Senior Workday Security Administrator

Overview

The Senior Workday Security Administrator plays a critical role in maintaining the integrity, confidentiality, and compliance of Dana-Farber Cancer Institute’s (DFCI) enterprise applications with a focus on Workday and UKG. This role is responsible for the design, implementation, and ongoing administration of security configurations, access controls, and audit processes across human capital, financial, and supply chain systems. The Senior Workday Security Administrator ensures user access is managed appropriately, sensitive employee data is safeguarded, and compliance requirements—including audit and regulatory standards—are consistently met. This role requires a deep understanding of Workday security administration and business processes, strong attention to detail, and a proactive approach to identifying and mitigating security risks.

This is an exciting time to join the DFCI Business Applications team as we drive critical digital transformation initiatives that power our entire organization. With cutting-edge platforms like Workday and UKG at the core, the team is shaping the future of how business processes and technology intersect. There’s a unique opportunity to influence key enterprise systems, lead innovation in automation and integrations, and collaborate across diverse teams to deliver high-impact solutions. Join us to be part of a dynamic, fast-growing environment where your expertise directly accelerates organizational success and growth.

Located in Boston and the surrounding communities, Dana-Farber Cancer Institute is a leader in life changing breakthroughs in cancer research and patient care. We are united in our mission of conquering cancer, HIV/AIDS and related diseases. We strive to create an inclusive, diverse, and equitable environment where we provide compassionate and comprehensive care to patients of all backgrounds, and design programs to promote public health particularly among high-risk and underserved populations. We conduct groundbreaking research that advances treatment, we educate tomorrow's physician/researchers, and we work with amazing partners, including other Harvard Medical School-affiliated hospitals.

Responsibilities

Security Configuration and Maintenance

• Design and configure security roles and permissions in Workday and UKG to ensure appropriate user access.
• Regularly review and update security roles based on business needs and platform updates.

User Access Management

• Oversee timely provisioning and de-provisioning of user access rights with role-based access controls (RBAC).
• Conduct regular access reviews and recertifications to maintain compliance.

Compliance and Auditing

• Perform audits of security configurations and user access to meet organizational and regulatory standards.
• Maintain audit logs and reports for internal and external review.
• Incident Response and Resolution
• Monitor systems for security incidents and investigate suspicious activities.
• Coordinate with Information Security teams to resolve incidents and document lessons learned.

Policy Development and Documentation

• Develop and maintain security policies, procedures, and guidelines for Workday and UKG.
• Create and update comprehensive documentation for security processes and protocols.

Training and User Support

• Provide training on security best practices and platform-specific security features.
• Deliver security awareness programs and assist users with security-related issues.

Collaboration and Continuous Improvement

• Partner with departments to align security configurations with business goals.
• Stay current on platform updates, security trends, and participate in community forums for ongoing skill development.

Qualifications

• Bachelor’s degree required in a relevant field.
• 5 years of Workday experience, including 3 years in a dedicated security role.
• Hands-on experience configuring Workday Security Groups, Domain/Business Process policies, and user provisioning workflows.
• Experience supporting multiple Workday modules (e.g., HCM, Finance, Payroll, Time).
• Familiarity with compliance and audit standards (e.g., SOX, HIPAA, GDPR).
• Experience with Workday Prism, Adaptive Planning, and/or Extend from a security perspective.
• Experience working in regulated industries (e.g., healthcare, higher ed, or financial services) strongly preferred.
• Workday certification a plus.

KNOWLEDGE, SKILLS, AND ABILITIES REQUIRED:

• Proficiency in configuring and managing Workday Security Groups (e.g., Role-Based, User-Based).
• Expertise in managing Domain Security Policies and Business Process Security Policies.
• Ability to perform Security Audits and User Access Reviews within Workday.
• Proficiency in Workday Report Writer and Calculated Fields.
• Experience with Security Configuration Migration using Workday Object Transporter (OOT).
• Knowledge of Segregation of Duties (SoD) principles and their implementation within Workday.
• Proficiency in Workday User Provisioning and De-Provisioning processes.
• Understanding of Workday Security Compliance requirements (e.g., GDPR, SOX).
• Strong analytical and problem-solving skills.
• Excellent communication skills for explaining complex security concepts to non-technical stakeholders.
• Detail-oriented with a proactive approach to identifying and mitigating risks.
• Ability to work independently and collaboratively.

At Dana-Farber Cancer Institute, we work every day to create an innovative, caring, and inclusive environment where every patient, family, and staff member feels they belong. As relentless as we are in our mission to reduce the burden of cancer for all, we are committed to having faculty and staff that offer multifaceted experiences. Cancer knows no boundaries and when it comes to hiring the most dedicated and diverse professionals, neither do we. If working in this kind of organization inspires you, we encourage you to apply.

Dana-Farber Cancer Institute is an equal opportunity employer and affirms the right of every qualified applicant to receive consideration for employment without regard to race, color, religion, sex, gender identity or expression, national origin, sexual orientation, genetic information, disability, age, ancestry, military service, protected veteran status, or other characteristics protected by law.