• Own technical execution across Workday HCM, Payroll, Recruiting, Prism Analytics, and Illuminate. • Translate business requirements into phased technical delivery plans. • Manage sandbox strategy, tenant lifecycle, and biannual release readiness. • Configure HCM and Recruiting modules.Build advanced reports (matrix, composite, BIRT), calculated fields, validations, and business process frameworks. • Leverage Workday Extend to design and build lightweight custom applications that enhance core workflows. • Maintain scalable security models and governance standards. • Build and maintain integrations (EIB, Studio, REST/SOAP APIs, RaaS). • Integrate with applications like ERP, identity providers, benefits carriers, and third-party systems. • Ensure secure, reusable integration frameworks with monitoring and error-handling discipline. • Implement and manage Workday Prism Analytics datasets and dashboards. • Enable Workday Illuminate capabilities and intelligent workflows. • Drive automation while maintaining audit and compliance standards. • Own Workday security architecture and least-privilege access models. • Implement enhanced logging and monitoring for sensitive data access, extracts, and downloads. • Ensure encryption in transit and at rest across integrations and reporting. • Enforce non-production data masking and scrubbing practices. • Support SOX, GDPR, and HIPAA compliance requirements.

• Engage in and improve the whole lifecycle of services—from inception and design, deployment, operation, and refinement using an agile methodology • Support services before they go live through activities such as system design consulting, developing software platforms and frameworks, capacity planning, and launch reviews • Embrace the DevSecOps culture with a commitment to automate what can be automated • Maintain services once they are live by measuring and monitoring availability, latency, and overall system health • Scale systems sustainably through mechanisms like automation; evolve systems by pushing for changes that improve reliability and velocity • Practice sustainable incident response and actively participate in retrospectives

• Design, build, and operate the corporate AI Gateway using Azure API Management (APIM). • Develop advanced governance, authentication, routing, and observability policies for generative AI workloads. • Integrate multiple AI providers, including Azure OpenAI, Azure AI Foundry, GCP Vertex AI, AWS Bedrock, and Adobe Firefly. • Implement FinOps mechanisms to control consumption, per-subscription quotas, token budgeting, and cost attribution. • Develop and maintain infrastructure as code (IaC) using Terraform/OpenTofu. • Build and evolve CI/CD pipelines with GitHub Actions using OIDC authentication. • Create centralized observability mechanisms using Application Insights, KQL, Azure Workbooks, Datadog, and CloudWatch. • Develop APIM policies for SSE streaming, request/response transformation, retry, fallback, and backend routing. • Work on platform security using Azure AD, JWT validation, WAF tuning, Front Door, and Key Vault. • Automate operations and administrative workflows using Bash, PowerShell, and Python. • Produce technical documentation, OpenAPI specs, and materials for technical and non-technical stakeholders. • Support internal teams in the secure and scalable adoption of generative AI. • Translate technical limitations and architectural decisions into clear recommendations for different audiences. • Work autonomously to identify needs, prioritize improvements, and continuously evolve the platform.

• Design and own environment-management foundations (env repos, env modules, promotion patterns) for consistent Dev/Stage/Prod provisioning. • Publish and govern Terraform modules, managing registry operations, versioning, reviews, documentation standards, and deprecation. • Administer Terraform Cloud workspaces, policies/approvals, secure variables, and run workflows for scalable delivery. • Define and enforce platform IAM standards across Azure and tooling (RBAC, managed identities, service principals), including SP→MI modernization and governance integration. • Implement secrets-binding patterns with Azure Key Vault, including access models, references, and rotation across IaC workflows. • Lead FinOps enablement: tagging/labeling, budgets/alerts, and cost/productivity KPI dashboards using Cloudability. • Administer platform tooling (GitHub, Azure DevOps, Docker Hub licensing) including governance, cost/resource optimization, and support. • Integrate platform workflows with enterprise systems such as ServiceNow CMDB and IdentityNow for auditable provisioning and access governance. • Build and operationalize VM fleet patterns (image strategy, patching/maintenance, scaling, reliability) with automation and runbooks. • Establish infrastructure guardrails (CI validation/testing, policy checks, drift detection) and drive adoption via templates and infra-testing standards. • Provide certificate lifecycle automation and CA integrations (issuance, renewal, rotation) for platform components. • Produce and maintain platform documentation, templates, release notes, and onboarding materials; run office hours and support motions to drive self-service adoption. • Drive platform feedback loops, community building, and evangelism; translate signals (NPS/surveys) into roadmap inputs. • Administer Copilot/agent enablement and MCP server catalog integrations with instructions/runbooks for safe, consistent usage.