Sr. Cloud Security Engineer

We are seeking a highly skilled Sr. Cloud Security Engineer to join our Security Operations and Engineering team. In this role, you will be a key player in designing, implementing, and maintaining a robust security posture across our multi-cloud environment.

While your primary expertise should lie in Google Cloud Platform (GCP) or Microsoft Azure, you will also leverage your experience in Amazon Web Services (AWS) to ensure consistent security standards across our entire infrastructure. You will be instrumental in automating security controls, conducting deep-dive architectural reviews, and managing our Cloud Security Posture Management (CSPM) lifecycle.

What You'll Do

• Cloud Security Architecture & Design: Lead and participate in security reviews for new product features and infrastructure changes. Provide actionable recommendations to engineering teams to ensure "secure by design" principles.
• Posture Management (CSPM): Own the end-to-end CSPM process. This includes configuring tools, monitoring for misconfigurations, prioritising risks, and working with stakeholders to remediate security gaps across GCP, Azure, and AWS.
• Security Automation: Utilise basic programming and scripting skills (e.g., Python, Go, or Bash) to automate repetitive security tasks, incident response playbooks, and compliance checks.
• Infrastructure as Code (IaC) Security: Integrate security scanning into CI/CD pipelines (Terraform, Pulumi, or Bicep) to catch vulnerabilities before they reach production and also write IaC code for security related infrastructure.
• Identity & Access Management (IAM): Design and enforce least-privilege access models across multi-cloud environments, managing service accounts, roles, and identity federation.
• Incident Response Support: Act as a subject matter expert during cloud-related security incidents, providing technical analysis and forensic support.

What We're Looking For

• Deep Cloud Expertise: 5+ years of experience in cloud security, with extensive, hands-on experience in either GCP (Security Command Center, IAM, VPC Service Controls) or Azure (Microsoft Defender for Cloud, Azure Policy, Sentinel).
• Multi-Cloud Proficiency: Strong working knowledge of AWS security services (GuardDuty, IAM, Security Hub, Config).
• CSPM Experience: Proven track record of managing Cloud Security Posture Management tools (e.g., Wiz, Orca, Prisma Cloud, or native cloud tools) to reduce the attack surface.
• Programming Skills: Ability to write scripts or small applications in Python, Go, or PowerShell to interact with Cloud APIs, automate workflows, and maintain security related IaC code.
• Security Reviews: Experience performing threat modelling and security architecture reviews for complex, distributed systems.
• Relevant certifications such as Google Professional Cloud Security Engineer, Microsoft Certified: Azure Security Engineer Associate (AZ-500), or AWS Certified Security – Specialty would be a great plus.
• Experience with container security (Kubernetes/GKE/AKS/EKS).
• Familiarity with compliance frameworks such as PCI DSS, SOC2, ISO 27001, or NIST.
• Excellent communication skills with the ability to translate complex security risks into business context for non-technical stakeholders.

About Navan

Navan (Nasdaq: NAVN) is the leading all-in-one business travel, payments, and expense management platform that makes travel easy for frequent travellers. From finding flights and hotels to automating expense reconciliation, with 24/7 support along the way, Navan delivers an intuitive experience travellers love and finance teams rely on.

Our team is our competitive edge — a high-performance group of smart, driven people committed to winning together. This dedication to excellence is why we’ve been recognised as a Best Place to Work by Built In (2023–2026), a CNBC Disruptor 50 (2022-2025), and a Forbes Fintech 50 (2022-2025).

At Navan, we provide an environment where top talent excels, offering the autonomy and fast-paced trajectory needed to build a defining career and do the best work of your life.

Navan offers a comprehensive benefits program designed to support your well-being, financial security, and life outside of work. Our benefits, thoughtfully tailored by country to meet local needs, include healthcare coverage, insurance offerings, and wellness resources for you and your family.

We support long-term financial growth through retirement savings programs and opportunities to participate in our equity plans, so you can share in Navan’s success. To promote balance, we offer flexible time off, country-specific holidays, and paid parental leave for all new parents. Additional benefits include connectivity and commuting support, mental health resources, and exclusive travel-related perks. Wherever you’re based, our benefits evolve with you.

Workplace Policy

Navan believes in the value of in-person connections, whether that’s sitting down to have lunch with one another, taking a walking 1:1, or collaborating in a room together. The connections forged through face-to-face interactions improve company culture and drive business results. Navan invests in global office spaces — in the U.S., Europe, and Asia, among others — that feel welcoming. In-office perks such as company-provided lunches and happy hours create a strong team environment to help you do your best work. Our employees work from the office four days a week. Please expect this policy for all roles that are tied to an office.

Navan is an equal opportunity employer. We make all employment decisions based solely on merit. We provide equal employment opportunity to all applicants and employees without discrimination on the bases of race, religion, colour, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We prohibit any such discrimination or harassment. This policy applies to all terms and conditions of employment, including hiring.

Accommodations

Navan complies with the Americans with Disabilities Act (ADA), as amended by the ADA Amendments Act, and all applicable state or local law. Navan will reasonably accommodate qualified individuals with a disability in connection with applications for employment as required by law.

Please review Navan's Candidate Privacy Notice here.

Job Search Best Practices

We have been made aware of recruitment scams involving fraudulent attempts to lure job seekers into sending money or personal information in return for fake job offers or coerce them into purchasing equipment by electronic funds transfer (Zelle, Venmo, etc.). Legitimate Navan recruiters will never ask for money in any recruitment or onboarding activities. All available job openings at Navan will be posted on Navan’s website and all Navan recruiters will be reachable through an email address ending in “@navan.com” or “@navan.tech” or "@talent.navan.com".