What you'd actually do

Design and implement next-generation network security controls, patterns, and templates across AWS, GCP, and private cloud environments.

Enhance the security of the enterprise by building scalable systems for effective continuous monitoring and enforcement of expected security posture using tools such as Terraform, GoLang, and Python.

Serve as a technical lead by driving initiatives forward and guiding team members in their development.

Evaluate production infrastructure designs to determine security requirements and conduct rigorous network security assessments.

Partner with Cybersecurity and Trust teams to develop policies, standards, and guidelines aligned with industry best practices (CIS, NIST, FedRAMP) and implement control enforcement against those standards.

Provide operational support for critical security infrastructure, including DDoS detection, WAF, and firewall controls (appliances and cloud-native) in a production environment.

Skills

Required

network security architecture and design
deploying network security controls across AWS and/or GCP
cloud-native security controls (e.g., AWS Network Firewall, WAF, GCP Cloud Armor)
scripting language (Python, Go)
automation tooling (Terraform, Ansible, or Consul)
public cloud environments (AWS, GCP)
secure network architectures
multi-cloud and hybrid infrastructure
security platforms
firewalls
web application firewall (WAF) controls
information security
application, system, and network security threats
attack techniques
mitigating controls
effective security policies
data protection regulations
security engineering
secure network architectures
encryption
authentication
intrusion detection
firewall technologies
incident response plans
security by design
risk assessment methodologies

What the JD emphasized

7+ years of progressively responsible experience in network security architecture and design

Hands-on experience deploying network security controls across AWS and/or GCP, including cloud-native security controls (e.g., AWS Network Firewall, WAF, GCP Cloud Armor)

Proficient in at least one scripting language (Python, Go) and automation tooling (Terraform, Ansible, or Consul)

Deep understanding of public cloud environments (AWS, GCP) with the ability to design, deploy, and manage secure network architectures across multi-cloud and hybrid infrastructure, ensuring consistent security posture at scale

Extensive experience with security platforms, including industry-leading firewalls and web application firewall (WAF) controls, with the ability to evaluate, implement, and operate these platforms to protect customer data environments effectively

Strong foundation in information security, including understanding of application, system, and network security threats, attack techniques, and mitigating controls, with the ability to implement effective security policies and ensure compliance with data protection regulations

Skilled in security engineering, with experience designing and implementing secure network architectures, managing encryption, authentication, intrusion detection, and firewall technologies, and developing incident response plans to address security breaches

Demonstrated commitment to security by design, with the ability to integrate security measures into the architecture of systems from the outset, including risk assessment methodologies and the des

Your work days are brighter here.

We’re obsessed with making hard work pay off, for our people, our customers, and the world around us. As a Fortune 500 company and a leading AI platform for managing people, money, and agents, we’re shaping the future of work so teams can reach their potential and focus on what matters most. The minute you join, you’ll feel it. Not just in the products we build, but in how we show up for each other. Our culture is rooted in integrity, empathy, and shared enthusiasm. We’re in this together, tackling big challenges with bold ideas and genuine care. We look for curious minds and courageous collaborators who bring sun-drenched optimism and drive. Whether you're building smarter solutions, supporting customers, or creating a space where everyone belongs, you’ll do meaningful work with Workmates who’ve got your back. In return, we’ll give you the trust to take risks, the tools to grow, the skills to develop and the support of a company invested in you for the long haul. So, if you want to inspire a brighter work day for everyone, including yourself, you’ve found a match in Workday, and we hope to be a match for you too.

About the Team

The Network Security team delivers innovative solutions to sophisticated challenges, serving as a critical component of the Workday Security organization's mission to ensure the security and safety of Workday customers, users, and their data. We design, build, and operate critical security controls for customer data environments, overcoming constantly shifting — and exciting — technical challenges to ensure trust in the Workday service. Our team is responsible for operating the systems and controls that we build, advising other Workday business units on ways to securely implement services and infrastructure, and partnering with our information security team to ensure policy compliance and address gaps. We operate data centers and cloud environments across the globe and are constantly improving our network security posture and capabilities. Over the next year, we are focused on delivering scalable network security controls such as web application firewalls for customer data environments, improving platform resilience and the consistency of security controls across the enterprise, and leveraging AI and agents to accelerate how we deliver effective solutions for all of Workday's customers. Our team is spread across the US and EU, and though we connect mostly virtually, we love sharing in each other's successes, celebrating wins, and embracing fun with informal team meetings and activities. We genuinely enjoy getting to know each other beyond our technical skills — because great work is even better when you're part of a great team.

About the Role

As a Senior Cybersecurity Engineer on the Network Security team, you will play a pivotal role in designing and delivering the security controls that protect Workday's customer data environments across AWS, GCP, and private cloud environments. You are both a builder and a leader — architecting scalable security solutions while mentoring team members and consulting with partners across the organization to ensure security is embedded into everything we do.

In this role, you will be responsible for:

Architect and Build: Design and implement next-generation network security controls, patterns, and templates across AWS, GCP, and private cloud environments.
Automate: Enhance the security of the enterprise by building scalable systems for effective continuous monitoring and enforcement of expected security posture using tools such as Terraform, GoLang, and Python.
Mentor: Serve as a technical lead by driving initiatives forward and guiding team members in their development.
Consult: Evaluate production infrastructure designs to determine security requirements and conduct rigorous network security assessments.
Collaborate: Partner with Cybersecurity and Trust teams to develop policies, standards, and guidelines aligned with industry best practices (CIS, NIST, FedRAMP) and implement control enforcement against those standards.
Operational Excellence: Provide operational support for critical security infrastructure, including DDoS detection, WAF, and firewall controls (appliances and cloud-native) in a production environment.

About You

Basic Qualifications

7+ years of progressively responsible experience in network security architecture and design
Hands-on experience deploying network security controls across AWS and/or GCP, including cloud-native security controls (e.g., AWS Network Firewall, WAF, GCP Cloud Armor)
Proficient in at least one scripting language (Python, Go) and automation tooling (Terraform, Ansible, or Consul)

Other Qualifications

Deep understanding of public cloud environments (AWS, GCP) with the ability to design, deploy, and manage secure network architectures across multi-cloud and hybrid infrastructure, ensuring consistent security posture at scale
Extensive experience with security platforms, including industry-leading firewalls and web application firewall (WAF) controls, with the ability to evaluate, implement, and operate these platforms to protect customer data environments effectively
Strong foundation in information security, including understanding of application, system, and network security threats, attack techniques, and mitigating controls, with the ability to implement effective security policies and ensure compliance with data protection regulations
Skilled in security engineering, with experience designing and implementing secure network architectures, managing encryption, authentication, intrusion detection, and firewall technologies, and developing incident response plans to address security breaches
Demonstrated commitment to security by design, with the ability to integrate security measures into the architecture of systems from the outset, including risk assessment methodologies and the design of systems that can resist, tolerate, and recover from security events
Proven ability to leverage AI and agentic capabilities to streamline processes and deliver engineering and security solutions at scale. Experience using these evolving toolsets to ensure consistency of control implementation across disparate systems is a strong differentiator.
Experience with host-based network security systems (e.g., Illumio, Calico) and large-scale data center networking
Experience supporting DDoS detection, IPS/IDS tooling, and participating in an on-call rotation for production networks
Ability to align security programs with industry standards such as CIS, NIST, and FedRAMP
Organized, thorough problem solver with the ability to build consensus among multiple partners and document complex security architectures clearly
Excellent written and verbal communication skills, with the ability to build and leverage positive relationships across the organization

Our Approach to Flexible Work

With Flex Work, we’re combining the best of both worlds: in-person time and remote. Our approach enables our teams to deepen connections, maintain a strong community, and do their best work. We know that flexibility can take shape in many ways, so rather than a number of required days in-office each week, we simply spend at least half (50%) of our time each quarter in the office or in the field with our customers, prospects, and partners (depending on role). This means you'll have the freedom to create a flexible schedule that caters to your business, team, and personal needs, while being intentional to make the most of time spent together. Those in our remote "home office" roles also have the opportunity to come together in our offices for important moments that matter.

At Workday, we are committed to providing an accessible and inclusive hiring experience where all candidates can fully demonstrate their skills. If you require assistance or an accommodation at any point, please email accommodations@workday.com.

Are you being referred to one of our roles? If so, ask your connection at Workday about our Employee Referral process!

At Workday, we value our candidates’ privacy and data security. Workday will never ask candidates to apply to jobs through websites that are not Workday Careers.

Please be aware of sites that may ask for you to input your data in connection with a job posting that appears to be from Workday but is not.

In addition, Workday will never ask candidates to pay a recruiting fee, or pay for consulting or coaching services, in order to apply for a job at Workday.