-
Job Description
Job Summary: Cybersecurity Risk Management Specialist
Workday is seeking a Cybersecurity Risk Management Specialist to join our team, responsible for identifying and mitigating cybersecurity risks across the organization.
About the Team
The Cybersecurity GRC & Trust team is dedicated to maintaining, enhancing, and protecting trust in Workday. Our team contributes by building and managing programs designed to protect the confidentiality, integrity, and availability (CIA) of our customers' most sensitive data.
About the Role
- Identify and assess cybersecurity risks across the organization, using a holistic approach to understand the entire attack surface and attack vectors.
- Develop and implement risk management programs, including security maturity assessments, risk assessments, and security exception evaluations.
- Provide risk advisory support to Workday's business units, ensuring risks are identified, centrally registered, and tracked using a consistent methodology and lifecycle management.
- Craft and prepare reports, heatmaps, and presentations for different audiences throughout the organization, including risk owners, senior leaders, and audit committee.
About You
- Bachelor's degree in cybersecurity or computer science.
- 5+ years in Information Security or a security or related engineering role in a technical environment.
- Demonstrated ability providing risk-based security recommendations.
- Skilled at big picture holistic thinking.
- Knowledge of NIST 800 - 53, NIST 800 - 30, and NIST CSF 2.0 preferred.
Our Approach to Flexible Work
Workday combines the best of both worlds: in-person time and remote. Our approach enables our teams to deepen connections, maintain a strong community, and do their best work.