• Building strong relationships across HR, Payroll, Benefits, and IT to ensure security aligns with business needs • Acting as a trusted advisor on Workday security best practices • Partnering with stakeholders to support secure and efficient HCM processes • Configuring and maintaining Workday security roles, groups, and domain/business process security policies • Implementing role-based, user-based, intersection, and segment-based security groups • Conducting regular audits and access reviews to ensure compliance and data integrity • Responding to operational security requests and troubleshooting access issues • Validating security configurations during Workday release cycles • Maintaining comprehensive documentation of security policies and audit logs • Ensuring security supports key HCM processes such as hiring, terminations, and benefits enrollment • Aligning security with Canadian HR and payroll compliance requirements • Providing training and guidance to HR analysts and business users • Preparing clear documentation and security guidelines • Presenting recommendations and findings to stakeholders • Facilitating workshops and training sessions on security best practices • Managing deliverables and schedules independently to ensure timely completion of security tasks and audits

• Safeguarding cloud infrastructure and applications • Driving security into the technology stack • Leading security initiatives in collaboration with teams • Integrating security controls into CI/CD pipelines • Conducting threat modeling and code reviews • Managing vulnerability discovery and remediation

• Demonstrate knowledge and understanding around infrastructure security and experience in implementing business functionality. • Be hands-on, helping lead the technical direction for infrastructure security services while partnering with architecture, operations and security consultants. • Deliver end-to-end assignments with minimum guidance. • Aspire to be the technical lead for the engineering team while overseeing testing and evaluation of new security applications, functions and processes for security risks and compatibility with existing standards and controls. • Work with engineers, business programs, and other security professionals to adapt and improve our security posture in applications, infrastructure, and cloud modernization efforts. • Consider core aspects of network and asset communication requirements to streamline troubleshooting activities and implement mature network security features to the business.

• Establish and continuously improve the AppSec program’s strategy, processes, and tooling • Collaborate with engineers to integrate security best practices into design reviews, threat modeling, code reviews, and penetration testing • Participate in secure code review and penetration testing efforts • Contribute to deep-dive security reviews of our web, mobile, and API products • Mentor junior members of the AppSec team to support their professional growth