At a Glance
- Tasks: Ensure compliance with global security regulations and support audits to protect our platforms.
- Company: Join Navan, a leader in secure global travel and expense solutions.
- Benefits: Enjoy flexible time off, healthcare, and equity plans for your financial growth.
- Other info: Work in a dynamic office environment with great team culture and perks.
- Why this job: Make a real impact on security while collaborating with diverse teams worldwide.
- Qualifications: 3+ years in information security compliance; technical background preferred.
The predicted salary is between 50000 - 60000 £ per year.
The Security Compliance Analyst will work as a critical part of the Security Compliance Team, operating within the wider Navan Governance, Risk, Compliance, and Trust (GRCT) Team. In this role, you will ensure our continued compliance with global security regulations and industry frameworks—including GDPR, Sarbanes‑Oxley ITGCs, ISO 27001, PCI DSS, and SOC 1/SOC 2. Acting as a key bridge between technical engineering teams, end users, external assessors, and international business units, you will play an essential part in safeguarding our platforms, maintaining customer trust, and scaling Navan’s global operations securely.
What You’ll Do
- Coordinating and supporting internal and external security audits, technical assessments, and penetration tests across our environments.
- Partnering closely with US‑based compliance auditors and external audit firms; this includes a flexible schedule to work late (until 9:00 PM–10:00 PM) a few days per month on specific alignment days to facilitate direct collaboration with US teams.
- Managing audit findings and remediation tracking items to ensure compliance issues and non‑conformities are resolved in a timely manner.
- Performing regular testing of security compliance controls to identify operational deficiencies, track Key Performance Indicators (KPIs), and report on overall compliance health and continuous improvements.
- Partnering with engineering teams to gather and implement automated evidence collection workflows, utilizing JIRA and AI platforms to drive efficiency and reduce manual overhead.
- Translating complex technical security requirements into clear, actionable business language to collaborate effectively with internal technical teams and external stakeholders at all levels.
What We’re Looking For
- Experience: Minimum of 3 years of hands‑on experience in information security compliance, ideally paired with a technical background (such as experience as a developer, software engineer, or systems administrator).
- Framework Expertise: Strong working understanding of Sarbanes‑Oxley 404 IT General Controls (ITGCs) and the PCI DSS, alongside familiarity with frameworks like ISO 27001, Cyber Essentials Plus, NIST CSF, or SOC 1 and SOC 2.
- Tools & Systems: Practical experience using GRC software (e.g., Optro/AuditBoard, SafeBase) alongside standard ticketing platforms like JIRA.
- Core Skills & Flexibility: Excellent attention to detail, a proactive approach to problem‑solving, and the flexibility to adapt your working hours monthly to accommodate collaboration with US‑based auditing bodies.
- Education & Certifications: A degree‑level education in Cybersecurity, Computer Science, or a related field (or equivalent practical experience); industry certifications like CompTIA Security+, ISO 27001 Lead Auditor, or ISC2 CGRC are highly advantageous.
- Bonus: Proficiency in French, Spanish, Italian, or German is highly beneficial.
Our Benefits
Navan offers a comprehensive benefits program designed to support your well‑being, financial security, and life outside of work. Our benefits, thoughtfully tailored by country to meet local needs, include healthcare coverage, insurance offerings, and wellness resources for you and your family. We support long‑term financial growth through retirement savings programs and opportunities to participate in our equity plans, so you can share in Navan’s success. To promote balance, we offer flexible time off, country‑specific holidays, and paid parental leave for all new parents. Additional benefits include connectivity and commuting support, mental health resources, and exclusive travel‑related perks. Wherever you’re based, our benefits evolve with you.
Workplace Policy
Navan believes in the value of in‑person connections, whether that’s sitting down to have lunch with one another, taking a walking 1:1, or collaborating in a room together. The connections forged through face‑to‑face interactions improve company culture and drive business results. Navan invests in global office spaces — in the U.S., Europe, and Asia, among others — that feel welcoming. In‑office perks such as company‑provided lunches and happy hours create a strong team environment to help you do your best work. Our employees work from the office four days a week. Please expect this policy for all roles that are tied to an office.
Equal Opportunity
Navan is an equal opportunity employer. We make all employment decisions based solely on merit. We provide equal employment opportunity to all applicants and employees without discrimination on the bases of race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We prohibit any such discrimination or harassment. This policy applies to all terms and conditions of employment, including hiring.
Accommodations
Navan complies with the Americans with Disabilities Act (ADA), as amended by the ADA Amendments Act, and all applicable state or local law. Navan will reasonably accommodate qualified individuals with a disability in connection with applications for employment as required by law.
Security Compliance Analyst employer: Traveltechessentialist
Navan is an exceptional employer that prioritises employee well-being and professional growth, offering a comprehensive benefits package tailored to local needs, including healthcare, retirement savings, and flexible time off. With a strong emphasis on collaboration and in-person connections, our vibrant workplace culture fosters teamwork and innovation, making it an ideal environment for Security Compliance Analysts to thrive and contribute to our mission of providing a secure global travel and expense platform.
StudySmarter Expert Advice🤫
We think this is how you could land Security Compliance Analyst
✨Tip Number 1
Network like a pro! Reach out to folks in the industry, attend events, and connect with people on LinkedIn. You never know who might have the inside scoop on job openings or can put in a good word for you.
✨Tip Number 2
Prepare for interviews by researching the company and its culture. Understand their security compliance needs and be ready to discuss how your experience aligns with their goals. Show them you’re not just another candidate!
✨Tip Number 3
Practice your responses to common interview questions, especially those related to compliance frameworks like GDPR and PCI DSS. Use real-life examples from your past work to demonstrate your expertise and problem-solving skills.
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets seen. Plus, it shows you’re genuinely interested in being part of our team at Navan.
We think you need these skills to ace Security Compliance Analyst
Some tips for your application 🫡
Tailor Your CV:Make sure your CV is tailored to the Security Compliance Analyst role. Highlight your experience with security regulations and frameworks like GDPR and ISO 27001, as well as any relevant technical skills. We want to see how your background aligns with what we're looking for!
Craft a Compelling Cover Letter:Your cover letter is your chance to shine! Use it to explain why you're passionate about security compliance and how your skills can help us at Navan. Be sure to mention any specific experiences that relate to the job description.
Showcase Your Problem-Solving Skills:In your application, don’t forget to highlight your proactive approach to problem-solving. Share examples of how you've tackled compliance issues or improved processes in previous roles. We love seeing candidates who can think on their feet!
Apply Through Our Website:We encourage you to apply directly through our website. It’s the best way for us to receive your application and ensures you’re considered for the role. Plus, it shows you’re keen on joining our team at Navan!
How to prepare for a job interview at Traveltechessentialist
✨Know Your Frameworks
Make sure you brush up on your knowledge of Sarbanes-Oxley, PCI DSS, and ISO 27001. Be ready to discuss how these frameworks apply to the role and share any relevant experiences you've had with compliance audits or technical assessments.
✨Showcase Your Technical Skills
Since a technical background is essential, be prepared to talk about your experience as a developer or systems administrator. Highlight any tools you've used, like GRC software or JIRA, and how they helped you in previous roles.
✨Communicate Clearly
You'll need to translate complex security requirements into business language, so practice explaining technical concepts in simple terms. This will demonstrate your ability to bridge the gap between technical teams and stakeholders.
✨Flexibility is Key
Given the need to collaborate with US-based teams, be ready to discuss your availability for flexible working hours. Show that you're adaptable and willing to accommodate different time zones to ensure smooth communication and collaboration.
