• Assist in the coordination and management of IT Security project tasks and deliverables. • Responsible, under supervision from Sr. Security team members, for entry level tasks and deliverables for Security Awareness, Security Training Management, Threat Intelligence, and Third Party Risk Management. • Support Computer-Based Training content administration and reporting on Learning Management Software. • Assist the Phishing Awareness Program by designing, launching, and assessing simulated attacks on the user population. • Collect and report metrics and evidence for auditing and reporting purposes. • Partner with technical and non-technical staff to ensure that deployed technologies are effectively and efficiently providing the intended controls consistent with established policies and procedures. • Partner with staff at all levels in the organization, vendors and contractors to ensure protections are effective, efficient and non-disruptive to the appropriate duties, rights and mission of the individuals and the organization(s). • Responsible for weekly Software Advisory meeting and secure software lifecycle management tasks. • Collaborate with Security Team to draft and review Policies, Procedures, Runbooks, and Playbooks. • Monitor and triage low severity security events with guidance from team members. • Stay abreast of industry security trends and developments; as well as, applicable government regulations. • Perform other duties as assigned.

• Respond to and resolve tickets related to information security • Support the implementation and maintenance of internal standards, procedures, and policies • Monitor and evaluate vendors from a security perspective • Contribute to compliance projects for ISO 27001 and ISO 27002 • Participate in Risk Management processes

• Execution and analysis of vulnerability scans and determining remediation steps. • Execution and analysis of Penetration Tests (manual and autonomous), writing reports, and delivery of reports to client stakeholders. • Lead client meetings, offering expert advice and guidance as needed. • Collaborate with clients to understand their business needs and requirements to best align remediation requirements to business outcomes. • Creation and ongoing upkeep of materials documenting our security processes, procedures, and technologies, along with the generation of automated reports for relevant stakeholders. • Update client Security presentations and discuss findings with our clients. • Maintain a leading edge on security events and techniques to keep our clients aware of new threats and attack techniques.

• Set up, configure, and maintain security roles, groups, and access controls to align with organizational needs and policies. • Develop, implement, and maintain security policies, procedures, and guidelines. • Maintain awareness of product roadmaps and provide input to strategy discussions by helping translate how Workday can support strategic functional objectives. • Manage authentication policies to define user login methods, including SSO, MFA, IP restrictions, and step‑up authentication, and apply security controls based on the selected login methods. • Liaison with key stakeholders to develop awareness of Workday security capabilities and constraints. • Contribute to IT architecture discussions that impact Workday or are related to security and identity management. • Work with Information Security to define incident response plans for Workday. • Troubleshoot and resolve security-related issues, such as access problems, for end-users. • Work closely with business partners, HR, Finance, IT, and other teams to translate security requirements into best practice solutions. • Create and maintain comprehensive documentation of security configurations, processes, and incident resolutions. • Troubleshoot unexpected results or process flaws and recommend solutions. • Provide internal client support, troubleshooting data access, and system issues, recommending solutions, and implementing enhancements and fixes. • Provides program management assistance on various HR and Finance initiatives, including the rollout and implementation of new and existing programs. • Ensure data integrity within Workday and assist with data audits and security role permissions cleanup. • Support internal and external audits by providing documentation and ensuring compliance with access. • Actively participate in the Workday Community to ensure awareness of current trends and innovation. • Monitor system activity for security incidents, suspicious activities, and vulnerabilities. • Respond to and investigate security incidents, coordinating with Information Security and other relevant departments to mitigate and resolve issues promptly. • Document security incidents, resolutions, and lessons learned to improve future response strategies. • Understands and communicates expectations to all members of the project team. • Establishes positive, professional relationship with staff. • Establishes proper communication channels with project and team personnel and responds appropriately to all concerns. • Ensuring that WVU meets its goals and deadlines for large IT projects and initiatives.