Easy Apply
Easy Apply
Lead end-to-end incident response: triage, containment, evidence capture, and root-cause analysis. Build SOAR automation with Tines, tune detections in CrowdStrike and SIEM/SOAR, monitor data risks with Cyberhaven DLP, partner on secure cloud telemetry and playbooks, evaluate emergent threats, and participate in incident on-call rotation while coordinating cross-functional remediation.
At Navan, you will serve as the technical lead for our incident response lifecycle, driving the containment and remediation of security threats across our multi-cloud infrastructure, products, and operational environments. You will balance hands-on technical investigations with the leadership required to coordinate response efforts, leveraging a modern security stack to protect our global travel and expense platform.
What You’ll Do:
- Incident Response Leadership: Act as the primary Incident Lead during high-severity events. Own the end-to-end response lifecycle: driving triage, containment, evidence capture, and post-incident root-cause analysis.
- Automation & SOAR Engineering: Use Tines to build and design workflows that automate triage, enrichment, and containment actions, significantly reducing operational toil and improving time-to-contain.
- Detection & Endpoint Monitoring: Manage and fine-tune detection rule lifecycles utilizing CrowdStrike EDR and SIEM/SOAR capabilities to maintain high-precision, low-latency coverage against modern adversary tradecraft.
- Data Protection & Visibility: Monitor and respond to data risks across endpoints, identity, and SaaS applications using Cyberhaven DLP. Identify gaps in IAM and vulnerability management and advocate for direct fixes.
- Architecture Partnership: Partner with infrastructure owners to ensure new systems ship across all cloud environments with the right telemetry, encryption, authentication, and response playbooks from day one.
- Emergent Threats: Evaluate and design response strategies for frontier security concerns, such as automated agents or bots operating across infrastructure at scale.
- On-Call Rotation: Actively participate in the scheduled Incident Response on-call rotation, ensuring reliable coverage and operational readiness for emergent threats.
What We’re Looking For:
- 5+ years of experience in a dedicated Incident Response, SOC, or Security Engineering role, with a proven track record of leading high-severity incident containment in fast-paced environments
- Strong familiarity with the MITRE ATT&CK framework, modern adversary tactics, techniques, and procedures (TTPs), and common attack vectors targeting SaaS platforms
- Proven experience managing and tuning detection logic within CrowdStrike Falcon (or equivalent enterprise EDR/XDR) and enterprise SIEM platforms.
- Excellent leadership skills with the ability to remain calm under pressure, coordinate cross-functional teams (Engineering, Legal, PR), and clearly communicate complex technical risks to stakeholders.
The posted pay range represents the anticipated low and high end of the compensation for this position and is subject to change based on business need. To determine a successful candidate’s starting pay, we carefully consider a variety of factors, including primary work location, an evaluation of the candidate’s skills and experience, market demands, and internal parity.
For roles with on-target-earnings (OTE), the pay range includes both base salary and target incentive compensation. Target incentive compensation for some roles may include a ramping draw period. Compensation is higher for those who exceed targets. Candidates may receive more information from the recruiter.
Pay Range
$113,400—$252,000 USD
Navan Palo Alto, California, USA Office
3045 Park Blvd, Palo Alto, CA, United States, 94304
Navan San Francisco, California, USA Office
181 Fremont St. 23rd Floor , San Francisco, CA, United States, 94105
Similar Jobs at Navan
.png)
Fintech • Information Technology • Payments • Productivity • Software • Travel • Automation
Provide best-in-class travel support across chat, call, and email; manage hotel, flight, car and rail bookings; maintain supplier and system knowledge; resolve issues within SLA; advise on fares, ticketing, and compliance; provide feedback to product teams and meet performance metrics.
Top Skills:
AmadeusArcBspEmdGlobal Distribution System (Gds)McoNavan PlatformNdcPnrSabre
Fintech • Information Technology • Payments • Productivity • Software • Travel • Automation
Lead and scale the product security program by embedding security into the SDLC, performing threat modeling and architecture reviews, building security-as-code tooling and CI integrations, conducting application/cloud/mobile testing, mentoring engineers, and driving remediation and security ownership across product teams.
Top Skills:
AngularAWSCi/CdContainersCSSDastDockerGitGithub ActionsHibernateIastJava Spring FrameworkJavaScriptJenkinsJIRAKubernetesMicroservicesSastScaTerraform
Fintech • Information Technology • Payments • Productivity • Software • Travel • Automation
The Income Tax Manager will lead tax provision and compliance processes, manage workflows, provide insights on tax implications, and drive improvements. Strong communication skills are essential in this collaborative role.
Top Skills:
Accounting SystemsAsc 740ExcelGoogle Suite
What you need to know about the San Francisco Tech Scene
San Francisco and the surrounding Bay Area attracts more startup funding than any other region in the world. Home to Stanford University and UC Berkeley, leading VC firms and several of the world’s most valuable companies, the Bay Area is the place to go for anyone looking to make it big in the tech industry. That said, San Francisco has a lot to offer beyond technology thanks to a thriving art and music scene, excellent food and a short drive to several of the country’s most beautiful recreational areas.
Key Facts About San Francisco Tech
- Number of Tech Workers: 365,500; 13.9% of overall workforce (2024 CompTIA survey)
- Major Tech Employers: Google, Apple, Salesforce, Meta
- Key Industries: Artificial intelligence, cloud computing, fintech, consumer technology, software
- Funding Landscape: $50.5 billion in venture capital funding in 2024 (Pitchbook)
- Notable Investors: Sequoia Capital, Andreessen Horowitz, Bessemer Venture Partners, Greylock Partners, Khosla Ventures, Kleiner Perkins
- Research Centers and Universities: Stanford University; University of California, Berkeley; University of San Francisco; Santa Clara University; Ames Research Center; Center for AI Safety; California Institute for Regenerative Medicine
