Workday’s Cybersecurity GRC team is responsible for protecting the confidentiality, integrity, and availability of customers' sensitive data while ensuring compliance with contractual and regulatory requirements
Job Summary
Workday’s Cybersecurity GRC team is responsible for protecting the confidentiality, integrity, and availability of customers' sensitive data while ensuring compliance with contractual and regulatory requirements.
The role involves acting as a key representative for the cGRC organization, managing audit cycles, security questionnaires, customer calls, and risk assessments in a fast-paced SaaS environment.
Workday offers a flexible hybrid work model that balances in-person collaboration with remote work, fostering a culture rooted in integrity, empathy, and shared enthusiasm.
Matching Summary
Workday’s Cybersecurity GRC team is responsible for protecting the confidentiality, integrity, and availability of customers' sensitive data while ensuring compliance with contractual and regulatory requirements.
Skills & Requirements
Must-have
Cybersecurity compliance management
Managing complex security audits
Cloud computing and SaaS risk frameworks
Security risk assessments
Customer-facing security support
Project management of audits and certifications
Nice-to-have
Collaboration across global teams
Articulating security posture externally
Flexible hybrid work environment
Strong problem-solving skills
Ownership of tasks and projects
Key Requirements
6-8 years in Security Compliance or IT Audit
Proficiency with SOC1 (SSAE18), SOC2, ISO27001
Experience with cloud and SaaS security controls
Professional certifications like CISA, CISM, CISSP, CRISC preferred