Job Description
Cybersecurity Risk Management Specialist
Workday unites finance and HR on a single AI-driven platform, empowering people, enabling fast decisions, and ensuring flawless operations to drive business forward. Our culture is driven by our value of putting our people first, and our Workmates believe a healthy employee-centric, collaborative culture is essential for success in business.
About the Team:
- Cybersecurity GRC & Trust (cGRC&T) is dedicated to maintaining, enhancing, and protecting trust in Workday.
- The cGRC team serves as a trusted advisor across Workday to help maintain and enhance trust for our customers.
About the Role:
- The ideal candidate brings an understanding of cyber risk management frameworks and solutions, with the ability to translate them into business value.
- This candidate needs to approach risk evaluations through the lens of an adversary to understand the entire attack surface and attack vectors.
Key Responsibilities:
- Building and operating our cyber risk assessment programs, and identifying opportunities to improve our methodologies and processes iteratively.
- Ensuring risks are identified, centrally registered, and tracked using a consistent methodology and lifecycle management.
- Providing Risk Advisory support to Workday's Business units.
- Crafting and preparing reports, heatmaps, and presentations for different audiences throughout the organization.
About You:
- Bachelor's degree in cybersecurity or computer science.
- 5+ years in Information Security or a security or related engineering role in a technical environment.
- Demonstrated ability providing risk-based security recommendations.
Our Approach to Flexible Work:
- We're combining the best of both worlds: in-person time and remote.
- This means you'll have the freedom to create a flexible schedule that caters to your business, team, and personal needs.
Cybersecurity Risk Management Specialist Summary:
We are seeking a Cybersecurity Risk Management Specialist to join our team at Workday. The ideal candidate will have a strong understanding of cyber risk management frameworks and solutions, with the ability to translate them into business value.