Compliance System Owner (US Federal)

Your work days are brighter here.

At Workday, it all began with a conversation over breakfast. When our founders met at a sunny California diner, they came up with an idea to revolutionize the enterprise software market. And when we began to rise, one thing that really set us apart was our culture. A culture which was driven by our value of putting our people first. And ever since, the happiness, development, and contribution of every Workmate is central to who we are. Our Workmates believe a healthy employee-centric, collaborative culture is the essential mix of ingredients for success in business. That’s why we look after our people, communities and the planet while still being profitable. Feel encouraged to shine, however that manifests: you don’t need to hide who you are. You can feel the energy and the passion, it's what makes us unique. Inspired to make a brighter work day for all and transform with us to the next stage of our growth journey? Bring your brightest version of you and have a brighter work day here.

At Workday, we value our candidates’ privacy and data security.  Workday will never ask candidates to apply to jobs through websites that are not Workday Careers. 

  

Please be aware of sites that may ask for you to input your data in connection with a job posting that appears to be from Workday but is not.

  

In addition, Workday will never ask candidates to pay a recruiting fee, or pay for consulting or coaching services, in order to apply for a job at Workday.

About the Team

Come join Workday! As part of the Product & Compliance team dedicated to our Government Industry Vertical within the Product & Technology Organization, you will play a crucial role in driving our growth strategy within this key market. Our mission is to accelerate the adoption and success of Workday solutions within government agencies by encouraging seamless teamwork across product development, compliance, and go-to-market teams.

The charter includes compliance with Federal security standards (e.g. Fedramp - IL2/IL4, Secret, Top Secret) in addition to ensuring coverage of Federal OPM mandates and specific requirements across Payroll, Benefits, Workforce Management, Financials required to power the Federal Government etc. The goal is to have both a near term view and a long term view of the business while monitoring evolutions in the Federal business landscape.

About the Role

Workday is seeking a highly motivated and proactive Security and Compliance Architect to join our dedicated Product & Compliance team within the Government Industry Vertical. In this crucial role, you will serve as a key partner to our product teams (HCM and Financials), expertly navigating compliance requirements (e.g. FedRAMP, IL4, IL5, Secret, Top Secret, etc.) with a deep understanding of NIST 800-53.

Key Responsibilities:

• Security Engineering: Work with engineering teams to ensure that systems are architected, implemented and operate in compliance with relevant security standards including FedRAMP/FISMA High, DoD IL-4/5, NIST 800-53 R5, ISO 27000 and others. 

• Compliance Engineering: Establish baseline engineering requirements for compliance to build secure solutions for Government Cloud environments.

• Risk & Audit Management: Establish Risk Management strategy, coordinating with external assessors and advisory firms that provide security audits and risk assessments. Supervise mitigation plans, ensuring timely remediation of risks.

• GRC Oversight: Establish and govern a common controls strategy to ensure security and compliance across Workday’s environments with relevant internal and external security frameworks.

• Collaborator Collaboration: Partner with cross-functional teams, including product security, engineering, legal, and external regulatory bodies, to align compliance initiatives with business objectives.

• Build and Maintain External Partnerships: Maintain and lead partnerships with customer US Federal Government agencies and the FedRAMP PMO, staying atop of all industry updates and changes to the program.

• Process Optimization: Drive efficiencies in compliance assessments, including the implementation of innovative ways to meet and exceed security requirements.

• Incident Response & Threat Management: Provide executive-level guidance on incident response and security forensics, ensuring alignment with compliance frameworks.

• Policy & Governance: Own the development of security policies, procedures, and reporting mechanisms to meet relevant regulatory and customer requirements

About You

You are a meticulous security leader who thrives in regulated environments and understands the intricacies of cloud compliance. You know how to communicate complex security concepts to both engineers and executives. You bring a pragmatic, risk-based approach to compliance and are passionate about building secure systems that meet the needs of public sector customers.
 

Basic Qualifications

• 10+ years of experience in cybersecurity engineering for complex enterprise systems for regulated industries

• 5+ years experience working with regulatory compliance frameworks (e.g. NIST 800-53, ISO27001, SOC, HITRUST, HIPAA, FedRAMP, DOD SRG IL4/IL5, PCI, etc.)

• US Citizenship and ability to acquire/maintain a security clearance

​

Other Qualifications

• Experience in architecting secure solutions using cloud native technologies (including CI/CD pipelines, microservices, etc.)

• Experience in building secure solutions in cloud environments (like AWS/GCP/Azure) that align with FedRAMP High requirements.

• Proven leadership experience in driving cross-functional compliance initiatives.

• Exceptional ability to communicate and influence collaborators at all levels, including senior executives.

• Experience working with the FedRAMP PMO, FedRAMP JAB, and DISA Cloud Assessment Division is a plus.

• Deep technical knowledge application architectures, design principles, common security flaws, and mitigation techniques as outlined by OWASP and SANS

• Industry certifications such as CISA, CISSP, CCSK, or equivalent are desirable.

Workday Pay Transparency Statement

The annualized base salary ranges for the primary location and any additional locations are listed below.  Workday pay ranges vary based on work location. As a part of the total compensation package, this role may be eligible for the Workday Bonus Plan or a role-specific commission/bonus, as well as annual refresh stock grants. Recruiters can share more detail during the hiring process. Each candidate’s compensation offer will be based on multiple factors including, but not limited to, geography, experience, skills, job duties, and business need, among other things. For more information regarding Workday’s comprehensive benefits, please click here.

Primary Location: USA.MD.Home Office Washington DC Metro

 

Primary Location Base Pay Range: $182,300 USD - $273,400 USD

 

Additional US Location(s) Base Pay Range: $164,900 USD - $288,000 USD

If performed in Colorado, the pay range for this job is $173,600 - $260,400 USD based on min and max pay range for that role if performed in CO.

The application deadline for this role is the same as the posting end date stated as below:
 

06/18/2025

Our Approach to Flexible Work
 

With Flex Work, we’re combining the best of both worlds: in-person time and remote. Our approach enables our teams to deepen connections, maintain a strong community, and do their best work. We know that flexibility can take shape in many ways, so rather than a number of required days in-office each week, we simply spend at least half (50%) of our time each quarter in the office or in the field with our customers, prospects, and partners (depending on role). This means you'll have the freedom to create a flexible schedule that caters to your business, team, and personal needs, while being intentional to make the most of time spent together. Those in our remote "home office" roles also have the opportunity to come together in our offices for important moments that matter.

Pursuant to applicable Fair Chance law, Workday will consider for employment qualified applicants with arrest and conviction records.

Workday is an Equal Opportunity Employer including individuals with disabilities and protected veterans.

Are you being referred to one of our roles? If so, ask your connection at Workday about our Employee Referral process!