Worksite flexibility
Remote
Job Summary
****Please video every candidate before sending, and ONLY send your top two people.
• End Client Name: CAI
• Location (if onsite/hybrid): Fully Remote
• Expected duration: Until end of year
• Required skills, experience, etc.- • Minimum of 5 years of Workday configuration experience, with at least 3 years focused on Workday Security administration and demonstrated experience across both Finance and HCM security domains
• Demonstrated experience redesigning Workday security models at enterprise scale, including role rationalization toward persona-based frameworks
• Deep working knowledge of Workday security constructs: domain security policies, business process security policies, security groups (user-based, role-based, aggregation, intersection), and security analysis tools
• Working knowledge of Workday HCM security domains, including Recruiting, Compensation, Time Tracking, and Absence, as well as Workday Finance security domains including spend category access and cost center-based routing
• Understanding of SOC 2 compliance requirements as they apply to Workday security, with ability to embed compliance controls throughout configuration
• Demonstrated awareness of how Workday security extends beyond the Workday tenant to support downstream consumers of Workday identity, role, and access data, including familiarity with SSO, identity provider integration, and federated access concepts
• Strong analytical and problem-solving skills with the ability to translate complex business access requirements into technical security configurations
• Excellent communication and collaboration skills with the ability to work effectively across functional teams and program stakeholders at all levels
• Highly self-motivated and able to work independently in a fully remote contract environment
• Interview process: 2 interviews with Client - 1 virtual technical interview with Recruiter, and 1 virtual with client
Job Description
Will format once I get finalized JD...
We are seeking an experienced Workday Security Developer with deep expertise in Workday HCM and Finance security to support our Workday transformation efforts spanning Finance, HR, and Reporting. This role combines deep Workday security expertise with hands-on integrations experience, recognizing the interdependency between security architecture and integration design. The developer will be responsible for evaluating the current security posture, designing a future-state role and domain framework, and ensuring that integrations are built and maintained against a clean, scalable security model. This is a contract, remote position through December 2026 with the possibility of extension.
What You’ll Do
Design, build, and test Workday security configurations across HCM and Finance domains, delivering a governed, persona-based security model
Design the Workday security model with awareness that Workday serves as the system of record for identity, role, and access data consumed by downstream boundary applications, analytics platforms, and integrated systems across the enterprise
Define how Workday roles, security groups, and worker attributes flow outward to support consistent provisioning, deprovisioning, and access governance across the broader application landscape
Lead the redesign of the Workday security model to address excessive access, role overlap, segregation of duties (SoD) gaps, and lack of clarity across business units
Design and configure user-based, role-based, and aggregation security groups aligned to the future-state operating model
Implement domain security policy and business process security policy changes, including controls aligned to SOC 2 Type 2 requirements
Configure compliance dashboards, scheduled security audit reports, and notifications to monitor Workday access, configuration changes, and data flow
Partner with Finance, HR, IT, and program stakeholders to gather security requirements, validate configurations, and communicate access design decisions clearly
Recommend security design choices that remain durable as agentic capabilities mature, including considerations for agent identities, agent permissions, human-in-the-loop approval models, and audit trails for agent-initiated actions
What You’ll Need
Required:
Minimum of 5 years of Workday configuration experience, with at least 3 years focused on Workday Security administration and demonstrated experience across both Finance and HCM security domains
Demonstrated experience redesigning Workday security models at enterprise scale, including role rationalization toward persona-based frameworks
Deep working knowledge of Workday security constructs: domain security policies, business process security policies, security groups (user-based, role-based, aggregation, intersection), and security analysis tools
Working knowledge of Workday HCM security domains, including Recruiting, Compensation, Time Tracking, and Absence, as well as Workday Finance security domains including spend category access and cost center-based routing
Understanding of SOC 2 compliance requirements as they apply to Workday security, with ability to embed compliance controls throughout configuration
Demonstrated awareness of how Workday security extends beyond the Workday tenant to support downstream consumers of Workday identity, role, and access data, including familiarity with SSO, identity provider integration, and federated access concepts
Strong analytical and problem-solving skills with the ability to translate complex business access requirements into technical security configurations
Excellent communication and collaboration skills with the ability to work effectively across functional teams and program stakeholders at all levels
Highly self-motivated and able to work independently in a fully remote contract environment
Preferred:
Workday Pro certification in Security
Workday Integration Pro or Workday Certified Integration Consultant certification
Experience supporting SOC 2 Type 2 audits or similar control environments
Familiarity with AI agent access control frameworks and how Workday security governance applies to emerging agentic use cases
Workday Pro certification in HCM Security or equivalent demonstrated expertise
Bachelor’s degree in Computer Science, Information Systems, or a related field is preferred
