Security Specialist

At Workwize, we’re helping IT teams to easily equip their remote and global teams with all necessary IT equipment. Our automated SaaS platform simplifies hardware deployment, management, and retrieval with fast, reliable deliveries in 100+ countries.

With 50.000 users and 120.000 devices under management, we’re solving hybrid work challenges like laptop deliveries, returns and equipment tracking, allowing IT teams to focus less on manual hassles and more on strategic initiatives.

Join our team to help shape the future of global collaboration. At Workwize, your work will make a real impact in building smarter, more connected workplaces worldwide.

LinkedIn has also recognized Workwize as one of the Top 10 Startups for 2025 in the Netherlands!

About the Role

Own it. Improve it. Raise the bar.

At Workwize, security is not a checkbox. It’s operational discipline. As we scale with larger customers and more complex infrastructure, we need someone who doesn’t just maintain compliance but actively reduces real risk.

As our Security Specialist, you own and execute our security program end-to-end. You don’t write policies for the sake of it. You make sure controls actually work. You constantly ask: are we doing this at the highest level? What can be tighter? What can be automated? What can be improved?

This is a hands-on role for someone with experience who thrives in a fast-moving SaaS environment and knows how to combine ISO/SOC discipline with practical execution.

What you’ll do?

- You own the operational side of our security program across engineering, IT, and business.

• Continuously improve our security posture across product and internal systems
• Keep policies, controls, and risk registers alive and relevant
• Identify gaps and close them
• Run periodic security checks: access reviews, vendor reviews, incident simulations
• Make sure security controls are not just documented but actually working

- Own and elevate ISO27001 & SOC2:

• Own audit readiness and evidence collection
• Improve control effectiveness year over year
• Coordinate engineering, IT, ops, and legal during audits
• Respond to enterprise security reviews and questionnaires
• Own third-party risk management and vendor security reviews

- Strengthen application & cloud security

- You work closely with Engineering and Platform to:

• Embed secure SDLC practices
• Run security reviews for key changes
• Drive threat modeling for new features
• Own vulnerability management (triage, SLAs, verification)
• Improve AppSec tooling (SAST, DAST, dependency scanning, secret scanning)
• Strengthen IAM, logging, monitoring, key management, and cloud baselines

- You will be the security anchor in the company. Meaning you will:

• Act as the go-to person for security questions
• Train teams in practical, lightweight best practices
• Communicate clearly and directly with engineers and leadership
• Stay calm and structured during incidents or urgent customer escalations

What we’re looking for

Soft skills

• You can assess technical risk and turn it into prioritized, practical improvements. You focus on impact and execution, not theory.
• You are reliable, autonomous and able to collaborate smoothly with engineering and leadership.
• You communicate directly and to the point. You’re comfortable going deep technically when needed, but you always translate risk into clear actions.

You bring

• 5+ years in security roles (Security Engineer, Security Specialist, GRC + technical, AppSec, etc.
• Proven experience owning a security program and strong background in ISO27001 and SOC2 (Type II)
• Experienced supporting enterprise customers during procurement and security reviews, ideally also in a startup, scale-up, or fast-moving SaaS environment

Technical capability

- We expect strong fundamentals in:

• IAM and least privilege
• Network and cloud security
• Encryption and secrets management
• Logging, monitoring, alerting
• Vulnerability management workflows
• OWASP Top 10 and secure development practices

- Hands-on experience with:

• Cloud security (AWS/GCP/Azure)
• SAST/DAST and dependency scanning
• Vendor risk management
• Audit cycles and evidence management
• SIEM or lightweight logging solutions

If you’re someone who enjoys building security that actually works in a growing SaaS company, and you care about raising the level every quarter, we’d like to talk.

Workwize offers:

• A competitive salary and paid by workwize scheme while working in a fast-growing, and dynamic environment.
• Flexibility to work in a hybrid/remote environment, balancing office and home settings.
• The best working setup, with all necessary tools and equipment provided.
• A vibrant, entrepreneurial work environment that encourages innovation and growth.
• A free classpass corporate membership

Our Team

Becoming part of Workwize means making an impact. We make sure that we will contribute to the change in the way of working. For us it is also important that we make an impact on our employees, that they feel challenged and ease. We consist of a rapid growing and ambitious team with all different backgrounds. Entrepreneurs, Operational specialists, Developers, Sales gurus you can find them all at Workwize and are always on the look-out for the next original ideas to reach more consumers and create the best value for our customers.

We are looking forward to meeting you and discover if there is a match with the Workwize team!