Principal Cybersecurity Engineer - Enterprise Security Architect

1. Provide the best possible experience on our site
2. Collect statistics to optimize site functionality

Principal Cybersecurity Engineer - Enterprise Security Architect page is loaded

Apply remote type Flex locations USA, GA, Atlanta USA, VA, McLean USA, CO, Boulder USA, CO, Denver time type Full Time posted on Posted Yesterday time left to apply End Date: July 11, 2025 (16 days left to apply) job requisition id JR-0097827

Your work days are brighter here.

At Workday, it all began with a conversation over breakfast. When our founders met at a sunny California diner, they came up with an idea to revolutionize the enterprise software market. And when we began to rise, one thing that really set us apart was our culture. A culture which was driven by our value of putting our people first. And ever since, the happiness, development, and contribution of every Workmate is central to who we are. Our Workmates believe a healthy employee-centric, collaborative culture is the essential mix of ingredients for success in business. That’s why we look after our people, communities and the planet while still being profitable. Feel encouraged to shine, however that manifests: you don’t need to hide who you are. You can feel the energy and the passion, it's what makes us unique. Inspired to make a brighter work day for all and transform with us to the next stage of our growth journey? Bring your brightest version of you and have a brighter work day here.

At Workday, we value our candidates’ privacy and data security. Workday will never ask candidates to apply to jobs through websites that are not Workday Careers.

Please be aware of sites that may ask for you to input your data in connection with a job posting that appears to be from Workday but is not.

In addition, Workday will never ask candidates to pay a recruiting fee, or pay for consulting or coaching services, in order to apply for a job at Workday.

About the Team

Workday’s Cybersecurity & Trust organization exists to inspire confidence and trust in Workday. We safeguard the personal information of 60+ million people and the financial information of some of the largest companies in the world. Cybersecurity is woven into the fabric of Workday and is core to everything we do. We cultivate a security-first mentality and believe that moving with speed and velocity is enabled by building security into the foundation.
The Workday Information Security Organization supports Workday’s critical Business Technology team by providing security risk review and partnership into enterprise efforts around infrastructure, data & analytics, and core enterprise applications. Through this work, the team delivers security architecture assessments, technical recommendations, security tool configuration management, policy and standard support, and overall security partnership to the CIO office.

About the Role

Do you have a passion for enterprise security architecture and artificial intelligence?

Workday is seeking an experienced enterprise security architect to lead the design and innovation of secure enterprise cloud, application and AI security architectures, integrating advanced technologies to protect against evolving threats while enabling business agility and growth. This role involves collaborating with cross-functional teams to design and drive the secure architecture of cloud-based application and AI services models, addressing potential threats+mitigations, and maintaining compliance with regulatory standards where applicable. The ideal candidate will have a strong background in enterprise-focused application security, AI technologies and cloud platforms, in addition to secure architecture, security principles and cybersecurity best practices. The architect will report to the Director of Security Engineering, and maintain strong working relationships across security, Business Technology and application development leadership.

• Secure Architecture Design: Define and maintain enterprise-wide security architecture standards and blueprints across infrastructure, cloud, endpoint, application and AI layers. Ensure solutions are securely designed and aligned with business goals, regulatory requirements, and the CISO’s strategic objectives.

• Solution Reviews and Advisory: Provide expert guidance during solution design and implementation. Lead threat modeling, architecture reviews, and risk assessments as part of technical intake and governance processes.

• Cross-Functional Engagement: Serve as the security subject matter expert within project and development teams. Partner with Security, Infrastructure, Application Development, and Business Technology teams to ensure secure integration and alignment of technical requirements.

• Security Standards and Frameworks: Develop and maintain reference architectures, secure configuration standards, and solution patterns. Ensure consistency with frameworks such as NIST, FedRAMP, and GDPR.

• Cloud and SaaS Security Enablement: Lead secure design of cloud-native and SaaS platforms, including IaaS and PaaS. Collaborate with Cloud Engineering and DevOps to implement secure-by-design deployment practices.

• Innovation and Strategic Foresight: Stay ahead of evolving threats and technology trends. Contribute to the long-term security architecture roadmap by identifying opportunities to improve the organization’s security posture.

• Collaborate with DevOps teams to drive security requirements, threat modeling practices and embedded security principles, standards and architecture blueprints into CI/CD pipelines

• Recommend strategies, requirements and security best practices across applications, API, cloud platform and data security.

About You

Basic Qualifications

• 10-plus years enterprise security program experience with a combination of technical architecture and engineering roles within cybersecurity, cloud security and AI.

• Experience with Large Language Model (LLM) security including attack techniques and mitigation methods for LLMs, AI guardrails, model training risks and mitigations, general AI/ML security, data poisoning prevention, prompt injection guardrails, and privacy-preserving techniques

• Familiarity with cloud platforms (AWS, Azure, GCP) and automation tools (Terraform, Ansible, Kubernetes)

• Knowledgeable in Amazon Bedrock, OpenAI APIs, Langchain, or similar AI model platforms

• Proven use with zero trust architecture patterns, secure access controls, enterprise application security, data protection, vulnerability management, API security.

• Strong understanding of compliance standards and regulatory frameworks incl. but not limited to: NIST and FedRAMP frameworks

Other Qualifications
- Excellent communication, leadership, and collaboration skills, with the ability to mentor others and influence stakeholders at all levels, driving organizational change.
- Experience crafting and operating large scale security solutions and tackling problems through innovation
- Advanced knowledge of containerization technologies (Kubernetes, Docker) and microservices security.
- Strong understanding of DevSecOps practices and experience integrating security into development and operations processes.

- 3+ years of experience in a team lead role, overseeing cross-functional security programs and engaging with executive leadership.

Workday Pay Transparency Statement

The annualized base salary ranges for the primary location and any additional locations are listed below. Workday pay ranges vary based on work location. As a part of the total compensation package, this role may be eligible for the Workday Bonus Plan or a role-specific commission/bonus, as well as annual refresh stock grants. Recruiters can share more detail during the hiring process. Each candidate’s compensation offer will be based on multiple factors including, but not limited to, geography, experience, skills, job duties, and business need, among other things. For more information regarding Workday’s comprehensive benefits, please click here .

Primary Location: USA.GA.AtlantaPrimary Location Base Pay Range: $173,600 USD - $260,400 USDAdditional US Location(s) Base Pay Range: $164,900 USD - $288,000 USDIf performed in Colorado, the pay range for this job is $173,600 - $260,400 USD based on min and max pay range for that role if performed in CO.If performed in Colorado, the pay range for this job is $173,600 - $260,400 USD based on min and max pay range for that role if performed in CO.

The application deadline for this role is the same as the posting end date stated as below:

07/11/2025

Our Approach to Flexible Work

With Flex Work, we’re combining the best of both worlds: in-person time and remote. Our approach enables our teams to deepen connections, maintain a strong community, and do their best work. We know that flexibility can take shape in many ways, so rather than a number of required days in-office each week, we simply spend at least half (50%) of our time each quarter in the office or in the field with our customers, prospects, and partners (depending on role). This means you'll have the freedom to create a flexible schedule that caters to your business, team, and personal needs, while being intentional to make the most of time spent together. Those in our remote "home office" roles also have the opportunity to come together in our offices for important moments that matter.

Pursuant to applicable Fair Chance law, Workday will consider for employment qualified applicants with arrest and conviction records.

Workday is an Equal Opportunity Employer including individuals with disabilities and protected veterans.

Are you being referred to one of our roles? If so, ask your connection at Workday about our Employee Referral process!

Join our talent community and receive the latest Workday news, content, and be first in line for new job opportunities.

With Flex Work, we’re combining the best of both worlds: in-person time and remote. Our approach enables our teams to deepen connections, maintain a strong community, and do their best work. We know that flexibility can take shape in many ways, so rather than a number of required days in-office each week, we simply spend at least half (50%) of our time each quarter in the office or in the field with our customers, prospects, and partners (depending on role). This means you'll have the freedom to create a flexible schedule that caters to your business, team, and personal needs, while being intentional to make the most of time spent together. Those in our remote "home office" roles also have the opportunity to come together in our offices for important moments that matter.

At Workday, our employees have always been our number one Core Value. We understand that everyone has unique experiences and perspectives which is why our mission is to create a safe space where all people and ideas are welcomed. Our commitment to value inclusion, belonging, and equity (VIBE) and creating a brighter workday for all is the cornerstone of all we do. Join us!

Workday is a leading provider of enterprise cloud applications for finance and human resources. Founded in 2005, Workday delivers financial management, human capital management, and analytics applications designed for the world's largest companies, educational institutions, and government agencies. Organizations ranging from medium-sized businesses to Fortune 50 enterprises have selected Workday.

Workday is proud to be an equal opportunity workplace. Individuals seeking employment at Workday are considered without regards to age, ancestry, color, gender (including pregnancy, childbirth, or related medical conditions), gender identity or expression, genetic information, marital status, medical condition, mental or physical disability, national origin, protected family care or medical leave status, race, religion (including beliefs and practices or the absence thereof), sexual orientation, military or veteran status, or any other characteristic protected by federal, state, or local laws.

Further, pursuant to applicable local ordinances, Workday will consider for employment qualified applicants with arrest and conviction records.

We do not accept resumes from headhunters, placement agencies, or other suppliers that have not signed a formal agreement with us.

Workday is committed to providing reasonable accommodations for qualified individuals with disabilities, disabled veterans, and others during our application process. If you need assistance or an accommodation due to a disability or for religious reasons, contact us at accommodations@workday.com .

At Workday, we value our candidates’ privacy and data security. Workday will never ask candidates to apply to jobs through websites that are not Workday Careers.

Please be aware of sites that may ask for you to input your data in connection with a job posting that appears to be from Workday but is not.

In addition, Workday will never ask candidates to pay a recruiting fee, or pay for consulting or coaching services, in order to apply for a job at Workday.