The HCMS Security Analyst is the critical link between our Workday Functional Team (Core HCM, Compensation, Talent Acquisition, etc.) Reporting & Analytic Team and the Workday Technical Team, ensuring the identification and assessment of cross-workstream Workday security impacts and is responsible for working with functional teams to ensure a security model that meets business and compliance standards.
- Design and configure security roles, permissions, and data access policies within the Workday system.
- Collaborate with stakeholders to define security roles, access controls, and permission sets, ensuring the appropriate level of data security and segregation of duties.
- Serve as a core stakeholder in the system change management process ensuring proper security for Workday changes moving to Production.
- Administer user access requests, provisioning, and deprovisioning within Workday.
- Define security groups, configure data access policies, and assign appropriate permissions to users based on their roles and responsibilities.
- Conduct periodic access reviews to ensure that user access privileges align with job responsibilities, business need, governance, and the Workday security model.
- Implement and enforce user access controls to mitigate risks related to data breaches or unauthorized system usage.
- Work closely with HR and business stakeholders to understand their access requirements and translate them into appropriate security roles within Workday.
- Ensure changes follow the appropriate change request approval and documentation process, security group updates are tested thoroughly in sandbox prior to implementing in production.
- Collaborate with internal and external auditors to facilitate security audits, provide necessary documentation, and address any identified security gaps.
- Lead the response efforts in case of security incidents within the Workday system.
- Conduct thorough investigations to determine the cause, impact, and extent of security incidents.
- Conduct risk assessments, identify potential security risks, and propose risk mitigation strategies.
- Proactively identify and address any potential compliance issues related to data access, data retention, and data sharing.
- Stay up to date with data privacy regulations, industry best practices, and internal policies to ensure Workday security configurations are aligned with legal and regulatory requirements.
- Stay updated with the latest Workday security features and enhancements. Evaluate and implement new security tools, technologies, and processes to enhance the overall security posture of the Workday system.
- Continuously monitor and assess security controls, identifying areas for improvement and implementing necessary changes.
- Provide user support and training on Workday security-related topics. Conduct training sessions and develop educational materials to raise awareness about Workday security and mitigate risks.
- Assist users with security-related issues, troubleshoot access problems, and provide guidance on security best practices.
- Maintain up-to-date documentation and knowledge base resources related to security administration.
Proficiency in analyzing and documenting complex business requirements and translating them into Workday security configurations.
Experience with security audits, risk assessments, and compliance monitoring.
Experience with software testing methodology and data validation.
Excellent analytical and problem-solving skills, with the ability to identify and address security risks and vulnerabilities.
Strong presentation skills with the ability to provide, in non-technical, end-user-friendly terms, ideas and solutions for system-related recommendations.
Ability to work independently, manage multiple priorities, and meet deadlines in a fast-paced environment.