Key skills
AWSCloudDockerKubernetesLinuxPythonRubyTCP/IPGoBashAIAgenticGoogle CloudGitHubWorkdayCommunicationOWASP
About this role
Role Overview
- Perform security assessments and scale security at Workday
- Conduct vulnerability assessments against Workday applications, services, and networks
- Develop security automation and tools
- Research new threats and execute creative exploits
Requirements
- 8+ years of progressive experience in a similar role
- 3+ yrs of experience leading PenTests in one or more areas such as public cloud infrastructure (AWS, Google Cloud), modern web applications, enterprise network assessments, API testing, AI Agentic Redteaming
- 3+ yrs of experience with one or more scripting languages for automation (python, Go, Bash, Ruby, etc.)
- Understanding of modern security best practices such as OWASP Top 10 & MITRE ATT&CK framework
- Knowledge of networking & technology fundamentals and how to attack their weaknesses (TCP/IP stack, Linux, Docker, Kubernetes, Microservice architectures)
- Must have experience with Web Proxy such as BurpSuite, Zap or others
- Have one or more industry leading certifications (OSCP, CRTE, CRTO, ARTE, CPTS, etc.)
- Have Bug Bounty submissions experience or have independent research e.g. GitHub projects
- The ability to triage findings and work on remediation plans with partner teams
- Excellent written & verbal communication skills
Tech Stack
- AWS
- Cloud
- Docker
- Kubernetes
- Linux
- Python
- Ruby
- TCP/IP
- Go
Benefits
- Workday Bonus Plan
- Role-specific commission/bonus
- Annual refresh stock grants