Principal Cyber Security Engineer, Soc Lead (us Federal)

Workday

Reston, VA, USA
Primary location base pyy range: $184,800 usd - $2...
On-site
24x7 monitoring operations
Incident response coordination
Escalation management
Workday is seeking a Principal Cyber Security Engineer to lead its Cyber Defense Security Operations Center supporting U.S. Federal Government contracts. The ideal candidate will have extensive experience in cybersecurity operations, team leadership, and familiarity with SIEM platforms, particularly Splunk, while promoting a collaborative and integrity-driven company culture

Job Summary

  • The SOC Lead will provide technical and operational leadership for the Cyber Defense Security Operations Center supporting U.S. Government SaaS deployments, including air-gapped environments.
  • You will lead a team of SOC Analysts, ensure high-quality investigations, oversee detection engineering collaboration, and drive automation initiatives leveraging platforms such as Splunk and SOAR technologies (e.g., Tines).
  • This position requires a balance of operational leadership, deep technical expertise, and the ability to communicate risk effectively to leadership.

Matching Summary

Match Score: 85

Workday is seeking a Principal Cyber Security Engineer to lead its Cyber Defense Security Operations Center supporting U.S. Federal Government contracts. The ideal candidate will have extensive experience in cybersecurity operations, team leadership, and familiarity with SIEM platforms, particularly Splunk, while promoting a collaborative and integrity-driven company culture.

Salary

Primary Location Base Pay Range: $184,800 USD - $277,200 USD; Additional US Location(s) Base Pay Range: $167,200 USD - $300,000 USD; Bonus/Equity: Role may be eligible for Workday Bonus Plan or role-specific commission/bonus, as well as annual refresh stock grants.

Skills & Requirements

Must-have

  • 24x7 monitoring operations
  • incident response coordination
  • escalation management
  • Splunk SIEM platform
  • SOAR technologies
  • MITRE ATT&CK framework

Nice-to-have

  • curious minds and courageous collaborators
  • sun-drenched optimism and drive
  • building smarter solutions
  • meaningful work with Workmates
  • trust to take risks
  • tools to grow

Key Requirements

  • 10+ years of experience in cybersecurity operations, incident response, or threat detection
  • 5+ years of experience leading or mentoring security operations personnel
  • Experience managing incident response lifecycle activities aligned to NIST SP 800-61r3
  • Experience supporting secure cloud environments and/or air-gapped networks
  • Bachelor’s degree in Cybersecurity, Computer Science, Engineering, or equivalent experience
  • Ability to obtain and maintain a U.S. government issued security clearance (TS/SCI level)

Work Rights

Must be a United States citizen (naturalized or native)

Tailored Resume

Cover Letter