Staff Software Engineer - Security

Staff Software Engineer – Security

8+ years of experience as a software engineer with technical-leadership responsibilities
Prior experience architecting, building, launching and maintaining complex systems
Experience working in an Agile environment using technologies such as: Java Spring Framework (3+ years), Hibernate or similar ORM technologies, JavaScript/Typescript, and React
Containers (Docker, Kubernetes, or similar)
Infrastructure as code (Vagrant, Docker, Ansible, Chef, Terraform, or similar)
Continuous integration (Github Actions or similar)
Integration of Security testing tools into CI pipelines
Defect tracking (Jira, ServiceNow, or similar)
Source code management (GitLab, GitHub, or similar)
Cloud environment (AWS, or similar)

Research, design and implement security-oriented frameworks and features with the common goal of protecting Navan’ customers.
Upgrade the security of the current Navan platform to cutting edge security solutions like Passkeys while balancing the needs of multiple customer personas and use cases.
Liaison between the engineering and security org to execute on the security roadmap.
Lead security software development while building technical leverage and influencing the direction of architecture, design, and roadmap.
Routinely participate in cross-vertical code reviews with an emphasis on Security.
Break down complex problems into sub-tasks & iteratively contribute to the goal of the security initiatives using agile practices.
Coach and mentor junior engineers in the team.

Knowledge of modern authentication mechanisms like SAML, JWT, OIDC connect, Passkey.
Knowledge of authorization frameworks for complex multi-tenant SaaS applications.
Knowledge of cryptographic primitives.
Knowledge of application security issues and tools.
Knowledge of compliance requirements for industry-standard certifications like PCI DSS, SOC2, HIPAA, and FedRAMP.
Experience working in small teams and delivering outsized impact.