Apply on Employer Site

Workday · 14 hours ago

System Owner-Boundary Compliance Owner - US Federal

McLean, VA

Full-time

Hybrid

Senior Level

$139K/yr - $208K/yr

7+ years exp

Workday is a Fortune 500 company and a leading AI platform for managing people, money, and agents. They are seeking a System Owner for their federal information system, responsible for the lifecycle of information systems and compliance boundaries, ensuring security and efficiency while coordinating across multiple teams.

Artificial Intelligence (AI)Cloud ComputingEnterprise SoftwareHuman ResourcesSaaSSoftware

Comp. & Benefits

No H1B

U.S. Citizen Only

Responsibilities

Boundary Health, Risk & Cross-Functional Stewardship

Holistic Boundary Ownership: Serve as the single point of accountability for the overall health and compliance status of the assigned boundary

Risk Aggregation and Mitigation: Identify, document, and socialize systemic, long-term risks related to architecture, technical debt, and control decay within your specific boundary

System Health & Security Posture: Define and monitor long-term health metrics for the boundary, integrating data from SOC rules, Vulnerability Management, Incident Response, and Configuration Management to assess overall systemic risk

Compliance Control Assurance: Ensure all compliance controls relevant to the boundary (e.g., NIST 800-53 controls) are implemented, continuously monitored, and architecturally sustainable

Compliance Artifact Tracking: Track, prioritize and raise exceptions for the creation, maintenance, and audit readiness of all necessary compliance artifacts for the assigned boundary (e.g., System Security Plan (SSP), POA&Ms, Control Implementation Details)

Future-Proofing & Strategic Planning

AI and New SKU Readiness: Proactively assess the impact of Artificial Intelligence (AI) features, machine learning models, and new Product SKUs coming into the environment. Define the necessary architectural modifications and compliance controls to safely and securely integrate these future capabilities into the boundary

Vulnerability Trajectory Ownership: Own the strategic direction for reducing the long-term vulnerability surface area within the boundary, guiding functional teams on architectural dependencies and risk prioritization unique to your system

Cloud Cost Efficiency: Collaborate with the Engineering team to analyze and optimize cloud infrastructure costs within the boundary, ensuring security requirements are met in the most fiscally responsible manner

Core Workday Product and Technology: Interface with core Workday engineering and product teams as well as Security teams to ensure base product capabilities are designed to be compliant and deployable within your restricted government environment

Qualification

Security EngineeringU.S. Government complianceCloud architectureAI/ML integrationCommunication skills

Required

7+ years of experience in Security Engineering, Security Architecture, or a Compliance-focused role within a cloud or SaaS environment

5+ years of direct experience with U.S. Government compliance frameworks such as FedRAMP (Moderate/High), DoD IL4/IL5/IL6, NIST RMF, or ICD-503

Proven ability to own and drive large-scale, multi-year architectural and security roadmaps for a single, complex system

Deep understanding of cloud architecture AWS, Azure, GCP and how security controls are implemented at scale

Experience integrating future technologies (e.g., AI/ML systems) into regulated, high-security environments

Excellent communication skills with the ability to articulate complex, multi-faceted technical risk across all domains (architecture, operations, cost) to executive leadership