Sr. Manager of Security Engineering - US Federal

About the position

Workday is seeking a Senior Manager, Cyber Security Engineering to be part of the Federal Cloud Platform Engineering team. This team supports direct and indirect contracts with the U.S. Federal Government which, due to federal government security requirements, mandates all Workday personnel working on the contracts be United States citizens (naturalized or native). In this role, you will be responsible for developing, implementing, and maintaining security strategies and technologies passionate about safeguarding our runtime environments, particularly those hosted in the public cloud using Kubernetes platforms.

Responsibilities

• Define and implement a comprehensive security engineering roadmap, aligned with the organization's overall security objectives.
• Architect and implement security controls and processes to protect applications and data across our public cloud infrastructure.
• Ensure robust security for our cloud-based environments (AWS, Azure, GCP, etc.) including configuration management, identity and access management, and data protection.
• Establish and maintain security standard methodologies for containerized workloads and Kubernetes orchestration.
• Build and lead a robust threat detection capability to identify, analyze and support incident response capability for security incidents.
• Develop and lead a vulnerability management program to proactively identify and mitigate security risks.
• Build, mentor, and lead a globally distributed high-performing security engineering team.
• Work closely with other teams, including IT operations, security architecture, software development, and compliance, to ensure security is coordinated into all aspects of the business.
• Promote security awareness and standard processes across the organization.

Requirements

• This position requires a TS/SCI with CI polygraph security clearance.
• Applicants must already possess a valid and active TS/SCI with CI polygraph security clearance.
• 10+ years of dynamic experience in information security, with at least 5 years in a leadership role.
• Deep understanding of infrastructure security and cloud security.
• Outstanding leadership skills, with a track record of building and motivating high-performing teams.

Nice-to-haves

• Relevant Certifications: CISSP, CISM, or other relevant security certifications.
• Experience working in a sophisticated, large-scale environment (20,000+ employees) is a plus.
• Deep understanding of Kubernetes security and Linux.

Benefits

• Workday Bonus Plan or a role-specific commission/bonus.
• Annual refresh stock grants.
• Flexible work schedule allowing for a mix of in-person and remote work.