At a Glance
- Tasks: Ensure compliance with global security regulations and support audits and assessments.
- Company: Join Navan, a leader in secure global travel and expense solutions.
- Benefits: Flexible working hours, competitive salary, and opportunities for professional growth.
- Other info: Collaborative environment with global teams and potential for career advancement.
- Why this job: Play a vital role in safeguarding platforms and maintaining customer trust.
- Qualifications: 3+ years in information security compliance and a technical background.
The predicted salary is between 50000 - 65000 £ per year.
About the Role
The Security Compliance Analyst will work as a critical part of the Security Compliance Team, operating within the wider Navan Governance, Risk, Compliance, and Trust (GRCT) Team. In this role, you will ensure our continued compliance with global security regulations and industry frameworks—including GDPR, Sarbanes-Oxley ITGCs, ISO 27001, PCI DSS, and SOC 1/SOC 2. Acting as a key bridge between technical engineering teams, end users, external assessors, and international business units, you will play an essential part in safeguarding our platforms, maintaining customer trust, and scaling Navan’s global operations securely.
What You’ll Do
In this role, you will protect and enhance Navan's security posture, directly furthering our company goal of providing a secure, world-class global travel and expense platform. Your typical responsibilities will include:
- Coordinating and supporting internal and external security audits, technical assessments, and penetration tests across our environments.
- Partnering closely with US-based compliance auditors and external audit firms; this includes a flexible schedule to work late (until 9:00 PM–10:00 PM) a few days per month on specific alignment days to facilitate direct collaboration with US teams.
- Managing audit findings and remediation tracking items to ensure compliance issues and non-conformities are resolved in a timely manner.
- Performing regular testing of security compliance controls to identify operational deficiencies, track Key Performance Indicators (KPIs), and report on overall compliance health and continuous improvements.
- Partnering with engineering teams to gather and implement automated evidence collection workflows, utilizing JIRA and AI platforms to drive efficiency and reduce manual overhead.
- Translating complex technical security requirements into clear, actionable business language to collaborate effectively with internal technical teams and external stakeholders at all levels.
What We’re Looking For
Experience: Minimum of 3 years of hands-on experience in information security compliance, ideally paired with a technical background (such as experience as a developer, software engineer, or systems administrator).
Framework Expertise: Strong working understanding of Sarbanes-Oxley 404 IT General Controls (ITGCs) and the PCI DSS, alongside familiarity with frameworks like ISO 27001, Cyber Essentials Plus, NIST CSF, or SOC 1 and SOC 2.
Tools & Systems: Practical experience using GRC software (e.g., Optro/AuditBoard, SafeBase) alongside standard ticketing platforms like JIRA.
Core Skills & Flexibility: Excellent attention to detail, a proactive approach to problem-solving, and the flexibility to adapt your working hours monthly to accommodate collaboration with US-based auditing bodies.
Education & Certifications: A degree-level education in Cybersecurity, Computer Science, or a related field (or equivalent practical experience); industry certifications like CompTIA Security+, ISO 27001 Lead Auditor, or ISC2 CGRC are highly advantageous.
Bonus: As Navan works with colleagues around the globe, proficiency in French, Spanish, Italian, or German is highly beneficial.
Security Compliance Analyst in London employer: Navan
Navan is an exceptional employer that prioritises employee growth and development within a dynamic work culture. As a Security Compliance Analyst, you will benefit from flexible working hours to collaborate with international teams, access to cutting-edge tools, and opportunities to enhance your skills in a supportive environment focused on compliance and security excellence.
StudySmarter Expert Advice🤫
We think this is how you could land Security Compliance Analyst in London
✨Tip Number 1
Network like a pro! Reach out to folks in the industry on LinkedIn or at events. A friendly chat can open doors that a CV just can't.
✨Tip Number 2
Prepare for interviews by researching the company and its compliance needs. Show them you know your stuff about GDPR, PCI DSS, and all that jazz!
✨Tip Number 3
Practice your answers to common interview questions, especially those around security compliance scenarios. We want you to sound confident and knowledgeable!
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to get noticed and show us you’re serious about joining the team.
We think you need these skills to ace Security Compliance Analyst in London
Some tips for your application 🫡
Tailor Your CV:Make sure your CV is tailored to the Security Compliance Analyst role. Highlight your experience with security regulations and frameworks like GDPR and ISO 27001, as well as any relevant technical background. We want to see how your skills align with what we're looking for!
Craft a Compelling Cover Letter:Your cover letter is your chance to shine! Use it to explain why you're passionate about security compliance and how your experience makes you a great fit for our team. Don’t forget to mention your flexibility in working hours to collaborate with US teams.
Showcase Your Problem-Solving Skills:In your application, give examples of how you've tackled compliance issues or improved security processes in the past. We love seeing proactive problem-solvers who can translate complex requirements into clear actions!
Apply Through Our Website:We encourage you to apply directly through our website. It’s the best way for us to receive your application and ensures you’re considered for the role. Plus, it shows you’re keen on joining our team at StudySmarter!
How to prepare for a job interview at Navan
✨Know Your Frameworks
Make sure you brush up on your knowledge of security frameworks like GDPR, PCI DSS, and ISO 27001. Be ready to discuss how you've applied these in past roles or how you would approach compliance challenges using these frameworks.
✨Showcase Your Technical Skills
Since this role requires a blend of compliance and technical expertise, be prepared to talk about your hands-on experience with GRC software and ticketing platforms like JIRA. Highlight any projects where you’ve automated processes or improved compliance workflows.
✨Communicate Clearly
As a bridge between technical teams and business units, your ability to translate complex security requirements into simple language is crucial. Practice explaining technical concepts in layman's terms, so you can demonstrate your communication skills during the interview.
✨Flexibility is Key
Given the need to collaborate with US-based teams, be ready to discuss your availability for flexible working hours. Show that you understand the importance of this aspect and are willing to adapt your schedule to meet the team's needs.
