Staff Security Software Engineer

The Security Software Engineer will be responsible for securing Navan products by identifying unaddressed areas of weakness and driving cleverly engineered, scalable solutions that improve our defense-in-depth. You will be responsible for design and development of core services related to authentication, authorization, encryption within the product to enable a vast majority of use cases securely. Skills you will leverage in this role include the ability to break down prior technical implementations of product use cases, and the ability to deliver incremental security value through small meaningful code refactors.

Reporting to the Director of Security Engineering, you will contribute significantly to building and scaling the security of Navan products. This position requires both advanced technical skills, strong communication skills, and the ability to influence people. You will be responsible for ensuring the continuous security of Navan customer-facing products and internal tools. You will focus on driving and advising risk remediation based on research, and developing strong partnerships with engineering and product teams to accelerate the release of the software with security by design.

What You’ll Do:

• Research, design and implement security-oriented frameworks and features with the common goal of protecting Navan’ customers.
• Upgrade the security of the current Navan platform to cutting edge security solutions like Passkeys while balancing the needs of multiple customer personas and use cases. 
• Liaison between the engineering and security org to execute on the security roadmap.
• Lead security software development while building technical leverage and influencing the direction of architecture, design, and roadmap.
• Routinely participate in cross-vertical code reviews with an emphasis on Security.
• Break down complex problems into sub-tasks & iteratively contribute to the goal of the security initiatives using agile practices.
• Coach and mentor junior engineers in the team.

What We’re Looking For:

• 8+ years of experience as a software engineer with technical-leadership responsibilities
• Prior experience architecting, building, launching and maintaining complex systems
• Experience working in an Agile environment using technologies such as:
• Java Spring Framework (3+ years), Hibernate or similar ORM technologies, JavaScript/Typescipt, and React
• Containers (Docker, Kubernetes, or similar)
• Infrastructure as code (Vagrant, Docker, Ansible, Chef, Terraform, or similar)
• Continuous integration (Github Actions or similar)
• Integration of Security testing tools into CI pipelines
• Defect tracking (Jira, ServiceNow, or similar)
• Source code management (GitLab, GitHub, or similar)
• Cloud environment (AWS, or similar
• Knowledge of modern authentication mechanisms like SAML, JWT, OIDC connect, Passkey.
• Knowledge of authorization frameworks for complex multi-tenant SaaS applications.
• Knowledge of cryptographic primitives.
• Knowledge of application security issues and tools. 
• Knowledge of compliance requirements for industry-standard certifications like PCI DSS, SOC2, HIPAA, and FedRAMP.
• Experience working in small teams and delivering outsized impact.

The posted pay range represents the anticipated low and high end of the compensation for this position and is subject to change based on business need. To determine a successful candidate’s starting pay, we carefully consider a variety of factors, including primary work location, an evaluation of the candidate’s skills and experience, market demands, and internal parity.

For roles with on-target-earnings (OTE), the pay range includes both base salary and target incentive compensation. Target incentive compensation for some roles may include a ramping draw period. Compensation is higher for those who exceed targets. Candidates may receive more information from the recruiter.