Staff Product Security Engineer

Navan

Hybrid

Quick summary

Work type
Hybrid
Location
Salary
$135,000–$300,000 / yr
Posted
9 days ago

Market check

Salary context

Above market

How this pay compares to similar roles

Similar $188k
This role $218k
$115k most similar roles pay here $320k

This role pays more than 75% of similar roles. Most pay $157,125–$219,031 — the shaded band above. At the midpoint, this role pays about $218k versus about $188k for comparable roles.

Based on 240 similar postings.

Employer

About Navan

Navan (formerly TripActions) is a travel and expense management platform that provides corporate travel booking, expense management, and card solutions to simplify business travel for enterprises. Industry: Travel Management & Financial Technology

Navan currently has 9 open roles on FindRole.

Most-posted roles

View all roles at Navan

At a glance

TL;DR · Staff Product Security Engineer

Role Posting Log in to save

As a Staff Product Security Engineer at Navan, you will join the Director of Product Security and Security Engineering’s team to lead the development and scaling of an application security program. Your daily responsibilities include serving as the architectural lead for high-priority initiatives, conducting threat modeling, recommending remediations, and developing custom automated security solutions. You will also mentor junior engineers, integrate security testing tools into CI pipelines, and provide training early in the software development lifecycle to foster a ‘shift left’ culture. The role requires expertise in cloud environments like AWS, application security testing tools, infrastructure as code with Terraform, Java Spring Framework, Docker, Kubernetes, Jenkins, GitHub, and Jira, along with deep knowledge of common security threats and secure SaaS architecture in containerized microservices. This position demands advanced technical leadership and strong communication skills to influence all levels of the organization, ensuring continuous product security for Navan’s customer-facing products and internal tools.

Skills

AWS Terraform Docker Kubernetes Jenkins GitHub Java Spring Framework Hibernate Angular SAST DAST IAST SCA Jira CI/CD PostgreSQL MySQL Redis OAuth OpenID Connect JWT RESTful APIs JSON Web Tokens

What you'll do

  • Lead the expansion and maturation of the S-SDLC program across the organization.
  • Review product designs for security defects, perform threat modeling, and recommend remediations.
  • Develop custom automated security solutions to integrate into development pipelines.
  • Provide training and guidance on security best practices early in the SSDLC.
  • Cultivate a culture of security ownership within product teams and engineering groups.
  • Identify and mitigate security vulnerabilities proactively across Navan’s customer-facing products.

What we're looking for

  • 8+ years of experience in Technical Product Security with significant impact on SSDLC.
  • Proven expertise in threat modeling, architecture reviews, and penetration testing for complex applications.
  • Strong track record of delivering critical product security initiatives across the organization.
  • Experience mentoring junior engineers and leading cross-functional technical projects.
  • Deep knowledge of cloud environments (AWS), application security tools, and CI/CD pipelines.
  • Proficiency with Java Spring Framework, JavaScript/CSS, Angular, Docker, Kubernetes, and Terraform.

Related searches

More Staff Product Security Engineer jobs All jobs at Navan

More like this

Similar roles

Staff Product Security Engineer

Okta Inc

San Francisco, CA 24 days ago $180,000$247,000
Python Go Java TypeScript C CI/CD LLM SAST DAST SCA Fuzzing OIDC OAuth 2.0 SAML Kubernetes Terraform GitHub GitLab Jenkins Prometheus Grafana AWS Azure Google Cloud Platform PostgreSQL MongoDB Redis Linux Windows Server Docker
Hybrid
Save

Staff Product Security Engineer

Reddit

Remote 24 days ago $217,000$303,900
Python Go JavaScript TypeScript CI/CD Kubernetes Docker Prometheus Grafana AWS PostgreSQL Git Swagger OAuth OpenAPI
Remote
Save

Product Security Engineer, Staff

Qualcomm

San Diego, CA 19 days ago $149,600$224,400
Ghidra IDA Binary_Ninja Linux Android Fuzzing Pen-testing LLVM Hypervisors Containers Secure_code_review Threat_modeling Exploit_mitigation_techniques CDMA GSM UMTS LTE WLAN Bluetooth NFC Zephyr QNX
Save

Staff Engineer, Product Security

GEICO

Remote (Seattle, WA) +3 25 days ago $110,000$230,000
CI/CD GitHub Actions Azure DevOps Python Java Golang SAST DAST SCA container scanning automated threat modeling Cosmos SQL MySQL MongoDB DevOps OWASP Top 10 NIST CSF PCI-DSS
Remote
Save

Staff Security Engineer

CVS Health

Remote 58 days ago $130,295$260,590
Python SQL AWS GCP Azure Splunk ELK LogRhythm QRadar Sentinel Chronicle CI/CD Databricks HTML JavaScript CSS
Remote
Save