This role serves as the primary intelligence integration point between customer stakeholders, Workday Security teams, and external intelligence organizations to enhance security posture across government SaaS environments
Job Summary
This role serves as the primary intelligence integration point between customer stakeholders, Workday Security teams, and external intelligence organizations to enhance security posture across government SaaS environments.
The position requires translating complex threat intelligence into actionable insights, detection requirements, and hunting hypotheses to support SOC monitoring and detection engineering.
Workday offers a flexible work approach requiring at least half of the time each quarter to be spent in-office or in the field, combined with competitive compensation including bonus plans and stock grants.
Matching Summary
This role serves as the primary intelligence integration point between customer stakeholders, Workday Security teams, and external intelligence organizations to enhance security posture across government SaaS environments.
Salary
Base: $130,200 - $195,400 USD; Bonus/Equity: Eligible for Workday Bonus Plan and annual refresh stock grants; Benefits: Comprehensive benefits package described as available
Skills & Requirements
Must-have
7+ years cybersecurity experience
SOC operations and detection engineering
MITRE ATT&CK framework mapping
Executive and technical briefing skills
US citizenship requirement
Nice-to-have
SaaS platform experience in government networks
Familiarity with CISA, NSA, and NIST guidance
Experience with MISP or commercial threat intel tools
Strategic thinking and operational knowledge
Strong collaboration and accountability culture
Key Requirements
7+ years in cybersecurity or incident response
United States citizenship (naturalized or native)
Eligibility for security clearance
Experience supporting SOC operations
Ability to brief technical and executive audiences