System Owner-Boundary Compliance Owner - US Federal

About the role

The Workday Cybersecurity Governance, Risk, Compliance & Trust (cGRCT) team enables business agility while maintaining a strong security posture via intelligent The Workday's National Security Group (NSG) is responsible for all aspects of cybersecurity and compliance for Workday's US Department of Defense and Intelligence Community customer regions. The NSG Governance, Risk, Compliance (GRC) Team enables business agility while maintaining a strong security posture via intelligent risk-taking, optimized controls management, and iterative security governance. The NSG GRC team's mission is to enable and maintain Workday's National Security offerings through certification, continuous monitoring, consultation and deep stakeholder alignment. We act as a trusted advisor across Workday to help maintain and enhance our customer's trust. This role will support one or more direct or indirect contracts with the U.S. Federal Government which, due to federal government security requirements, mandates that all Workday personnel working on the contracts be United States citizens (naturalized or native). As the system owner for our federal information system, you will be responsible for the lifecycle of our information systems. This is a high-impact role that will provide cross-functional ownership, stewardship, and focus for our compliance boundaries (e.g., Fedramp Moderate, IL4, Top Secret). While individual teams will focus on their respective functions (Security Operations, GRC, Engineering) this role will span all teams and boundaries and act as a focal point for the Federal business. The boundary's scope is wide-ranging, covering security, system health, compliance risks, cost/unit economics, incident/on-call trends, and future roadmaps (e.g., AI/ML capabilities or SKUs). To effectively address these complex issues, the System Owner must engage and coordinate the appropriate cross-functional experts from Security, Engineering, Product, Finance, and GRC. You will own the long-term trajectory, risk posture, and architectural runway of your assigned boundary, ensuring it is secure, efficient, and ready for future demands.