outside of the Incident Management team.Ability to drive meetings to effective results.Confidence in addressing senior and executive management in a debrief situation.Demonstrate key critical behaviors:  commitment to task, communication, customer focus, decision making/problem solving, flexibility, and time management.Confident as a self-starter/working independently, as well as being able to work, give direction, and speak with many different groups of people at all levels of an organizationBasic information security and technical concepts knowledge.Think quickly on your feet when faced with time constraints and work with a sense of urgency.Extensive JIRA experience in creating automation, metrics, and integrations with various system tools Other Qualifications:CISSP is a plusTableau experience is a plus#LI-GS4#IJAre you being referred to one of our roles? If so, ask your connection at Workday about our Employee Referral process!