Corporate Security Engineer

About WorkOS 🚀 WorkOS builds tools and services for developers to help them implement authentication, identity, authorization, and overall enterprise readiness. We’re a fully distributed team with employees across North American time zones. We’re well-funded, having raised $100m in funding from top investors including Greenoaks Capital, Lachy Groom, and Lightspeed Ventures. Our fast-growing customer base includes rapidly growing SaaS companies like OpenAI, Cursor, Perplexity, Vercel, Plaid, and hundreds of others. About the Security Team The Security team at WorkOS is responsible for keeping our company and customer data safe. As a CorpSec Engineer, you’ll focus on the internal side of security—ensuring our people, devices, and systems are secure by default. We support a remote-first, fast-moving engineering organization and need strong, pragmatic security systems that scale with us. You’ll work to improve access controls, endpoint security, and tooling across the company. This role is a mix of hands-on execution and strategic thinking—perfect for someone who wants to shape how security works inside a modern startup. Who we’re looking for

Have experience with corporate security and endpoint management in a cloud-native, remote-friendly environment

Enjoy taking ownership of systems like Okta, MDM, and EDR and making them more reliable, secure, and easy to use

Can balance security best practices with the realities of usability and speed

Like designing scalable controls for access, identity, and device management

Are comfortable working independently and cross-functionally with IT, Infra, and GRC

Are curious, proactive, and enjoy simplifying complexity

What you'll be doing

Own and improve our identity and access management systems (Okta, Google Workspace, etc.)

Administer and secure our MDM and endpoint protection tools (e.g. Kandji, EDRs)

Partner with Infra to implement controls for least privilege, audit logging, and change management

Develop automations and tooling for onboarding/offboarding, access reviews, and audit prep

Proactively identify security risks and lead the rollout of mitigations

Help shape security policies and practices that work well for engineers, not against them

Work with vendors and evaluate new tools as needed

Document systems and decisions clearly to support scale and clarity

Requirements

Experience with identity, access, and endpoint security tools (e.g. Okta, MDM, EDR)

Familiarity with cloud-native IT/security operations and SaaS environments

Comfort working in a fast-paced, high-autonomy environment

A practical mindset and a bias for simplicity and security-by-default

Experience working at a startup or on a small security team

Familiarity with SOC 2, ISO 27001, or other compliance frameworks

Scripting or automation experience (e.g. Python, Bash, Terraform)