About the Role The Senior Manager, InfraSec Innovation (Engineering) leads the team that turns our infrastructure security strategy into shipped, operable controls for Workday's private and public cloud.
You'll partner with the InfraSec Product Owner on what to build and own how it gets built—coaching engineers, setting standards, and delivering secure-by-default "paved roads" that scale across regions and services.
Success looks like predictable delivery, strong SLOs, clean audit evidence, and guardrails that make the secure path the easiest path.
Responsibilities: Lead, coach, and grow a high-performing security engineering team; drive hiring, career development, and performance.
Own the delivery lifecycle for security controls (design ? build ? ship ? operationalize ? evidence) across cloud, platform, and container/K8s layers.
Serve as Agile Leader: plan increments/sprints, manage capacity, remove blockers, and ensure Definition of Ready/Done.
Build secure-by-default "paved roads" (modules, APIs, policy-as-code) that simplify adoption for platform and product teams.
Engineer for operability with InfraSec Reliability (Ops): define SLOs, on-call readiness, runbooks, dashboards, and incident playbooks.
Partner with Product Owner, Platform and Service Owners, Cybersecurity, Networking, Identity, and Compliance to prioritize highest-value outcomes and close risk.
Advance automation and quality: IaC, CI/CD, policy-as-code, telemetry/observability, and data pipelines for better signal fidelity.
Steward platforms and integrations (e.g., CNAPP/CSPM, KMS/PKI, EDR, runtime protections) including upgrades and migrations with minimal impact.
Establish reference architectures, golden patterns, and secure defaults; enforce standards through code and reviews.
Measure what matters: delivery predictability, control SLO attainment, detection coverage/quality, change failure rate, MTTM/MTTR.
About You You're an engineering-first security leader who turns strategy into shipped, operable controls.
You've built teams, paved roads, and scalable guardrails for private and public clouds (AWS, GCP, Azure) and Kubernetes platforms and you measure success with SLOs, clean audit evidence, and predictable delivery.
You're as comfortable coaching engineers and removing blockers as you are diving into Terraform, policy-as-code, or a CI/CD pipeline to keep outcomes moving.
Basic Qualifications 10+ years in cybersecurity/platform engineering with 4+ years leading engineers/tech leads; 2+ years managing other managers.
Proven track record designing, building, and operating cloud security controls at enterprise scale (AWS/Azure/GCP) and Kubernetes.
Hands-on with IaC and automation (e.g., Terraform), policy-as-code (e.g., OPA), CI/CD, and at least one language (Python or similar).
Bachelor's degree in CS, Cybersecurity, or related field; Master's or equivalent practical experience preferred.
Other Qualifications Experience leading teams that build secure-by-default "paved roads" (modules, APIs, guardrails) adopted by platform/product teams.
Depth in one or more: identity "evidence as you go" practices for audits.
Excellent communication and influence—able to align senior leadership and cross-functional teams around clear, measurable goals.
Budget/resource stewardship and an eye for continuous improvement: throughput, change failure rate, MTTM/MTTR, and signal quality.