Apply on Employer Site

Workday · 7 months ago

Senior Cybersecurity Engineer - Network Security and Network Fundamentals

USA, VA, McLean

Full-time

Hybrid

Senior Level

$161K/yr - $242K/yr

7+ years exp

Workday is a leading AI platform for managing people, money, and agents, and they are seeking a Senior Cybersecurity Engineer with a strong network security background. The role involves designing and implementing security controls, developing automation, and collaborating with internal teams to enhance network security for U.S. Federal government contracts.

Artificial Intelligence (AI)Cloud ComputingEnterprise SoftwareHuman ResourcesSaaSSoftware

Comp. & Benefits

No H1B

U.S. Citizen Only

Responsibilities

Designing and implementing systems and security controls in production environments

Developing automation for deployment and validation tasks

Partnering with internal customers to drive projects forward

Researching new technologies and opportunities for improving how we operate

Qualification

Network designNetwork securityCloud securityTerraformWeb application firewallDDoS detectionRouting protocolsNetwork hardeningSecurity frameworksCollaborationCommunicationDocumentationProblem-solving

Required

7+ years of direct, technical experience related to network design in LAN/WAN, SDN, and cloud connected infrastructure along with network security, platform, or infrastructure security

2+ years crafting, deploying, and operating web application firewall controls (WAF)

Operational experience supporting DDoS detection, WAF, and IPS in a production environment

Expertise with Terraform, Go Lang or Python, Kubernetes operators and familiarity with using these and/or other tools to deliver consistent, scalable security solutions

Experience deploying infrastructure components, and application and network security systems in AWS and GCP

Extensive experience designing, implementing, and managing enterprise-scale networks (LAN/WAN, SDN, and cloud-connected infrastructures)

Deep knowledge of network security principles including firewalls, IDS/IPS, VPNs, NAC, and zero-trust architectures

Proficient with routing and switching protocols (BGP, OSPF, EIGRP), VLANs, load balancing, and high-availability design

Skilled in network hardening and threat mitigation, including vulnerability management, segmentation, and policy enforcement

Hands-on experience with security frameworks and compliance (NIST 800-53, ISO 27001, FedRAMP, DoD IL4/IL5)

Hands-on experience of the DoD's Boundary Cloud Access Point (BCAP) and onboarding SaaS and/or CSP technologies to the BCAP through authorized networking architectures and implementations

Proven understanding of public cloud network security concepts and hands-on experience documenting and implementing security controls of the same

Understanding of application, system, and security threats, attack techniques and mitigating controls in public cloud and containerized environments

Demonstrated experience designing, implementing, and maintaining network security