At a Glance
- Tasks: Automate security compliance and build innovative solutions using AI tools.
- Company: Join a forward-thinking tech company focused on security and automation.
- Benefits: Competitive salary, flexible work options, and opportunities for professional growth.
- Other info: Dynamic role with a blend of technical and program management responsibilities.
- Why this job: Make a real impact in security while leveraging cutting-edge AI technology.
- Qualifications: 4-6 years in GRC Engineering with coding skills in Python or JavaScript.
The predicted salary is between 60000 - 80000 £ per year.
Requirements
- Experience: 4–6 years in GRC Engineering, Security Automation, or IT Compliance, with a track record of building automated solutions.
- Technical Proficiency: Comfortable writing and debugging code (Python, PowerShell, or JavaScript) and working with REST APIs/JSON structures.
- AI Tool Fluency: Active experience using AI tools (Gemini, GitHub Copilot, Claude, etc.) to accelerate coding, writing, and problem-solving.
- Cloud & Infra Knowledge: Hands-on experience with cloud environments (AWS or GCP) and serverless architectures (Lambda, Cloud Functions).
- GRC Platforms: Familiarity with tools such as Auditboard, Vanta, Drata, or Archer, particularly regarding API integrations.
- Framework Expertise: Working knowledge of SOC 2, ISO 27001, and NIST CSF, with the ability to translate requirements into technical controls.
- Operational Mindset: Proven ability to manage multiple concurrent engineering initiatives, from building compliance automations to developing policy management systems, in a fast-paced environment.
- Communication: Strong written and verbal skills to document technical implementations, collaborate with stakeholders, and translate business requirements into technical solutions.
What the job involves
Navan is looking for a Security Governance & Risk Engineer to join our team as we evolve from manual processes to automated, scalable security systems. You will own the operational execution of our governance automation infrastructure, compliance monitoring, and security program platforms—using AI and automation as your primary force multipliers. Sitting at the intersection of Security Engineering, Compliance, and Security Culture, you will execute day-to-day operations while collaborating closely with your manager on technical strategy. This is a unique hybrid role for someone who possesses both technical engineering capabilities and strong program management skills, with a heavy emphasis on leveraging AI tools (like Claude, Gemini, and GitHub Copilot) to amplify impact.
- GRC Automation: Build and maintain automated workflows for risk assessments and audit evidence collection using modern APIs and AI coding assistants.
- Compliance-as-Code: Implement automated integrations (e.g., Tines, AWS Lambda) to monitor technical controls against frameworks like SOC 2, ISO 27001, and NIST CSF.
- Data Visualization: Develop and maintain real-time dashboards in tools like ThoughtSpot to provide visibility into security posture and compliance metrics.
- Program Automation & Integration: Build integrations between GRC platforms, awareness tools, and business systems—automating policy acknowledgments, training compliance tracking, evidence collection, and custom workflows where platform capabilities fall short.
- Technical Control Implementation: Translate security policies into technical control standards and automated validation scripts, ensuring policy requirements are continuously verified.
- Cross-Functional Collaboration: Partner with Legal, HR, and Engineering to collect technical requirements, build integrations, and ensure automated controls align with business needs.
Security GRC Engineer: AI-Powered Compliance & Automation employer: Navan
Navan is an exceptional employer that fosters a dynamic work culture centred around innovation and collaboration. With a strong emphasis on employee growth, we provide opportunities to enhance your skills in cutting-edge technologies like AI and cloud environments, all while working in a supportive team that values your contributions. Located in a vibrant tech hub, our hybrid role as a Security GRC Engineer offers the unique advantage of blending technical expertise with program management, ensuring you play a pivotal role in shaping our automated security systems.
StudySmarter Expert Advice🤫
We think this is how you could land Security GRC Engineer: AI-Powered Compliance & Automation
✨Tip Number 1
Network like a pro! Reach out to folks in the industry on LinkedIn or at meetups. We all know that sometimes it’s not just what you know, but who you know that can get you in the door.
✨Tip Number 2
Show off your skills! Create a portfolio or GitHub repo showcasing your projects, especially those involving AI tools and automation. We want to see how you’ve tackled real-world problems with your coding prowess.
✨Tip Number 3
Prepare for interviews by practising common questions related to GRC and security automation. We recommend doing mock interviews with friends or using online platforms to boost your confidence and refine your answers.
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets seen by the right people. Plus, we love seeing candidates who are genuinely interested in joining our team.
We think you need these skills to ace Security GRC Engineer: AI-Powered Compliance & Automation
Some tips for your application 🫡
Tailor Your CV:Make sure your CV speaks directly to the job description. Highlight your experience in GRC Engineering and any automation projects you've worked on. We want to see how your skills align with what we're looking for!
Show Off Your Technical Skills:Don’t hold back on showcasing your coding abilities! If you’ve got experience with Python, PowerShell, or JavaScript, let us know. Mention any AI tools you've used too, as they’re a big part of what we do here at StudySmarter.
Demonstrate Your Operational Mindset:We love candidates who can juggle multiple projects! Share examples of how you've managed engineering initiatives in fast-paced environments. This will show us that you can thrive in our dynamic team.
Apply Through Our Website:We encourage you to apply directly through our website. It’s the best way for us to receive your application and ensures you don’t miss out on any important updates from us during the process!
How to prepare for a job interview at Navan
✨Know Your Tech Inside Out
Make sure you’re well-versed in the technical skills listed in the job description. Brush up on your coding skills in Python, PowerShell, or JavaScript, and be ready to discuss how you've used these languages in past projects. Familiarity with REST APIs and JSON structures will also give you an edge.
✨Showcase Your AI Tool Experience
Since the role emphasises using AI tools like Gemini and GitHub Copilot, come prepared with examples of how you've leveraged these tools in your work. Discuss specific projects where AI helped you solve problems or automate tasks, demonstrating your ability to integrate technology into compliance processes.
✨Understand GRC Frameworks
Familiarise yourself with SOC 2, ISO 27001, and NIST CSF frameworks. Be ready to explain how you’ve translated these requirements into technical controls in previous roles. This shows that you not only understand the frameworks but can also apply them practically.
✨Communicate Clearly and Confidently
Strong communication skills are key for this role. Practice explaining complex technical concepts in simple terms, as you’ll need to collaborate with various stakeholders. Prepare to discuss how you document technical implementations and ensure everyone is on the same page.
