Sr. Security Engineer, Incident Response

Navan


Job Location:

San Francisco, CA - USA

Monthly Salary: Not Disclosed
Posted on: Yesterday
Vacancies: 1 Vacancy

Job Summary

At Navan you will serve as the technical lead for our incident response lifecycle driving the containment and remediation of security threats across our multi-cloud infrastructure products and operational environments. You will balance hands-on technical investigations with the leadership required to coordinate response efforts leveraging a modern security stack to protect our global travel and expense platform.

What Youll Do:
  • Incident Response Leadership: Act as the primary Incident Lead during high-severity events. Own the end-to-end response lifecycle: driving triage containment evidence capture and post-incident root-cause analysis.
  • Automation & SOAR Engineering: Use Tines to build and design workflows that automate triage enrichment and containment actions significantly reducing operational toil and improving time-to-contain.
  • Detection & Endpoint Monitoring: Manage and fine-tune detection rule lifecycles utilizing CrowdStrike EDR and SIEM/SOAR capabilities to maintain high-precision low-latency coverage against modern adversary tradecraft.
  • Data Protection & Visibility: Monitor and respond to data risks across endpoints identity and SaaS applications using Cyberhaven DLP. Identify gaps in IAM and vulnerability management and advocate for direct fixes.
  • Architecture Partnership: Partner with infrastructure owners to ensure new systems ship across all cloud environments with the right telemetry encryption authentication and response playbooks from day one.
  • Emergent Threats: Evaluate and design response strategies for frontier security concerns such as automated agents or bots operating across infrastructure at scale.
  • On-Call Rotation: Actively participate in the scheduled Incident Response on-call rotation ensuring reliable coverage and operational readiness for emergent threats.

What Were Looking For:

  • 5 years of experience in a dedicated Incident Response SOC or Security Engineering role with a proven track record of leading high-severity incident containment in fast-paced environments
  • Strong familiarity with the MITRE ATT&CK framework modern adversary tactics techniques and procedures (TTPs) and common attack vectors targeting SaaS platforms
  • Proven experience managing and tuning detection logic within CrowdStrike Falcon (or equivalent enterprise EDR/XDR) and enterprise SIEM platforms.
  • Excellent leadership skills with the ability to remain calm under pressure coordinate cross-functional teams (Engineering Legal PR) and clearly communicate complex technical risks to stakeholders.

Required Experience:

Senior IC

At Navan you will serve as the technical lead for our incident response lifecycle driving the containment and remediation of security threats across our multi-cloud infrastructure products and operational environments. You will balance hands-on technical investigations with the leadership required t...

About Company

Streamline your corporate travel management and expense processes in one app. Save time, gain efficiency, and reduce costs with this powerful, all-in-one solution.

View Profile View Profile