Your work days are brighter here.
At Workday, it all began with a conversation over breakfast. When our founders met at a sunny California diner, they came up with an idea to revolutionize the enterprise software market. And when we began to rise, one thing that really set us apart was our culture. A culture which was driven by our value of putting our people first. And ever since, the happiness, development, and contribution of every Workmate is central to who we are. Our Workmates believe a healthy employee-centric, collaborative culture is the essential mix of ingredients for success in business. That’s why we look after our people, communities and the planet while still being profitable. Feel encouraged to shine, however that manifests: you don’t need to hide who you are. You can feel the energy and the passion, it's what makes us unique. Inspired to make a brighter work day for all and transform with us to the next stage of our growth journey? Bring your brightest version of you and have a brighter work day here.
At Workday, we value our candidates’ privacy and data security. Workday will never ask candidates to apply to jobs through websites that are not Workday Careers.
Please be aware of sites that may ask for you to input your data in connection with a job posting that appears to be from Workday but is not.
In addition, Workday will never ask candidates to pay a recruiting fee, or pay for consulting or coaching services, in order to apply for a job at Workday.
About the Team
The Evisort Security team is expanding and looking for a DevSecOps engineer to join our AI Security team.
We’re a hands-on security engineering team focused on enabling secure development across the stack. From supporting developers with bug bounty triage to securing our AI agent infrastructure, we embed security into every phase of the SDLC. Our work spans cloud security, application security, CI/CD hardening, runtime security, and ensuring alignment with compliance frameworks like SOC 2 and ISO 27001. We partner closely with engineering to drive practical, scalable security solutions that support rapid innovation. As a DevSecOps engineer, you will work closely with DevOps, Security, and Development teams to ensure security is baked into our systems.
About the Role
What will you be doing?
Integrate security at every stage of the software development lifecycle (SDLC) and deployment pipelines.
Partner with engineering and platform teams to implement security-by-design and shift-left security practices.
Drive the implementation and monitoring of Identity and Access Management (IAM) controls, with a focus on Okta integrations and best practices.
Build, deploy, and manage security tools and services. Design and implement scalable processes across Evisort’s cloud services and infrastructure environments.
Lead and manage the end-to-end vulnerability management lifecycle, including discovery, assessment, prioritization, remediation, and reporting.
Establish and maintain secure infrastructure and configurations using infrastructure as code.
Build and manage CI/CD pipelines and constantly improve their reliability & speed, and reduce lead time for changes.
About You
Basic Qualifications
5+ years of experience in security operations, vulnerability management, threat detection, or DevOps focused on security.
3+ years of proven experience in implementing DevSecOps practices.
3+ years of experience with cloud platforms (e.g., AWS, Azure, GCP) and containerization technologies (e.g., Docker, Kubernetes).
3+ years knowledge of scripting and programming languages (e.g., Python, Bash).
1+ years familiarity with infrastructure as code (IaC) tools (e.g., Terraform, Cloudformation, Ansible).
Other Qualifications
Familiarity with AI security concepts.
Familiarity with SOC2, ISO27001, ISO 27701 and ISO 42001.
Strong understanding of platform, application, and cloud security fundamentals.
Automating deployment, scaling, and management of containerized applications with Docker or Kubernetes.
Experience with CI/CD tools (e.g., Github Actions).
Experience with bug bounty programs.
Proficiency in security tools (e.g., Snyk, Semgrep, Contrast, Wiz).
Deep understanding of network and application security threats, attack techniques, and mitigation options.
Experience managing vulnerability scans and effectively prioritizing actions for system owners.
Experience deploying, monitoring, and managing systems in the AWS.
Security centric in all approaches to design in infrastructure as code, as well as Docker build pipelines and microservice deployments.
Experience building and maintaining security investigation and/or response tools.
Able to work independently and coordinate activities across multiple teams.
Ability to drive multiple projects and priorities while managing operational responsibilities.
Excellent written and verbal communication skills, building positive relationships with partner organizations.
BS or MS degree in Computer Science, Engineering, or equivalent job experience.
Workday Pay Transparency Statement
The annualized base salary ranges for the primary location and any additional locations are listed below. Workday pay ranges vary based on work location. As a part of the total compensation package, this role may be eligible for the Workday Bonus Plan or a role-specific commission/bonus, as well as annual refresh stock grants. Recruiters can share more detail during the hiring process. Each candidate’s compensation offer will be based on multiple factors including, but not limited to, geography, experience, skills, job duties, and business need, among other things. For more information regarding Workday’s comprehensive benefits, please click here.
Primary Location: CAN.ON.TorontoPrimary CAN Base Pay Range: $100,000 - $150,000 CADAdditional CAN Location(s) Base Pay Range: $100,000 - $150,000 CAD
Our Approach to Flexible Work
With Flex Work, we’re combining the best of both worlds: in-person time and remote. Our approach enables our teams to deepen connections, maintain a strong community, and do their best work. We know that flexibility can take shape in many ways, so rather than a number of required days in-office each week, we simply spend at least half (50%) of our time each quarter in the office or in the field with our customers, prospects, and partners (depending on role). This means you'll have the freedom to create a flexible schedule that caters to your business, team, and personal needs, while being intentional to make the most of time spent together. Those in our remote "home office" roles also have the opportunity to come together in our offices for important moments that matter.
Pursuant to applicable Fair Chance law, Workday will consider for employment qualified applicants with arrest and conviction records.
Workday is an Equal Opportunity Employer including individuals with disabilities and protected veterans.
Are you being referred to one of our roles? If so, ask your connection at Workday about our Employee Referral process!
