Staff Full-Stack Software Engineer, Security

The Staff Full-stack Software Engineer in Security will be responsible for securing Navan products by identifying unaddressed areas of weakness and driving cleverly engineered, scalable solutions that improve our defense-in-depth.

Requirements

• 8+ years of experience as a software engineer with technical-leadership responsibilities
• Prior experience architecting, building, launching and maintaining complex systems
• Experience working in an Agile environment using technologies such as: Java Spring Framework (3+ years), Hibernate or similar ORM technologies, JavaScript/Typescript, and React
• Containers (Docker, Kubernetes, or similar)
• Infrastructure as code (Vagrant, Docker, Ansible, Chef, Terraform, or similar)
• Continuous integration (Github Actions or similar)
• Integration of Security testing tools into CI pipelines
• Defect tracking (Jira, ServiceNow, or similar)
• Source code management (GitLab, GitHub, or similar)
• Cloud environment (AWS, or similar)

Benefits

• Knowledge of modern authentication mechanisms like SAML, JWT, OIDC connect, Passkey
• Knowledge of authorization frameworks for complex multi-tenant SaaS applications
• Knowledge of cryptographic primitives
• Knowledge of application security issues and tools
• Knowledge of compliance requirements for industry-standard certifications like PCI DSS, SOC2, HIPAA, and FedRAMP