Workday Security Administrator (NCS) - BCIT

About The Position

Requirements

• Bachelor’s degree in computer science, Information Technology, Cybersecurity, or a related field.
• Minimum 3-5 years of hand-on experience with Workday as a Security Administrator or Configurator or security related role.
• Proficiency in Security Information and Event Management (SIEM) tools (e.g.,Splunk, Microsoft Sentinel, and IBM QRadar) or Governance, Risk, and Compliance (GRC) tools (e.g., SAP GRC Access Control) for continuous monitoring and violation remediation.
• Understanding of network protocols, security concepts, and best practices for secure application and infrastructure design.
• In-depth knowledge of Workday security concepts including Role-Based Access Control (RBAC), Transactional Authorization, and Parameter Management.
• Strong understanding of network security principles, firewalls, and secure communication protocols (TLS/SSL, SAML, OAuth).
• Experience with Identity and Access Management (IAM) and privileged access management (PAM) solutions.
• Familiarity with database security best practices (e.g., Oracle Database Security, SQL Server Security).
• Ability to quickly assess complex security risks and design effective, pragmatic solutions.
• Excellent written and verbal communication skills, with the ability to clearly articulate technical risks to both technical teams and non-technical stakeholders.
• Proven ability to work effectively across functional teams (HR,Finance, Procurement) to understand business processes and translate them into secure technical controls.
• High degree of professionalism and integrity in handling sensitive City data.
• Proven ability to prioritize tasks and work on multiple projects simultaneously.

Nice To Haves

• Experience in the public sector or government environment is highly desirable.
• Workday Pro Platform Administrator Certification
• Workday Pro Security Certification
• Certified Information Systems Security Professional (CISSP)
• Certified Information Systems Auditor (CISA)
• Solid understanding of the Workday configurable security framework, security features and controls
• Ability to accurately collect information in order to understand and assess the clients’ needs and situation
• Working knowledge of HR/Finance information systems, data models organization structures, and roles
• Strong verbal and written communication skills to interact with functional and IT clients
• Comfortable enforcing adherence to security policies and practices
• Excellent problem-solving and analytical skills, with the ability to identify and address complex issues
• Effective communication and collaboration skills, with the ability to work cross-functionally

Responsibilities

• Design, implement, and maintain robust role-based access control (RBAC) structures, user authentication policies, and permission matrices within the Workday system.
• Develop and enforce Segregation of Duties (SoD) policies to mitigate financial and operational risk.
• Design and manage Workday landscape security, including client/instance hardening, transport security, interface security, and secure configuration of gateway and message server services.
• Apply security patches, updates, and configuration best practices to harden the Workday application.
• Configure and monitor security audit logs, critical transaction usage, and suspicious activity within the Workday system; respond promptly to security incidents.
• Serve as the primary security liaison for internal and external audits; provide evidence of compliance and implement remediation plans for identified control deficiencies.
• Ensure all Workday security policies and procedures align with City and regulatory standards (e.g., PCI-DSS compliance, GDPR for resident data, etc., if applicable).
• Conduct regular security scans, penetration testing, and vulnerability assessments of the Workday platform.
• Manage the end-to-end lifecycle of Workday user accounts, including provisioning, de-provisioning, access reviews, and emergency access procedures.
• Manage security groups for integrations and ensures the integration functions as expected and does not expose sensitive data due to misconfigured permissions. Maintains detailed records of integration security configurations for audit purposes.
• Configure and maintain integration with the City's identity management system for Single Sign-On (SSO) and Multi-Factor Authentication (MFA).
• Participate in change control reviews to ensure security policies and data privacy standards are aligned with City and regulatory standards.
• Create and maintain comprehensive security documentation, standard operating procedures, and runbooks for all Workday security controls.
• Engage with Workday TAM to stay updated on new security features within the application’s future roadmap and implement where possible.

Benefits

• medical
• prescription drug
• dental
• vision
• optional life
• AD&D
• FSA plans
• wellness programs
• support groups
• workshops