The Staff Full-stack Software Engineer in Security will be responsible for securing Navan products by identifying unaddressed areas of weakness and driving cleverly engineered, scalable solutions that improve our defense-in-depth.
Requirements
- 8+ years of experience as a software engineer with technical-leadership responsibilities
- Prior experience architecting, building, launching and maintaining complex systems
- Experience working in an Agile environment using technologies such as: Java Spring Framework (3+ years), Hibernate or similar ORM technologies, JavaScript/Typescript, and React
- Containers (Docker, Kubernetes, or similar)
- Infrastructure as code (Vagrant, Docker, Ansible, Chef, Terraform, or similar)
- Continuous integration (Github Actions or similar)
- Integration of Security testing tools into CI pipelines
- Defect tracking (Jira, ServiceNow, or similar)
- Source code management (GitLab, GitHub, or similar)
- Cloud environment (AWS, or similar)
Benefits
- Knowledge of modern authentication mechanisms like SAML, JWT, OIDC connect, Passkey
- Knowledge of authorization frameworks for complex multi-tenant SaaS applications
- Knowledge of cryptographic primitives
- Knowledge of application security issues and tools
- Knowledge of compliance requirements for industry-standard certifications like PCI DSS, SOC2, HIPAA, and FedRAMP