WORKDAY SECURITY ANALYST III

At Moffitt Cancer Center, we strive to be the leader in understanding the complexity of cancer and applying these insights to contribute to the prevention and cure of cancer. Our diverse team of over 9,000 are dedicated to serving our patients and creating a workspace where every individual is recognized and appreciated. For this reason, Moffitt has been recognized on the 2023 Forbes list of America’s Best Large Employers and America’s Best Employers for Women, Computerworld magazine’s list of 100 Best Places to Work in Information Technology, DiversityInc Top Hospitals & Health Systems and continually named one of the Tampa Bay Time’s Top Workplace. Additionally, Moffitt is proud to have earned the prestigious Magnet® designation in recognition of its nursing excellence. Moffitt is a National Cancer Institute-designated Comprehensive Cancer Center based in Florida, and the leading cancer hospital in both Florida and the Southeast. We are a top 10 nationally ranked cancer center by Newsweek and have been nationally ranked by U.S. News & World Report since 1999.
Working at Moffitt is both a career and a mission: to contribute to the prevention and cure of cancer. Join our committed team and help shape the future we envision.

Summary

Workday Security Analyst III

Position Highlights:

• The Workday Security Analyst III is responsible for leading security processes, governance, and oversight across Workday and related platforms (UKG, Hyland OnBase). This role ensures that security practices align with organizational goals, regulatory requirements, audit standards, SOX and data privacy compliance controls.
• The Workday Security Analyst III serves as the primary escalation point for Workday security analysts, provides coaching and guidance, and acts as a trusted advisor to leadership on risk mitigation and security strategy.
• This role maintains a dotted-line relationship to influence and mentor analysts and to support development and performance feedback.

Responsibilities:

• Serve as a trusted advisor to leadership on security strategy, risk mitigation, and compliance.
• Contribute to technical roadmap meetings to embed security standards into new features and integrations.
• Monitor emerging threats and recommend proactive enhancements to strengthen Workday security posture.
• Provide guidance, coaching, and feedback to Security Analysts on best practices, technical approaches, and issue resolution.
• Mentor and guide Security Analysts across both Governance/Policy and Operations tracks.
• Maintain a dotted-line relationship with Security Analysts: provide input and influence performance without direct management authority.
• Define and maintain role-based access control, separation of duties, and domain/business process security.
• Design and maintain enterprise security architecture for Workday, UKG, Hyland OnBase and other supported platforms.
• Align Workday security groups with the organization’s identity access management tools (e.g., SailPoint).
• Ensure sensitive data (e.g., SSNs, compensation) is masked or restricted according to policy.
• Ensure Workday roles do not violate separation of duties.
• Collaborate with technical and business stakeholders to ensure secure system design and access controls.
• Lead security governance, role-change approvals, and SOX/privacy compliance controls.
• Develop and enforce security policies, standards, and governance frameworks.
• Oversee security audits, assessments, and readiness for internal and external compliance requirements.
• Support audit processes by providing Workday access logs, while cybersecurity performs cross-system audits.
• Ensure security practices align with organizational goals and regulatory standards.
• Lead incident response planning, investigation, and resolution for Workday-related security events.
• Manage oversight of Workday roles and assignments, while cybersecurity manages enterprise-wide roles.
• Work with cybersecurity to monitor suspicious activity within Workday.
• Serve as the primary escalation point for Workday security analysts on complex or high-risk issues.
• Lead the execution and oversight of Workday security processes, ensuring compliance with governance and audit requirements.

Credentials and Experience:

• Bachelor’s degree: field of study – Information Security, Computer Science or a related field   
• Workday Security Certification (within 9 months of hire)
• 5 years of experience in enterprise security roles, including architecture, policy, and incident management.
• Prior Workday Security experience to include minimum of 3 years hands on with progressive responsibilities.
• Proven experience designing and implementing security frameworks across cloud-based enterprise applications.