Workday Security Senior Manager

Role Overview
The Workday Security Lead/Senior Manager is responsible for driving the design, governance, and continuous enhancement of the Workday security framework across the enterprise. This role ensures secure, scalable, and compliant access to sensitive data by partnering with HR, Finance, IT, and Compliance teams, while proactively managing risk and strengthening the overall security posture of the Fortrea Workday platform.

Responsibilities

Security Architecture & Governance

• Design, configure, and maintain scalable Workday security architecture, including role-based, user-based, and intersection security groups.
• Define and enforce governance standards for Workday security configuration and ongoing maintenance.
• Continuously evaluate and optimize security models to align with organizational and regulatory requirements.

Access Control Management

• Manage and administer domain security policies, business process security policies, and proxy access.
• Implement and maintain segmented and least-privilege access models across Workday modules.
• Ensure role assignments are aligned with job responsibilities and organizational hierarchy.

Compliance & Audit Leadership

• Partner with GRC, Legal, and Audit teams to ensure adherence to regulatory frameworks (e.g., SOX, GDPR).
• Lead and execute User Access Reviews (UARs), ensuring timely remediation of identified issues.
• Support internal and external audits by providing documentation, audit evidence, and remediation plans.
• Implement and maintain Segregation of Duties (SoD) controls and monitoring processes.

Integration Security

• Configure and review security for inbound and outbound Workday integrations.
• Ensure secure authentication and authorization mechanisms for integrations (e.g., API users, ISUs, certificates).
• Partner with integration teams to enforce secure data exchange standards.

Incident Management

• Investigate, troubleshoot, and resolve Workday security-related incidents and access issues.
• Document root causes, remediation steps, and preventive controls.
• Drive continuous improvement of security processes and incident response practices.

Stakeholder Enablement

• Collaborate with HR, Payroll, Finance, and IT teams to gather security and reporting requirements.
• Build and support Workday security reports and dashboards.
• Provide guidance on least-privilege access design and security best practices.
• Act as a trusted advisor for security-related decisions and escalations.

Qualifications

Required Qualifications

• Bachelor’s degree in computer science, Information Security, or a related field.
• 8+ years of hands-on experience in Workday security design and configuration.
• Strong understanding of Workday security frameworks, including:
  • Security groups
  • Domain and business process policies
  • Calculated fields and security reporting
• Proven experience working with SOX controls and Segregation of Duties (SoD) frameworks.
• Familiarity with global data privacy regulations such as GDPR.
• Workday Pro Certification (Security).

Preferred Qualifications

• Experience supporting multiple Workday modules in a global enterprise environment.
• Prior involvement in audit cycles and compliance programs.
• Knowledge of integration security and identity/access management concepts.
• Experience in life sciences, healthcare, or other regulated industries.
• Prior participation in post‑implementation stabilization, optimization, or audit remediation.
• Familiarity with identity governance, access recertification, or data governance frameworks.

Core Competencies

• Security & Compliance Mindset – Prioritizes data protection and regulatory adherence.
• Collaboration – Builds strong partnerships across technical and business teams.
• Analytical Thinking – Solves complex access and security challenges effectively.
• Ownership – Drives accountability for secure and compliant system operations.
• Communication – Clearly articulates security concepts to diverse audiences.

Physical Demands / Work Environment:

• Work is performed in an office environment with exposure to electrical office equipment.
• Occasional drives to site locations with occasional travel both domestic and international.
• Frequently stationary for 6-8 hours per day.
• Repetitive hand movement of both hands with the ability to make fast, simple, repeated movements of the fingers, hands, and wrists.
• Occasional crouching, stooping, with frequent bending and twisting of upper body and neck.
• Ability to access and use a variety of computer software developed both in-house and off-the-shelf.
• Light to moderate lifting and carrying, or moving of objects, including luggage and laptop computer with a maximum lift of 15-20 lbs.
• Regular and consistent attendance.
• Varied hours may be required.

Impact

This role plays a critical part in safeguarding enterprise data by ensuring secure, compliant, and efficient access to Fortrea Workday systems, enabling business operations while minimizing risk.

Learn more about our EEO & Accommodations request here.