Workday Security Specialist

Staff - Non Union

Job Category
M&P - AAPS

Job Profile
AAPS Salaried - Information Systems and Technology, Level D

Job Title
Workday Security Specialist

Department
Delivery | Application Sustainment | Integrated Service Centre | Finance and Operational Excellence | VP Finance and Operations

Compensation Range
$8,063.17 - $12,575.08 CAD Monthly

The Compensation Range is the span between the minimum and maximum base salary for a position. The midpoint of the range is approximately halfway between the minimum and the maximum and represents an employee that possesses full job knowledge, qualifications and experience for the position. In the normal course, employees will be hired, transferred or promoted between the minimum and midpoint of the salary range for a job.

Posting End Date
January 19, 2024

Note: Applications will be accepted until 11:59 PM on the day prior to the Posting End Date above.

Job End Date

Oct 15, 2024

At UBC, we believe that attracting and sustaining a diverse workforce is key to the successful pursuit of excellence in research, innovation, and learning for all faculty, staff and students. Our commitment to employment equity helps achieve inclusion and fairness, brings rich diversity to UBC as a workplace, and creates the necessary conditions for a rewarding career. 

Job Summary
The University of British Columbia ("UBC") is a global centre for teaching, learning and research, consistently ranked among the top 20 public universities in the world and recently recognized as North America's most international university. UBC is a diverse environment, with almost every industry vertical represented from healthcare, education, food and beverage, legal, media, real estate, etc. and with more than 70,000 members of the community UBC's service providers need to be able to meet a variety of stakeholder needs with both robust and mature operational capabilities combined with the agility and innovation required to meet the ambitious objectives laid out in its new Strategic Plan: Shaping UBC's Next Century.
The Integrated Service Centre ("ISC") is a newly formed unit within UBC that will align practices and processes from Human Resource, Financial Operations, Comptroller's Office, Student Services, and Information Technology.   In supporting UBC's transition to an enterprise Workday Enterprise Resource Planning ("ERP") Cloud-based system, the ISC will provide a single, integrated service that will initially include Financial and Human Capital management services and later expand to include Student and Enterprise Planning.  The ISC will seek to continuously improve and adapt to future needs and requirements of UBC while providing a simple, intuitive, consistent user experience for UBC students, staff, faculty, and community partners.
The Security Specialist is responsible for managing, overseeing and provisioning access for the ISC product, this includes assessing access and security requirements in reference to specific requests and employing client service skills to determine provisions, or alternate options to meet the business needs.  The Incumbent translates access requirements into specifications and implements security standards in alignment with the UBC Chief Information Security Office ("CISO").
Organizational Status
The Security Specialist reports to the Delivery Manager and works closely with application teams, systems and network architecture teams, project managers, and managers of functional areas within the greater Administrative Systems portfolio, as well as with cross functional teams and individuals from across UBC, and external stakeholders and vendors.
Work Performed

1. Leads and manages Security & Access Management within ISC:
- Provides strategic security and access administration oversight, expertise, and support for the ISC' the Incumbent will create and maintain governance documentation and education as it pertains to access provisioning and security standards.
- Acts as a champion of the Workday User Access framework and facilitates access approval in the request/change process including assessment of impacts and coordinating with groups for approval and to expedite.
- Executes the administration of Workday security changes ensuring controls are applied for auditing and reporting.
- Manages security and access protocols in tenant environment, in preparation of build, refresh, and promotion to production.
- Analyzes security implications for new functional features included in bi-annual releases and general UBC enhancements; provides recommendations and risk mitigation reports for senior leadership.
- Proactively monitors security logs and reports, leads security audits, and responds to privacy and access security events/incidents;
2. Security Access Assessment & Management
- Works with governance groups including HR/FIN/Student Functions, IEC, EDBI, AEP, Cybersecurity and Risk Management on Workday security requirements (implementation and operations), providing subject matter expertise to implementation reviews/approvals.
- In support of day to day access and operations, partners with various teams, working groups, and committees on a regular basis, including: CAB (Change Advisory Board), Functional Analysts in defining security monitoring and reporting, security access working group, IAM/Cybersecurity team on other security access outside of the Workday application such as network, desktop, etc.
- Acts as the Tier 2 contact in ISC for access incidents and security related inquiries and as a liaison between Workday and Cybersecurity during critical incident response.
- Regularly reviews SOC reports from Workday and all regular security advisory published by Workday.

3. Leads Security Access Planning and Design
- Represent the ISC as part of the enterprise Data Security & Roles Committee chaired by the UBC Chief Data Officer and Director, Risk Services.
- Manages Privacy and Information Security Management (PrISM)-SRS risks and controls around access and third-party access control procedures; conducts security access validation and testing; executes on security access impact assessment for new releases, enhancements and other projects.
- Partners with PrISM and IAM teams to review enhancement opportunities for security controls and improvements; maturing the capability
- Facilitates regular recertification reviews of security roles with functional groups. Applies change control process to make applicable changes.
- Provides input to Privacy and information security training for ISC Executes on access management and security needs for the application over its lifecycle.
- Assesses and establishes approved user access requests; responsible for role creation and assignment; manages and administers product security, ensuring appropriate user access, based on approved security guidelines.
- Manages the ISC product employee and affiliate account lifecycle, privilege account management/lifecycle, HCM/FIN security access matrix maintenance, functional and non-functional interface/report account management, and non-functional interface/report support account management.
- Develops and updates product access best practices, standards, procedures and quality objectives with a focus on continuous improvement within the ISC.

4. Partners with relevant stakeholders across UBC around security and access including ISC, Workday, IEC, EDG/Reporting, Cybersecurity, PrISM SRS, and AEP groups; chairs/facilitates security access working groups with respective stakeholders across UBC.
Engages with vendor when required for technical support/other as required.
5. Solicits feedback fostering an agile, innovative, and collaborative transformation experience.
Partners with relevant stakeholders to resolve issues related to engagement, adoption, sustainment, and continuous improvement.
6. Performs other related duties as required.

Consequence of Error/Judgement
UBC IT plays a key role in enabling the University to achieve its goal of becoming one of the world's leading universities. The ERP systems support the University's teaching, research, and administrative work. Decisions and actions taken by the Systems Specialist will have a major impact on these systems.
Errors in judgment, decisions, and actions could negatively impact the ERP systems, and consequently affect the reputation of the University and could cause loss of productivity and revenue.
Supervision Received
Works under the general direction of the Delivery Manager with assigned areas of responsibility as described above.
Supervision Given
Functional supervision of technical consultants in project implementation. Functional supervision of internal staff in the use of systems and application tools.
Minimum Qualifications
Undergraduate degree in a relevant discipline. In-depth knowledge of applications and the business requirements supporting them. Minimum of five years of related experience, or the equivalent combination of education and experience.
- Willingness to respect diverse perspectives, including perspectives in conflict with one’s own

- Demonstrates a commitment to enhancing one’s own awareness, knowledge, and skills related to equity, diversity, and inclusion

Preferred Qualifications

5 years of systems administration experience in a large enterprise environment.
Experience in one or more of the following middleware technologies: PeopleSoft, PeopleTools, Hyperion, OBIEE, ImageNow.
Experience in managing and supporting Linux and Windows servers.
Experience with Enterprise Application Integration - single sign-on, self-service, LDAP, application messaging, web services.
In-depth knowledge of network protocol, firewalls, load balancers, Internet services.
Experience with PeopleSoft Enterprise Portal and PeopleCode is an asset.
Experience in one of more of the following technologies is an asset: WebLogic, Apache, Tomcat, ColdFusion, PHP, PERL, Java, SQL. Web application development experience is an asset. Excellent technical writing and documentation skills; including requirements gathering, concise, and understandable technical documentation. Collaboration - Actively solicits ideas and opinions from others to efficiently and effectively accomplish specific objectives targeted at defined business outcomes. Openly encourages other team members to voice their ideas and concerns. Shows respect for differences and diversity, and disagrees without personalizing issues. Utilizes strengths of team members to achieve optimal performance.
Communication for Results - Conducts discussions with and writes memoranda to all levels of colleagues and peer groups in ways that support troubleshooting and problem solving. Seeks and shares relevant information, opinions, and judgments. Handles conflict empathetically. Explains the context of interrelated situations, asks probing questions, and solicits multiple sources of advice prior to taking action when appropriate.
Problem Solving - Applies problem-solving methodologies and tools to diagnose and solve operational and interpersonal problems. Determines the potential causes of the problem and devises testing methodologies for validation. Shows empathy and objectivity toward individuals involved in the issue. Analyzes multiple alternatives, risks, and benefits for a range of potential solutions. Recommends resource requirements and collaborates with impacted stakeholders.
Accountability - Sets objectives that meet organizational needs. Provides recommendations to individuals and teams on ways to improve performance and meet defined objectives. Monitors and provides feedback on individual and team performance against defined standards.
Information Systems Knowledge - Resolves escalated problems of technical support. Identifies root causes. Sets up and integrates new and enhanced information systems. Identifies customer needs and determines the appropriate approach to apply and ensure resolution. Solicits the input of appropriate technical experts and managers as required.
Initiative - Seeks out new challenges that require risk taking. Determines the resources, team support, and technical needs necessary to enable success and procures them. Keeps responding to the challenge in spite of obstacles and setbacks.