Senior Business Systems Analyst - Workday Security

JOB SUMMARY

The Workday Security Business Analyst serves as security architect and administrator for Northeastern's Workday HCM, Payroll, and Finance platforms. This role manages the complete security lifecycle including role-based access control, security group configuration, and integration security while ensuring compliance with GLBA, SOX, and university data governance policies. The analyst partners with HR, Finance, and Payroll teams to balance robust security controls with operational efficiency, leading security initiatives that protect sensitive employee and financial data across the Workday ecosystem. This position offers the opportunity to shape enterprise security strategy while working with cutting-edge cloud ERP technology in a dynamic higher education environment. The successful candidate will join a collaborative ITS team committed to protecting university data while enabling institutional excellence.

24/7 business continuity:

This role requires occasional availability outside of traditional working hours to address urgent business needs as they arise, including, but not limited to, responding to security incidents, supporting software deployments, resolving software issues or system breaks, and addressing other critical operational requirements. The ideal candidate must be proactive and adaptable, ensuring minimal disruption to business operations by promptly addressing any issues, regardless of time or day. Flexibility and a strong sense of urgency are essential for success in this position.

Other duties as required:

This role requires flexibility in performing duties outside of the primary responsibilities to support evolving business needs. The ideal candidate must be adaptable and willing to take on additional tasks or projects as required, ensuring smooth operations across the organization. This may include stepping in to assist with cross-functional teams, handling unexpected challenges, or contributing to initiatives that support business growth and success. A proactive mindset and the ability to pivot quickly are essential for thriving in this dynamic environment.

Hybrid work schedule:

This role is hybrid and in the office three days a week to facilitate collaboration and teamwork. In-office presence is an essential part of our on-campus culture and allows for engaging directly with staff and students, sharing ideas, and contributing to a dynamic work environment. Being on-site allows for stronger connections, more effective problem-solving, and enhanced team synergy, all of which are key to achieving our collective goals and driving success.

**Applicants must be authorized to work in the United States. The University is unable to work sponsor for this role, now or in the future.

MINIMUM QUALIFICATIONS

Essential Qualifications

Education: Bachelor's degree in Information Security, Information Systems, Computer Science, or related field required.

Experience:

• 3-5 years of Workday security configuration and administration experience
• Demonstrated expertise with Workday HCM, Finance, and Payroll modules
• Background in higher education ERP systems strongly preferred
• Experience with Workday Student a plus

Technical Competencies:

• Expert knowledge of Workday security components: Security Groups, Domain Security, Business Process Security, Integration System Security
• Proficiency with Workday tools: EIBs, Calculated Fields, Custom Reports, BIRT, Workday Studio
• Understanding of authentication protocols (SAML, SSO, MFA) and API security
• Experience with Workday integration security (ISUs, Core Connectors, PICOF)

Required Skills

• Strong understanding of higher education business processes (academic, HR, finance)
• Excellent troubleshooting and problem-solving abilities
• Ability to manage multiple priorities in a fast-paced environment
• Strong documentation and communication skills
• Experience with change management and ITIL processes

Preferred Qualifications

• Workday Security Certification (HCM, Financials, or Student)
• Workday Pro or Partner certification
• Additional Workday module certifications (Absence, Benefits, Recruiting, Learning)
• Experience with Workday Adaptive Planning or PRISM Analytics security
• Knowledge of Workday Extend platform security
• CISSP, CISA, or similar security certification
• Experience with other higher education ERPs (Banner, PeopleSoft, Oracle)
• Familiarity with data privacy regulations (GDPR, CCPA)

KEY RESPONSIBILITIES & ACCOUNTABILITIES

Workday Security Administration

• Configure and maintain security groups, role assignments, and domain security policies
• Manage business process security and approval chains across all Workday modules
• Administer integration system users (ISUs) and maintain integration security protocols
• Configure and test security for Workday releases (bi-annual updates) and weekly service packs
• Maintain security workbooks and role mapping documentation
• Implement segregation of duties controls and monitor for violations
• Collaborate with functional teams (HR, Finance, Payroll, Student Services) on security requirements
• Lead security configuration sessions for new implementations and modules
• Partner with Identity Management team on provisioning and deprovisioning workflows
• Support union requirements and collective bargaining agreement security needs
• Facilitate security training for security partners and super users
• Manage security requests through ServiceNow or ticketing system

Security Analysis, Optimization, and Governance

Conduct regular security audits using Workday delivered audit reports and custom reporting

• Analyze user access patterns and optimize security group assignments
• Perform security impact analysis for new functionality and business process changes
• Develop security matrices for cross-functional processes
• Monitor and remediate security exceptions and inappropriate access
• Create security dashboards for leadership visibility
• Maintain GLBA compliance for financial data
• Support SOX controls for financial reporting security
• Document security configurations for internal and external audits
• Maintain security run books and disaster recovery procedures
• Support PCI compliance for payment-related processes