|Preferred GIAC Certifications||GCIH|
Do what you love. Love what you do.
At Workday, we help the world’s largest organizations adapt to what’s next by bringing finance, HR, and planning into a single enterprise cloud. We work hard, and we’re serious about what we do. But we like to have fun, too. We put people first, celebrate diversity, drive innovation, and do good in the communities where we live and work.
About the team
Workday is looking for an experienced security professional to join the Security Operations Center team. This is an opportunity to contribute to a highly visible security operations function that is the first line of defense for Workday. This is a technical role with the understanding that you are already conversant in incident handling, security automation, system security, network security, and incident response.
We are looking for a problem solver with a taste for complex challenges who can devise practical, innovative and effective solutions using the most appropriate languages, tools and hardware. You will assist in the effort of finding known and unknown threats and understanding new adversary TTPs (Tactics, Techniques and Procedures).
Your training and development budget will include at least one major off-site training course annually (SANS etc), at least one major security conference (Blackhat, Defcon, RSA etc) as well as local conferences and events.
You'll be encouraged to keep your skills up to date with other events such as internal red/blue team events, hackathons, membership of various groups and societies. You'll be provided a budget to grow a reference library for yourself and your team, and a lab to run proof of concept projects in.
About the role
Support the SOC in understanding incidents targeting Workday.
Improve threat detection using network or system capabilities.
Drive security monitoring efforts.
Perform gap analyses to identify where extra tooling and automation can extend the coverage of the SOC monitoring.
Build automation solutions around open-source and proprietary tools.
Evaluate new tools and techniques to create innovative and practical security solutions.
Help drive team development by mentoring new and existing staff.
3+ years of experience in a similar technical security role.
BS Degree in Computer Science (or equivalent).
Mature approach to supporting a 24/7 SOC in a follow-the-sun model.
Experience with cloud security concepts, solutions, and automation.
Demonstrated knowledge of Information Security attack methods and techniques.
Python, Ruby and other scripting languages is essential, as is a strong understanding of Linux/OSX and Windows.
Deep understanding of network and application security threats, attack techniques, and mitigation options and network related protocols (e.g. TCP/IP, IPSEC, routing protocols, etc.).
Relevant Security, Systems, and Networking certifications a plus.