Security Specialist

At Workwize, we’re helping IT teams to easily equip their remote and global teams with all necessary IT equipment. Our automated SaaS platform simplifies hardware deployment, management, and retrieval with fast, reliable deliveries in 100+ countries.

With 50.000 users and 120.000 devices under management, we’re solving hybrid work challenges like laptop deliveries, returns and equipment tracking, allowing IT teams to focus less on manual hassles and more on strategic initiatives.

Join our team to help shape the future of global collaboration. At Workwize, your work will make a real impact in building smarter, more connected workplaces worldwide.

LinkedIn has also recognized Workwize as one of the Top 10 Startups for 2025 in the Netherlands!

• Continuously improve our security posture across product and internal systems.
• Keep policies, controls, and risk registers alive and relevant.
• Identify gaps and close them.
• Run periodic security checks: access reviews, vendor reviews, incident simulations.
• Make sure security controls are not just documented but actually working. 

Own and elevate ISO27001 & SOC2: 

• Own audit readiness and evidence collection.
• Improve control effectiveness year over year.
• Coordinate engineering, IT, ops, and legal during audits.
• Respond to enterprise security reviews and questionnaires.
• Own third-party risk management and vendor security reviews.

You work closely with Engineering and Platform to:

• Strengthen application & cloud security.
• Embed secure SDLC practices.
• Run security reviews for key changes.
• Drive threat modeling for new features.
• Own vulnerability management (triage, SLAs, verification).
• Improve AppSec tooling (SAST, DAST, dependency scanning, secret scanning).
• Strengthen IAM, logging, monitoring, key management, and cloud baselines.

Be our security anchor: 

• Act as the go-to person for security questions.
• Train teams in practical, lightweight best practices.
• Communicate clearly and directly with engineers and leadership.
• Stay calm and structured during incidents or urgent customer escalations.

• 5+ years in security roles (Security Engineer, Security Specialist, GRC + technical, AppSec, etc.
• Proven experience owning a security program and strong background in ISO27001 and SOC2 (Type II)
• Experienced supporting enterprise customers during procurement and security reviews, ideally also in a startup, scale-up, or fast-moving SaaS environment
• You can assess technical risk and turn it into prioritized, practical improvements. You focus on impact and execution, not theory.
• You are reliable, autonomous and able to collaborate smoothly with engineering and leadership.
• You communicate directly and to the point. You’re comfortable going deep technically when needed, but you always translate risk into clear actions.
• Strong fundamental technical skills in: 
  • IAM and least privilege
  • Network and cloud security
  • Encryption and secrets management
  • Logging, monitoring, alerting
  • Vulnerability management workflows
  • OWASP Top 10 and secure development practices
• Hands-on experience with: 
  • Cloud security (AWS/GCP/Azure)
  • SAST/DAST and dependency scanning
  • Vendor risk management
  • Audit cycles and evidence management
  • SIEM or lightweight logging solutions

Our Team  

Becoming part of Workwize means making an impact. We make sure that we will contribute to the change in the way of working. For us it is also important that we make an impact on our employees, that they feel challenged and ease. We consist of a rapid growing and ambitious team with all different backgrounds. Entrepreneurs, Operational specialists, Developers, Sales gurus you can find them all at Workwize and are always on the look-out for the next original ideas to reach more consumers and create the best value for our customers.  

We are looking forward to meeting you and discover if there is a match with the Workwize team!