Cybersecurity Engineer
Indexed description
About The Team
The Network Security team delivers innovative solutions to sophisticated challenges, serving as a critical component of the Workday Cybersecurity and Trust organization's mission to ensure the security and safety of Workday customers, users, and their data. We design, build, and operate critical security controls for customer data environments, overcoming constantly shifting — and exciting — technical challenges to ensure trust in the Workday service.
Our team is responsible for operating the systems and controls that we build, advising other Workday business units on ways to securely implement services and infrastructure, and partnering with our information security team to ensure policy compliance and address gaps. We operate data centers and cloud environments across the globe and are constantly improving our network security posture and capabilities.
Over the next year, we are focused on delivering scalable network security controls such as web application firewalls for customer data environments, improving platform resilience and the consistency of security controls across the enterprise, and leveraging AI and agents to accelerate how we deliver effective solutions for all of Workday's customers.
Our team is spread across the US and EU, and though we connect mostly virtually, we love sharing in each other's successes, celebrating wins, and embracing fun with informal team meetings and activities. We genuinely enjoy getting to know each other beyond our technical skills — because great work is even better when you're part of a great team.
About The Role
As a Cybersecurity Engineer on the Network Security team, you will help design, implement, and operate the network security controls that protect Workday's customer data environments across AWS, GCP, and private cloud. You will contribute to the engineering of scalable security solutions, help automate controls, and partner with senior engineers to strengthen our security posture across a global, multi-cloud footprint.
You will grow your expertise in cloud-native security controls, network security tooling, and automation while collaborating closely with partners across Cybersecurity, Infrastructure, and Product and Technology.
In this role, you will be responsible for:
- Design and Implementation: Contribute to the design and implementation of network security controls, patterns, and templates across AWS, GCP, and private cloud under the guidance of senior engineers.
- Automation and Tooling: Build and enhance scripts and automation (e.g., Terraform, Python, Go) to support continuous monitoring and enforcement of expected network security posture at scale. Leverage agentic and AI/ML build capabilities to streamline processes, prevent errors, and enhance troubleshooting capabilities.
- Security Assessment: Participate in reviews of production infrastructure designs, helping identify network security requirements and risks, and assist in performing network security assessments.
- Collaboration and Standards: Partner with Cybersecurity and Trust teams to implement policies, standards, and guidelines aligned with industry best practices (e.g., CIS, NIST, FedRAMP), and help drive consistent control enforcement against those standards.
- Operational Support: Help operate and maintain critical security infrastructure, including DDoS detection, WAF, and firewall controls (appliances and cloud-native) in production environments, including participating in an on-call rotation as needed.
- Continuous Improvement: Contribute to efforts that improve platform resilience, increase consistency of controls across environments, and leverage AI and agentic capabilities to streamline security operations.
- 5+ years of experience in network security engineering, network security operations, or closely related cybersecurity roles
- Hands-on experience deploying or operating network security controls in AWS and/or GCP, including one or more cloud-native security controls (e.g., AWS Network Firewall, WAF, GCP Cloud Armor)
- Proficiency in at least one scripting or programming language (such as Python or Go) and experience with infrastructure-as-code or automation tooling (such as Terraform, Ansible, or Consul)
- Working knowledge of public cloud environments (AWS and/or GCP), including core networking concepts (VPCs, subnets, security groups, routing, load balancing) and an ability to apply security best practices to cloud network designs with guidance from senior engineers.
- Experience working with security platforms such as firewalls and web application firewalls (WAF), including configuring rules or policies, reviewing logs, and helping troubleshoot security or availability issues in partnership with more senior team members.
- Solid foundation in information security, including familiarity with common application, system, and network security threats, attack techniques, and standard mitigating controls, and an interest in deepening knowledge of security policies and regulatory expectations.
- Hands-on security engineering experience implementing secure network patterns, integrating security controls into infrastructure and pipelines, and contributing to incident investigation and remediation activities.
- Mindset aligned with security by design, including incorporating security needs into design discussions, assisting with risk assessments, and helping ensure that systems are built and maintained with resilience and recovery in mind.
- Practical experience using AI-assisted tools (for example, code assistants, security copilots, or agents) and automation (e.g., Python, Go, Terraform, or similar) to streamline investigations, reduce repetitive work, and improve the consistency of control implementation and troubleshooting.
- Experience supporting DDoS detection, IPS/IDS, or similar detection platforms, including participating in incident triage, tuning rules or signatures, and on-call support with direction from senior engineers.
- Exposure to security standards and frameworks such as CIS, NIST, or FedRAMP, and the ability to help map day-to-day engineering tasks to these guidelines under the guidance of more experienced teammates.
- Organized, methodical troubleshooter who documents steps taken, contributes to team runbooks and playbooks, and seeks to turn one-time fixes into repeatable solutions.
- Strong written and verbal communication skills, with the ability to collaborate effectively on a distributed team and build positive working relationships across engineering, operations, and security partners. This includes the ability to communicate effectively asynchronously across different time zones.
Primary Location Base Pay Range: €70,200 EUR - €105,400 EUR Ireland
Our Approach to Flexible Work
With Flex Work, we’re combining the best of both worlds: in-person time and remote. Our approach enables our teams to deepen connections, maintain a strong community, and do their best work. We know that flexibility can take shape in many ways, so rather than a number of required days in-office each week, we simply spend at least half (50%) of our time each quarter in the office or in the field with our customers, prospects, and partners (depending on role). This means you'll have the freedom to create a flexible schedule that caters to your business, team, and personal needs, while being intentional to make the most of time spent together. Those in our remote "home office" roles also have the opportunity to come together in our offices for important moments that matter.
Pursuant to applicable Fair Chance law, Workday will consider for employment qualified applicants with arrest and conviction records.
Workday is an Equal Opportunity Employer including individuals with disabilities and protected veterans.
At Workday, we are committed to providing an accessible and inclusive hiring experience where all candidates can fully demonstrate their skills. If you require assistance or an accommodation at any point, please email [email protected].
Are you being referred to one of our roles? If so, ask your connection at Workday about our Employee Referral process!
At Workday, we value our candidates’ privacy and data security. Workday will never ask candidates to apply to jobs through websites that are not Workday Careers.
Please be aware of sites that may ask for you to input your data in connection with a job posting that appears to be from Workday but is not.
In addition, Workday will never ask candidates to pay a recruiting fee, or pay for consulting or coaching services, in order to apply for a job at Workday.
,
Create a free Caio profile to unlock more results and save your role and location preferences.
Unlock free search