Security Analyst - Workday Contract Position)

Number of Positions: 1 Duration: 10 months initial contract

Location: Mississauga, ON, CA

Must be eligible to work in Canada

Hybrid position, occasionally onsite in Mississauga ON as needed

Roles and responsibilities:

The Security analyst needs to have strong Workday experience, worked on migration from SAP TSM to Workday on the security aspects. The candidate must be hands-on and possess the skills to configure and develop security notes, demonstrating an understanding of compliance and the thought process behind security decisions. As well, must have a foundational understanding of why certain data must be restricted from the general population

The Security Analyst is responsible for designing, maintaining, and optimizing security configurations within Workday to ensure data integrity, compliance, and secure user experience. This role partners closely with HR, IT, internal audit, and cross-functional business teams to support secure operations, troubleshoot access-related issues, and drive continuous improvements in Workday security. This position also plays a key role in maintaining SOX related access controls and supporting periodic audit reviews.

Security Design & Administration

• Develop, configure, and maintain Workday security roles, domain security policies, business process security, and user-based permissions.

• Strong understanding of Workday security concepts such as domain and business process security policies, role-based and user-based security, security groups (RBAC, intersection, constrained groups), and business process routing and approvals to guide security design and configuration.

• Manage security assignments across Worker, Position, and Job Profiles, ensuring alignment with business needs and least privilege principles.

• Administer security for new modules, features, or organizational changes.

Access Management & Support

• Troubleshoot access issues and provide timely support to end users, HR operations, and system administrators.

• Conduct periodic security audits and user access reviews to ensure compliance with internal policies and regulatory standards.

• Monitor and maintain security for EIB integrations and API access tokens as needed.

• Support SOX access control requirements through regular user access reviews, documentation, and audit support activities.

Integrations Security

• Manage Workday Integration Security, including the creation, configuration, and maintenance of Integration System Users (ISUs) and Integration System Security Groups (ISSGs) to support inbound and outbound integrations.

• Maintain governance standards by documenting ISU configurations, password/token rotation procedures, and integration security mappings.

• Support Workday releases by assessing impacts to integration security, updating ISUs/ISSGs as needed, and conducting end to end testing.

Compliance & Risk Management

• Partner with internal audit and compliance teams to support audits, testing, and certification activities.

• Maintain proper documentation for security configurations, controls, and change requests.

• Stay up to date on Workday releases and recommend security-related enhancements or adjustments.

Collaboration & Continuous Improvement

• Work with HR and IT partners to understand business needs and translate them into secure design solutions.

• Participate in Workday release testing, focusing on areas impacted by security changes.

• Develop training materials and provide guidance to functional teams on Workday security standards and best practices.

Preferred Experience

• Experience with Workday integrations (EIBs, APIs, enterprise interface roles) from a security perspective.

• Exposure to global mobility processes and cross-border employee movements.

• Experience working in multi-country environments, with awareness of data protection regulations (e.g., GDPR) and Works Council requirements.

• Report creation knowledge to support business processes and operational needs.

• Demonstrated experience in knowledge sharing, documentation, and training delivery.

• Knowledge of HR operations, compliance requirements, and HR data standards.

• Workday Core HCM certification is preferred but not required.