Corporate Security Engineer

Job description

About WorkOS 🚀

WorkOS builds tools and services for developers to help them implement authentication, identity, authorization, and overall enterprise readiness. We’re a fully distributed team with employees across North American time zones. We’re well-funded, having raised an $80M Series B. Our fast-growing customer base includes hundreds of rapidly growing SaaS companies like OpenAI, Vercel, Perplexity and Cursor.

About the Security Team

The Security team at WorkOS is responsible for keeping our company and customer data safe. As a CorpSec Engineer, you’ll focus on the internal side of security—ensuring our people, devices, and systems are secure by default. We support a remote-first, fast-moving engineering organization and need strong, pragmatic security systems that scale with us.

You’ll work to improve access controls, endpoint security, and tooling across the company. This role is a mix of hands-on execution and strategic thinking—perfect for someone who wants to shape how security works inside a modern startup.

Who we’re looking for

• Have experience with corporate security and endpoint management in a cloud-native, remote-friendly environment
• Enjoy taking ownership of systems like Okta, MDM, and EDR and making them more reliable, secure, and easy to use
• Can balance security best practices with the realities of usability and speed
• Like designing scalable controls for access, identity, and device management
• Are comfortable working independently and cross-functionally with IT, Infra, and GRC
• Are curious, proactive, and enjoy simplifying complexity

What you’ll be doing

• Own and improve our identity and access management systems (Okta, Google Workspace, etc.)
• Administer and secure our MDM and endpoint protection tools (e.g. Kandji, EDRs)
• Partner with Infra to implement controls for least privilege, audit logging, and change management
• Develop automations and tooling for onboarding/offboarding, access reviews, and audit prep
• Proactively identify security risks and lead the rollout of mitigations
• Help shape security policies and practices that work well for engineers, not against them
• Work with vendors and evaluate new tools as needed
• Document systems and decisions clearly to support scale and clarity

Requirements

• Experience with identity, access, and endpoint security tools (e.g. Okta, MDM, EDR)
• Familiarity with cloud-native IT/security operations and SaaS environments
• Comfort working in a fast-paced, high-autonomy environment
• A practical mindset and a bias for simplicity and security-by-default

Nice to have

• Experience working at a startup or on a small security team
• Familiarity with SOC 2, ISO 27001, or other compliance frameworks
• Scripting or automation experience (e.g. Python, Bash, Terraform)

The annual US base salary falls within the range of $175,000 to $250,000. This range does not encompass the full spectrum of benefits such as equity, health insurance, vacation time, and paid parental leave. This salary range covers multiple levels of engineering roles and final compensation will be determined considering various factors, including experience, skills, and qualifications.

Benefits (US Only) 💖

At WorkOS, we offer resources that emphasize personal and familial well-being. We offer healthcare coverage for you and your family, including medical, dental, and vision. We offer parental leave, paid-time off and fully remote working arrangements.

Benefits include:

- Competitive pay

- Substantial equity grants

- Healthcare insurance (Medical, Dental and Vision) for you and your family

- 401k matching

- Wellness and fitness monthly allowances

- PTO + paid holidays + unlimited sick leave

- Autonomy and flexibility with remote work

Please inquire directly with our recruiting team for benefits available to those working outside the US.

Equal Opportunity Employer

WorkOS is an equal opportunity employer, committed to diversity and inclusiveness. We will consider all qualified applicants without regard to race, color, nationality, gender, gender identity or expression, sexual orientation, religion, disability or age.