Senior Enterprise Security Engineer

As a Senior Enterprise Security Engineer, you will be a foundational architect of Navan's security posture, directly safeguarding our corporate infrastructure, sensitive financial data, and global user base. This is a highly hands‑on, configuration‑driven role that requires working directly with systems that power our security program in a modern, cloud‑native environment.

Your work will be critical in ensuring Navan becomes globally recognized for secure, unparalleled corporate travel and expense management.

• Threat Detection & Automation: Architect and execute the end-to-end security pipeline, including developing advanced detection logic (TTPs), refining alerting in SIEM platforms, and building robust, efficient automation playbooks in SOAR to reduce Mean Time to Detect (MTTD) and Mean Time to Respond (MTTR).
• Identity Governance & Access Control: Define and enforce strong IAM principles (e.g., Least Privilege, Zero Trust) and contribute to identity governance platforms to ensure secure authentication, authorization, and access across the enterprise.
• Email Security: Strengthen email security by managing alerts and workflows in platforms like Material Security, reviewing post‑delivery threats, and improving automated response to suspicious messages and mailbox activity.
• Cross‑Functional Security Leadership: Proactively partner with Engineering, IT, and Compliance teams to embed security best practices early in the lifecycle and align security controls with business risk objectives.
• Process Improvement: Participate actively in incident reviews, contribute to security process improvements, and work with external vendors to align system capabilities and security expectations.

• 5+ years of hands‑on experience in information or enterprise security, preferably within a high‑growth tech environment utilizing cloud infrastructure (AWS, Azure, GCP).
• You possess deep, up-to‑date knowledge of modern attacker tactics, techniques, and procedures (TTPs) and excel at translating complex technical risk into clear business context for a range of stakeholders.
• Demonstrated expertise in developing detections, alerting logic, and monitoring improvements using SIEM platforms (e.g., Splunk, Sentinel, Elastic).
• Expert comfort interpreting endpoint telemetry and supporting investigations using EDR/XDR technologies (e.g., CrowdStrike, Defender).
• Proven ability to build and maintain automation through SOAR workflows (e.g., Phantom, Demisto, XSOAR) to improve investigation and response efficiency.
• Demonstrated expertise in Zero Trust principles, modern identity governance, and access management solutions (e.g., Okta, Ping, or Azure AD).
• Experience managing email security using platforms like Material Security, including reviewing post‑delivery detections and analyzing mailbox activity.
• You collaborate effectively across teams, proactively take ownership of complex challenges, and contribute actively within a small, focused security team.