Principal Cybersecurity Engineer - US Federal
About The Position
This role will support one or more direct or indirect contracts with the U.S. Federal Government which, due to federal government security requirements, mandates that all Workday personnel working on the contracts be United States citizens (naturalized or native). As a member of our Platform Security Engineering team, you will be responsible for the architecture, engineering, and maintenance of the systems that protect the Workday product. Operating entirely within AWS, you will treat "Security as Code," ensuring our Vulnerability Management, SIEM, and SOAR tools are robust, scalable, and automated. You are the primary engineering partner to our SOC, building the high-fidelity tools they rely on to keep our customers safe.
Requirements
- AWS Mastery: Deep experience architecting and engineering across Compute, Storage, Networking, and Security.
- Container Orchestration: Heavy hands-on experience with Kubernetes (K8s) and Docker , specifically regarding lifecycle management and security hardening.
- Software Engineering: Advanced proficiency in Python . We value a developer-first approach to infrastructure; if you’ve mastered Python, we trust your ability to navigate any scripting environment.
- Infrastructure as Code: Proven track record using Terraform (or equivalent IaC) to manage complex environments.
- AI-Augmented Workflow: You are proficient at leveraging AI tools to accelerate your daily output and problem-solving.
- Data Synthesis: Ability to distill complex technical data into clear, visual narratives for stakeholders.
- United States citizens (naturalized or native) due to federal government security requirements.
Nice To Haves
- CI/CD Expertise: Experience building or maintaining robust pipelines in GitLab CI, GitHub Actions, or Jenkins.
- EKS Specialization: Specific experience managing production workloads on Amazon Elastic Kubernetes Service .
- SaaS at Scale: A background in securing large-scale, high-traffic, customer-facing SaaS platforms.
Responsibilities
- Design and maintain the lifecycle of our core security stack (Vulnerability Management, SIEM, and SOAR) in a native AWS environment.
- Secure, manage, and monitor Kubernetes clusters and containerized workloads.
- Ensure our tooling scales alongside our containerized infrastructure.
- Use tools like Terraform, CloudFormation, or CDK to deploy and manage security infrastructure, ensuring our environments are version-controlled and immutable.
- Leverage Python to bridge the gaps between commercial tools. When a tool hits its limit, you build the integration or custom logic to fix it.
- Actively use AI tools and LLMs as a "force multiplier" to accelerate development, optimize code, and automate repetitive tasks.
- Transform complex security telemetry into actionable, visual insights. You’ll build dashboards that show our partners exactly where we stand and where the gaps remain.
- Work to integrate security tooling into the developer workflow, ensuring our engineering is as agile as the product it protects.
Benefits
- Workday Bonus Plan or a role-specific commission/bonus
- Annual refresh stock grants
- Comprehensive benefits
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Principal
Education Level
No Education Listed
