Senior Enterprise Security Engineer

<p>As a <strong>Senior Enterprise Security Engineer</strong>, you will be a foundational architect of Navan’s security posture, directly safeguarding our corporate infrastructure, sensitive financial data, and global user base. This is a highly <strong>hands-on, configuration-driven role</strong> that requires working directly with systems that power our security program in a modern, cloud-native environment. </p> <p>Your work will be critical in ensuring Navan becomes globally recognized for secure, unparalleled corporate travel and expense management.</p> <h3>What You’ll Do</h3> <ul> <li><strong>Threat Detection Automation</strong>: Architect and execute the end-to-end security pipeline, including developing advanced detection logic (TTPs), refining alerting in <strong>SIEM platforms</strong>, and building robust, efficient automation playbooks in <strong>SOAR</strong> to reduce Mean Time to Detect (MTTD) and Mean Time to Respond (MTTR).</li> <li><strong>Identity Governance Access Control:</strong> Define and enforce strong <strong>IAM principles</strong> (e.g., Least Privilege, Zero Trust) and contribute to identity governance platforms to ensure secure authentication, authorization, and access across the enterprise.</li> <li><strong>Email Security: </strong>Strengthen email security by managing alerts and workflows in platforms like <strong>Material Security</strong>, reviewing post-delivery threats, and improving automated response to suspicious messages and mailbox activity.</li> <li><strong>Cross-Functional Security Leadership:</strong> Proactively partner with Engineering, IT, and Compliance teams to <strong>embed security best practices </strong>early in the lifecycle and align security controls with business risk objectives.</li> <li><strong>Process Improvement:</strong> Participate actively in incident reviews, contribute to security process improvements, and work with external vendors to align system capabilities and security expectations.</li> </ul> <h3>What We’re Looking For</h3> <ul> <li><strong>5+ years of hands-on experience</strong> in information or enterprise security, preferably within a high-growth tech environment utilizing cloud infrastructure (AWS, Azure, GCP).</li> <li>You possess <strong>deep, up-to-date knowledge of modern attacker tactics, techniques, and procedures (TTPs)</strong> and excel at translating complex technical risk into clear business context for a range of stakeholders.</li> <li>Demonstrated expertise in <strong>developing detections, alerting logic, and monitoring improvements</strong> using SIEM platforms (e.g., Splunk, Sentinel, Elastic).</li> <li>Expert comfort interpreting endpoint telemetry and supporting investigations using <strong>EDR/XDR technologies</strong> (e.g., CrowdStrike, Defender).</li> <li>Proven ability to build and maintain automation through <strong>SOAR workflows</strong> (e.g., Phantom, Demisto, XSOAR) to improve investigation and response efficiency.</li> <li>Demonstrated expertise in <strong>Zero Trust principles</strong>, modern identity governance, and access management solutions (e.g., Okta, Ping, or Azure AD).</li> <li>Experience managing email security using platforms like <strong>Material Security</strong>, including reviewing post-delivery detections and analyzing mailbox activity.</li> <li>You collaborate effectively across teams, proactively take ownership of complex challenges, and contribute actively within a small, focused security team.</li> </ul>