Your work days are brighter here.

At Workday, it all began with a conversation over breakfast. When our founders met at a sunny California diner, they came up with an idea to revolutionize the enterprise software market. And when we began to rise, one thing that really set us apart was our culture. A culture which was driven by our value of putting our people first. And ever since, the happiness, development, and contribution of every Workmate is central to who we are. Our Workmates believe a healthy employee-centric, collaborative culture is the essential mix of ingredients for success in business. That’s why we look after our people, communities and the planet while still being profitable. Feel encouraged to shine, however that manifests: you don’t need to hide who you are. You can feel the energy and the passion, it's what makes us unique. Inspired to make a brighter work day for all and transform with us to the next stage of our growth journey? Bring your brightest version of you and have a brighter work day here.

At Workday, we value our candidates’ privacy and data security.  Workday will never ask candidates to apply to jobs through websites that are not Workday Careers. 

  

Please be aware of sites that may ask for you to input your data in connection with a job posting that appears to be from Workday but is not.

  

In addition, Workday will never ask candidates to pay a recruiting fee, or pay for consulting or coaching services, in order to apply for a job at Workday.

About the Team

Workday has launched Workday Government, a new wholly owned subsidiary dedicated to serving the U.S. Government. As a leading provider of enterprise cloud applications for finance and human resources, we are committed to delivering secure, compliant, and innovative solutions that meet the stringent requirements of the public sector and accelerate modernization efforts.

About the Role

This role will support one or more direct or indirect contracts with the U.S. Federal Government which, due to federal government security requirements, mandates that all Workday personnel working on the contracts be United States citizens (naturalized or native).

As the Senior Director, Security Operations Center for Workday Government, you will be a leader responsible for building, architecting, and continuously maturing a federal-compliant SOC from the ground up. Your main focus will be on ensuring our operational environments, products, and services meet and exceed the most stringent security, compliance, and resilience requirements of our federal government clients.

This role requires a hands-on leader with a deep understanding of federal cybersecurity frameworks and regulations. You will be instrumental in selecting and implementing security tools, defining secure operational playbooks, establishing robust monitoring processes, and ensuring unwavering adherence to federal reporting requirements. You will build and lead a high-performing team, fostering a culture of excellence, proactive threat hunting, and rapid incident response in highly sensitive environments.

Key Responsibilities

Lead and direct all aspects of federal-focused SOC operations, including:

SOC Architecture & Establishment:

Architect, establish, and continuously mature a federal-compliant Security Operations Center (SOC) from its foundational stages.

Lead the selection, implementation, and integration of a comprehensive suite of security tools, including SIEM, EDR/XDR, SOAR, threat intelligence platforms, and vulnerability management systems.

Develop and implement operational playbooks, standard operating procedures (SOPs), and runbooks for alert triage, incident analysis, containment, and recovery, specifically tailored for federal compliance.

Ensure the SOC capabilities are optimized for federal compliance, including offline log analysis and secure data handling procedures.

Federal Compliance & Risk Management:

Ensure all SOC operations and tools are fully compliant with relevant federal cybersecurity frameworks and regulations (e.g., FISMA, FedRAMP, NIST 800-53/800-171, and CMMC).

Establish and manage robust monitoring processes to detect and report on security events and incidents in accordance with federal mandates and service-level agreements (SLAs).

Develop and oversee the process for timely and accurate reporting of security incidents to government customers and regulatory bodies as required.

Provide support for FedRAMP authorization processes and assist in obtaining and maintaining Authority to Operate (ATO) for Workday Government offerings.

Lead and manage SOC-related audits and assessments by third-party or government agencies (e.g., GAO, DoD IG, DHS).

Cyber Defense & Incident Response (Federal Focus):

Oversee the development, implementation, and rigorous testing of federal-specific incident response and threat management plans.

Direct comprehensive threat intelligence gathering and analysis pertinent to the federal landscape, proactively identifying and mitigating emerging threats, vulnerabilities, and nation-state actor activities.

Coordinate with US-CERT, CISA, and government customers during major security incidents.

Maintain playbooks and conduct red team/blue team exercises to test and refine SOC capabilities.

Ensure that all cyber defense activities align with federal regulations, including FISMA/NIST SP 800-61.

Team & Capability Building:

Recruit, build, and lead a high-performing, dedicated federal cybersecurity team focused on SOC functions.

Provide hands-on technical guidance and expertise to the team, particularly during incident response and complex problem-solving.

Mentor and develop cybersecurity professionals, fostering an environment of continuous learning and technical excellence tailored for federal security challenges.

About You

Basic Qualifications

10+ years of progressive leadership experience in cybersecurity, with at least 5+ years in a senior leadership role managing a Security Operations Center or similar function.

Experience in architecting, building, and scaling a SOC from the ground up, with a clear focus on federal compliance.

Extensive hands-on and strategic knowledge of federal cybersecurity frameworks and regulations, including NIST SP 800-53, FISMA, and FedRAMP.

Experience obtaining and maintaining government security clearances at the TS/SCI - Counterintelligence Scope Polygraph level.

Experience designing, implementing, and operating security programs within secure network environments, including air-gapped and cross-domain solution (CDS) architectures.

Other Qualifications:

Deep technical and operational understanding of cloud security principles and best practices for highly sensitive federal data.

Proven ability to manage and lead security incident response for federal environments.

Excellent communication and interpersonal skills, with a proven ability to engage effectively with senior government officials, executives, and technical teams.

Certifications:

CISSP, CISM, or similar executive-level security certifications are highly desirable.

Relevant federal-specific certifications (e.g., FedRAMP 3PAO experience, DoD 8570/8140 compliance, CMMC Assessor) are a plus.

Desired Attributes:

Hands-On Leader: A leader who is not afraid to dive into technical details and actively contribute to problem-solving, while also guiding the team strategically.

Results-Oriented: A proven track record of delivering measurable security improvements and successful accreditation outcomes in complex federal environments.

Problem Solver: Superior analytical and critical thinking skills to address intricate security challenges and make sound, timely decisions.

Adaptable & Resilient: Thrives in a dynamic, high-stakes environment, demonstrating composure and leadership during crisis situations.

Workday Pay Transparency Statement

The annualized base salary ranges for the primary location and any additional locations are listed below.  Workday pay ranges vary based on work location. As a part of the total compensation package, this role may be eligible for the Workday Bonus Plan or a role-specific commission/bonus, as well as annual refresh stock grants. Recruiters can share more detail during the hiring process. Each candidate’s compensation offer will be based on multiple factors including, but not limited to, geography, experience, skills, job duties, and business need, among other things. For more information regarding Workday’s comprehensive benefits, please click here.

Primary Location: USA.VA.McLean (Tyson's Corner)

 

Primary Location Base Pay Range: $260,400 USD - $390,600 USD

 

Additional US Location(s) Base Pay Range: $235,600 USD - $414,000 USD

Our Approach to Flexible Work
 

With Flex Work, we’re combining the best of both worlds: in-person time and remote. Our approach enables our teams to deepen connections, maintain a strong community, and do their best work. We know that flexibility can take shape in many ways, so rather than a number of required days in-office each week, we simply spend at least half (50%) of our time each quarter in the office or in the field with our customers, prospects, and partners (depending on role). This means you'll have the freedom to create a flexible schedule that caters to your business, team, and personal needs, while being intentional to make the most of time spent together. Those in our remote "home office" roles also have the opportunity to come together in our offices for important moments that matter.

Pursuant to applicable Fair Chance law, Workday will consider for employment qualified applicants with arrest and conviction records.

Workday is an Equal Opportunity Employer including individuals with disabilities and protected veterans.

Are you being referred to one of our roles? If so, ask your connection at Workday about our Employee Referral process!