Workday Security - Senior Hcms Analyst (Remote Opportunity For Local Candidates)

The HCMS Security Analyst plays a critical role in designing, implementing, and maintaining robust security controls in Workday and processes to protect sensitive HR information and ensure compliance with security standards and regulations. This role consults with cross functional stakeholders to determine Workday security requirements that support business goals and translates those requirements into actionable Workday solutions.
The HCMS Security Analyst is the critical link between our Workday Functional Team (Core HCM, Compensation, Talent Acquisition, etc.) Reporting & Analytic Team and the Workday Technical Team, ensuring the identification and assessment of cross-workstream Workday security impacts and is responsible for working with functional teams to ensure a security model that meets business and compliance standards.

• Design and configure security roles, permissions, and data access policies within the Workday system.
• Collaborate with stakeholders to define security roles, access controls, and permission sets, ensuring the appropriate level of data security and segregation of duties.
• Serve as a core stakeholder in the system change management process ensuring proper security for Workday changes moving to Production.

• Administer user access requests, provisioning, and deprovisioning within Workday.
• Define security groups, configure data access policies, and assign appropriate permissions to users based on their roles and responsibilities.
• Conduct periodic access reviews to ensure that user access privileges align with job responsibilities, business need, governance, and the Workday security model.
• Implement and enforce user access controls to mitigate risks related to data breaches or unauthorized system usage.

• Work closely with HR and business stakeholders to understand their access requirements and translate them into appropriate security roles within Workday.
• Ensure changes follow the appropriate change request approval and documentation process, security group updates are tested thoroughly in sandbox prior to implementing in production.

• Collaborate with internal and external auditors to facilitate security audits, provide necessary documentation, and address any identified security gaps.
• Lead the response efforts in case of security incidents within the Workday system.
• Conduct thorough investigations to determine the cause, impact, and extent of security incidents.
• Conduct risk assessments, identify potential security risks, and propose risk mitigation strategies.

• Proactively identify and address any potential compliance issues related to data access, data retention, and data sharing.
• Stay up to date with data privacy regulations, industry best practices, and internal policies to ensure Workday security configurations are aligned with legal and regulatory requirements.

• Stay updated with the latest Workday security features and enhancements. Evaluate and implement new security tools, technologies, and processes to enhance the overall security posture of the Workday system.
• Continuously monitor and assess security controls, identifying areas for improvement and implementing necessary changes.

• Provide user support and training on Workday security-related topics. Conduct training sessions and develop educational materials to raise awareness about Workday security and mitigate risks.
• Assist users with security-related issues, troubleshoot access problems, and provide guidance on security best practices.
• Maintain up-to-date documentation and knowledge base resources related to security administration.