Director, Government Care Management

Were obsessed with making hard work pay off, for our people, our customers, and the world around us. As a Fortune 500 company and a leading AI platform for managing people, money, and agents, were shaping the future of work so teams can reach their potential and focus on what matters most. Were in this together, tackling big challenges with bold ideas and genuine care. Whether you're building smarter solutions, supporting customers, or creating a space where everyone belongs, youll do meaningful work with Workmates whove got your back. In return, well give you the trust to take risks, the tools to grow, the skills to develop and the support of a company invested in you for the long haul. So, if you want to inspire a brighter work day for everyone, including yourself, youve found a match in Workday, and we hope to be a match for you too.
Workday has launched Workday Government, a new wholly owned subsidiary dedicated to serving the U.S. Government. As a leading provider of enterprise cloud applications for finance and human resources, we are committed to delivering secure, compliant, and innovative solutions that meet the stringent requirements of the public sector and accelerate modernization efforts.
Federal Government which, due to federal government security requirements, mandates that all Workday personnel working on the contracts be United States citizens (naturalized or native).
As the Director, Security Operations Center (SOC) Cybersecurity for Workday Government, you will be a leader responsible for building, architecting, and continuously maturing a federal-compliant SOC from the ground up. Your main focus will be on ensuring our operational environments, products, and services meet and exceed the most stringent security, compliance, and resilience requirements of our federal government clients.
This role requires a hands-on leader with a deep understanding of federal cybersecurity frameworks and regulations. You will be instrumental in selecting and implementing security tools, defining secure operational playbooks, establishing robust monitoring processes, and ensuring unwavering adherence to federal reporting requirements. Lead and direct all aspects of federal-focused SOC operations, including:
Architect, establish, and continuously mature a federal-compliant Security Operations Center (SOC) from its foundational stages.
Lead the selection, implementation, and integration of a comprehensive suite of security tools, including SIEM, EDR/XDR, SOAR, threat intelligence platforms, and vulnerability management systems.
Develop and implement operational playbooks, standard operating procedures (SOPs), and runbooks for alert triage, incident analysis, containment, and recovery, specifically tailored for federal compliance.
Ensure the SOC capabilities are optimized for federal compliance, including offline log analysis and secure data handling procedures.
Federal Compliance & Risk Management:
Ensure all SOC operations and tools are fully compliant with relevant federal cybersecurity frameworks and regulations (e.g., Establish and manage robust monitoring processes to detect and report on security events and incidents in accordance with federal mandates and service-level agreements (SLAs).
Develop and oversee the process for timely and accurate reporting of security incidents to government customers and regulatory bodies as required.
Provide support for FedRAMP authorization processes and assist in obtaining and maintaining Authority to Operate (ATO) for Workday Government offerings.
Lead and manage SOC-related audits and assessments by third-party or government agencies (e.g., Cyber Defense & Incident Response (Federal Focus):
Oversee the development, implementation, and rigorous testing of federal-specific incident response and threat management plans.
Direct comprehensive threat intelligence gathering and analysis pertinent to the federal landscape, proactively identifying and mitigating emerging threats, vulnerabilities, and nation-state actor activities.
Coordinate with US-CERT, CISA, and government customers during major security incidents.
Ensure that all cyber defense activities align with federal regulations, including FISMA/NIST SP 800-61.
Team & Capability Building:
Recruit, build, and lead a high-performing, dedicated federal cybersecurity team focused on SOC functions.
Mentor and develop cybersecurity professionals, fostering an environment of continuous learning and technical excellence tailored for federal security challenges.
10+ years of progressive leadership experience in cybersecurity, with at least 5+ years in a senior leadership role managing a Security Operations Center or similar function.
~ Experience in architecting, building, and scaling a SOC from the ground up, with a clear focus on federal compliance.
~ Extensive handson and strategic knowledge of federal cybersecurity frameworks and regulations, including NIST SP 800-53, FISMA, and FedRAMP.
~ Experience obtaining and maintaining government security clearances at the TS/SCI - Counterintelligence Scope Polygraph level.
~ Experience designing, implementing, and operating security programs within secure network environments, including airgapped and crossdomain solution (CDS) architectures.

Deep technical and operational understanding of cloud security principles and best practices for highly sensitive federal data.
Proven ability to manage and lead security incident response for federal environments.
Excellent communication and interpersonal skills, with a proven ability to engage effectively with senior government officials, executives, and technical teams.
CISSP, CISM, or similar executive-level security certifications are highly desirable.
Workday Pay Transparency Statement
Workday pay ranges vary based on work location. As a part of the total compensation package, this role may be eligible for the Workday Bonus Plan or a rolespecific commission/bonus, as well as annual refresh stock grants. For more information regarding Workdays comprehensive benefits, please click here.
Our Approach to Flexible Work
With Flex Work, were combining the best of both worlds: inperson time and remote. Our approach enables our teams to deepen connections, maintain a strong community, and do their best work. We know that flexibility can take shape in many ways, so rather than a number of required days inoffice each week, we simply spend at least half (50%) of our time each quarter in the office or in the field with our customers, prospects, and partners (depending on role). This means youll have the freedom to create a flexible schedule that caters to your business, team, and personal needs, while being intentional to make the most of time spent together. Those in our remote home office roles also have the opportunity to come together in our offices for important moments that matter.