Principal Cybersecurity GRC - Public Sector

Position Overview

Workday's Cybersecurity Governance, Risk, Compliance & Trust (cGRCT) team enables business agility while maintaining a strong security posture through intelligent risk-taking, optimized controls management, and iterative security governance. The cGRCT Public Sector pillar's mission is to enable and maintain Workday’s Public Sector offerings through certification, continuous monitoring, consultation, and deep stakeholder alignment. This role is a critical part of Workday’s GRC function and will work as a key team member leading the design, implementation, and assessment of Workday's US Federal offerings. You will play a vital role in ensuring continued compliance across public sector frameworks, assist in prioritizing future system changes, and manage the audit lifecycle for the FedRAMP program. You will lead security and compliance related interactions with Workday's Federal customers and advise internal business partners on risk and compliance requirements related to the product development lifecycle and other strategic organizational initiatives.

Company Culture

Your work days are brighter here. At Workday, it all began with a conversation over breakfast. When our founders met at a sunny California diner, they came up with an idea to revolutionize the enterprise software market. And when we began to rise, one thing that really set us apart was our culture. A culture which was driven by our value of putting our people first. And ever since, the happiness, development, and contribution of every Workmate is central to who we are. Our Workmates believe a healthy employee-centric, collaborative culture is the essential mix of ingredients for success in business. That’s why we look after our people, communities, and the planet while still being profitable. Feel encouraged to shine, however that manifests: you don’t need to hide who you are. You can feel the energy and the passion; it's what makes us unique. Inspired to make a brighter work day for all and transform with us to the next stage of our growth journey? Bring your brightest version of you and have a brighter work day here.

Important Candidate Information

Workday values our candidates’ privacy and data security. Workday will never ask candidates to apply to jobs through websites that are not Workday Careers. Please be aware of sites that may ask you to input your data in connection with a job posting that appears to be from Workday but is not. In addition, Workday will never ask candidates to pay a recruiting fee, or pay for consulting or coaching services, in order to apply for a job at Workday.

About the Team

The Workday Cybersecurity Governance, Risk, Compliance & Trust (cGRCT) team enables business agility while maintaining a strong security posture via intelligent risk-taking, optimized controls management, and iterative security governance. The cGRCT Public Sector pillar’s mission is to enable and maintain Workday’s Public Sector offerings through certification, continuous monitoring, consultation and deep stakeholder alignment. We act as a trusted advisor across Workday to help maintain and enhance our customer's trust through various global programs including UK Procurement Framework management, German C5, Australian IRAP, Japanese ISMAP, Canadian Contract Security inclusive of our Canadian Facility Security Clearance, FedRAMP and other RAMP-adjacent programs.

About the Role

The Principal Cybersecurity GRC - Public Sector role is a critical part of Workday’s GRC function and will work as a key team member leading the design, implementation and assessment of Workday's US Federal offerings. You will play a vital role in ensuring continued compliance across public sector frameworks, assist in prioritizing future system changes and manage the audit lifecycle for the FedRAMP program. You will lead security and compliance related interactions with Workday's Federal customers and advise internal business partners on risk and compliance requirements related to the product development lifecycle and other strategic organizational initiatives.

Requirements

Basic Qualifications: Senior Level

• 8+ years of experience in an equivalent governance, risk & compliance and/or related engineering role
• 5+ years direct experience with the FedRAMP and RMF assessment and authorization processes
• Security Clearance: TS/SCI with CI POLY (Applicants must already possess a valid and active TS/SCI with CI POLY security clearance)

Basic Qualifications: Principal

• 10+ years of experience in an equivalent governance, risk & compliance and/or related engineering role
• 5+ years direct experience with the FedRAMP and RMF assessment and authorization processes
• Security Clearance: TS/SCI with CI POLY (Applicants must already possess a valid and active TS/SCI with CI POLY security clearance)

Other Qualifications

• A solid understanding of the FedRAMP Framework and DoD Impact levels IL4, IL5 and IL6
• Bachelor's degree or equivalent experience

Responsibilities

• Lead the design, implementation, and assessment of Workday's US Federal offerings.
• Ensure continued compliance across public sector frameworks.
• Assist in prioritizing future system changes.
• Manage the audit lifecycle for the FedRAMP program.
• Lead security and compliance related interactions with Workday's Federal customers.
• Advise internal business partners on risk and compliance requirements related to the product development lifecycle and other strategic organizational initiatives.

Employment Type

Full Time

Location Type

Information not provided.

Salary

Information not provided.