Contribute to Workday’s cybersecurity compliance posture by leading and executing critical Cybersecurity Governance, Risk, and Compliance (cGRC) initiatives. Develop and maintain cybersecurity compliance frameworks, policies, and procedures to ensure adherence to global regulatory compliance requirements, particularly Network and Information Security Directive (NIS2), Digital Operational Resilience Act (DORA), Security of Critical Infrastructure Act (SOCI), Cybersecurity Resilience Act (CRA). Enable and maintain Workday’s Public Sector offerings through certifications, continuous monitoring, consultation and deep stakeholder alignment. Act as a trusted advisor across Workday to help maintain and enhance customer's trust through various global compliance programs including UK Public Sector Procurement Frameworks (G-Cloud and Back Office Software frameworks) and cybersecurity certification schemes like BSI C5 (Germany), IRAP (Australia), ENS (Spain). Conduct strategic analysis of Workday's control and technical landscape to identify automation opportunities for the GRC team, evaluate the potential of AI-driven efficiencies, and assess the ROI of GRC automation tools like OneTrust and TrustCloud. As part of the Shift-Left initiative, leverage a deep understanding of Workday's SDLC, LaunchPad and Secure Development Engagement Lifecycle processes to integrate cybersecurity control requirements, ensuring streamlined audit readiness and driving process optimization.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
Job Type
Full-time
Career Level
Principal