[Remote] WORKDAY SECURITY ANALYST II
Note: The job is a remote job and is open to candidates in USA. Moffitt Cancer Center is a National Cancer Institute-designated Comprehensive Cancer Center based in Florida, dedicated to the prevention and cure of cancer. The Security Analyst II is responsible for maintaining and supporting the organization's Workday security infrastructure, focusing on operational security activities and compliance with internal policies and regulatory requirements.
Responsibilities
- Demonstrate proof of security controls during internal and external audits
- Provision and deprovision access in Workday
- Monitor segragation of duties
- Collaborate with IT and business customers on security-impacting changes
- Document change controls for security changes made
- Support Workday releases with a focus on security impacts and security regression testing
- Drive continuous improvement in security governance processes
- Educate business leaders on security policies
- Contribute to any discussions and decisions concerning enterprise application security
- Monitor emerging threats and recommend proactive security enhancements
- Proactively stay up to date on Workday releases involving security
- Champion security feature adoption where beneficial
- Develop and enforce Workday security governance policies
- Perform security audits, assessments, and readiness for internal and external compliance requirements
- Monitor system activity and ensure policy compliance
- Lead audit readiness efforts and maintain documentation
- Review security roles and access controls for adherence to policy
- Develop and maintain awareness of divisional and data security and comply with policies and procedures
- Ensure alignment of security practices with organizational goals and regulatory standards
Skills
- Bachelor's Degree: Information Security, Computer Science, Risk Management, or a related field
- Minimum of 3 years of experience in IT governance, risk, and compliance (GRC)
- Knowledge of security frameworks and regulatory compliance (e.g., SOX)
- Experience configuring, maintaining, and auditing Workday security, including domains, business processes, and security groups
- Hands-on experience with user provisioning, deprovisioning, and access management in Workday
- Experience performing security impact assessments for configuration changes and enhancements
- Managing role-based access controls and segregation of duties monitoring
- Troubleshooting SSO/SAML authentication and access issues
- Conducting security reviews, risk assessments, and remediation planning
- Experience handling security incidents, escalations, and break/fix support
- Partnering with HR, Financials and Supply Chain customers for issue resolution
- Experience monitoring integration and EIB access to ensure data security
- Building security audit reports and dashboards
- Supporting Workday releases, feature adoption, and security regression testing
- Documenting change controls, and approvals for security updates
- Partnering with stakeholders to prioritize and execute security enhancements
- Workday Security (within 9 months of hire/job change)
- 2 years of experience with Workday security and SailPoint access control
- CISSP (Certified Information System Security) or CISM (Certified Information Security Manager)
Company Overview