Is there something like seccomp that works on Windows?
It should limit all syscalls to some very limited set, like only reading and writing to already opened files.
The one described as sandbox for Chromium does not look like Seccomp, as it is based on usual file permissions and Windows security objects, not on limiting access to syscalls.
No, there is nothing like seccomp that works on Windows. The closest there is are traditional permissions which disable certain privileged syscalls. But currently, there is no way to whitelist or blacklist entire arbitrary syscalls, or syscall arguments on Windows.