Senior Associate Cybersecurity Engineer

Your work days are brighter here.

We’re obsessed with making hard work pay off, for our people, our customers, and the world around us. As a Fortune 500 company and a leading AI platform for managing people, money, and agents, we’re shaping the future of work so teams can reach their potential and focus on what matters most. The minute you join, you’ll feel it. Not just in the products we build, but in how we show up for each other. Our culture is rooted in integrity, empathy, and shared enthusiasm. We’re in this together, tackling big challenges with bold ideas and genuine care. We look for curious minds and courageous collaborators who bring sun-drenched optimism and drive. Whether you're building smarter solutions, supporting customers, or creating a space where everyone belongs, you’ll do meaningful work with Workmates who’ve got your back. In return, we’ll give you the trust to take risks, the tools to grow, the skills to develop and the support of a company invested in you for the long haul. So, if you want to inspire a brighter work day for everyone, including yourself, you’ve found a match in Workday, and we hope to be a match for you too.

About the Team

In support of the phenomenal growth in the number of Workday customers and Workmates, we are growing our cybersecurity response program to continue to deliver world class capabilities. Our team is building the Security Center of the future to further our customer’s confidence in our platform. This means we are continually innovating our investigative capabilities in the areas of incident response, digital forensics (DFIR), threat hunting, and security automation. We respond quickly, efficiently and regain control by minimizing the threat of damage caused by malicious activities. We are a highly visible global security function that collaborates closely with multiple Workday teams. We work hard and push each other to constantly improve, but in an environment that is fun and considered the best company to work for.

About the Role

About The Role

Workday is looking for a passionate and experienced security professional to join our SIRT. This is an opportunity to contribute to a highly visible team involved in all major cybersecurity events, where your skills and experience will be used to inspire confidence and trust in Workday.

This is a highly technical role with the understanding that you are already conversant in incident response, security automation, system security, network security, and threat hunting. This role will push you to understand the inner workings of our SaaS platform and couple that with traditional security practices on premise. We have resources in every cloud, including our own.

You will engage in the following activities:

• Experience responding to operational queue work as part of a follow-the-sun model
• Lead cyber security incident response and investigation efforts. This includes digital forensics and cloud security events
• Improve threat detection capability by performing gap analyses and remediation
• Identify where we can apply AI/LLM tech to extend the coverage, quality and speed of the security monitoring and response capabilities
• Collaborate with incident responders, threat hunters, and other internal teams to understand their AI/LLM needs, gather requirements, and deliver effective engineering solutions to support the work of the SIRT.
• Actively participate in incident response activities, including digital forensic investigations and security event analysis, leveraging and enhancing security tools to support these efforts.
• Contribute to the team's technical growth by mentoring colleagues on AI/LLM best practices, tooling, scripting and processes.

About You

Basic Qualifications

• Bachelor’s Degree in Computer Science, Data Science, Cybersecurity, or a related STEM field, or equivalent demonstrable practical experience and engineering excellence.
• 3+ years of hands-on experience in a security engineering, data science, or security operations role with a strong focus on applying AI and machine learning to security challenges.

Other Qualifications

• Ability to drive multiple projects and priorities while managing operational responsibilities
• Demonstrated knowledge of adversary TTPs (Tactics, Techniques and Procedures)
• Deep understanding of network and application security threats, attack techniques, and mitigation options and network related protocols (e.g. TCP/IP, IPSEC, routing protocols, etc.)
• Python, Ruby and other scripting languages is essential, as is a strong understanding of Linux/OSX and Windows
• Understanding of how AI can be applied to threat detection, incident analysis, and response, including knowledge of common attack vectors (MITRE ATT&CK Framework).
• Experience with prompt engineering, fine-tuning large language models (LLMs) for security-specific tasks, and understanding the security risks associated with LLMs (e.g., prompt injection, data poisoning).
• Experience participating in incident response processes where AI/ML tools were used to accelerate investigation, analysis, and containment.
• Excellent verbal and written communication skills
• Experience in some or all of the following:
  • Experience with cloud security concepts, solutions, and automation
  • Experience in incident response and incident management
  • Experience with threat hunting techniques
  • Experience with SIEM and SOAR security technologies and solutions
  • Experience in performing digital forensics and securely acquiring data from various sources

Our Approach to Flexible Work

With Flex Work, we’re combining the best of both worlds: in-person time and remote. Our approach enables our teams to deepen connections, maintain a strong community, and do their best work. We know that flexibility can take shape in many ways, so rather than a number of required days in-office each week, we simply spend at least half (50%) of our time each quarter in the office or in the field with our customers, prospects, and partners (depending on role). This means you'll have the freedom to create a flexible schedule that caters to your business, team, and personal needs, while being intentional to make the most of time spent together. Those in our remote "home office" roles also have the opportunity to come together in our offices for important moments that matter.

Are you being referred to one of our roles? If so, ask your connection at Workday about our Employee Referral process!

At Workday, we value our candidates’ privacy and data security.  Workday will never ask candidates to apply to jobs through websites that are not Workday Careers.

Please be aware of sites that may ask for you to input your data in connection with a job posting that appears to be from Workday but is not.

In addition, Workday will never ask candidates to pay a recruiting fee, or pay for consulting or coaching services, in order to apply for a job at Workday.