Detection And Response Engineer

At Navan, you will build and evolve Detection & Response (D&R) capabilities across our infrastructure, products, and research environments. This role focuses on high-signal detection and reliable operational response to ensure the security of our global travel and expense platform.

What You'll Do:

• Detection Engineering: Build and manage the lifecycle of detection rules, focusing on measurement/quality loops (coverage, precision, latency) and safe rollout patterns.
• Automated Response: Build workflows that reduce toil (triage, enrichment, containment) using SIEM tools (e.g., Splunk, Sentinel), EDR/XDR, and automation to improve time-to-contain.
• Incident Management: Actively participate in the Incident Response lifecycle. You will detect, analyze, and remediate security threats and participate in a scheduled on-call rotation.
• Secure Architecture: Partner with infrastructure owners to ensure new systems ship with the right telemetry, encryption, authentication, and response playbooks from day one.
• Visibility & Governance: Drive visibility across endpoints, identity, SaaS, and cloud; identify gaps in IAM and vulnerability management and advocate for direct fixes.
• Emergent Threats: Evaluate and respond to frontier security concerns, such as detection strategies for automated agents operating across infrastructure at scale. 

What We're Looking For:

• Technical Foundation: Deep knowledge of network, cloud, and endpoint security, with hands-on experience in firewalls and vulnerability management.
• Operational Experience: Direct experience in Incident Response (IR). You are comfortable performing log analysis, threat hunting, and forensics while applying the MITRE ATT&CK framework.
• Threat Modeling: Ability to evaluate new features, identify "what could go wrong," and turn those risks into concrete telemetry and response requirements.
• Multi-Cloud Proficiency: Experience across major platforms (Azure, AWS, GCP, OCI) and the ability to design cloud-agnostic detection approaches.
• Automation Mindset: Passion for replacing repetitive work with automation and scripting; you enjoy using AI/agent tooling to accelerate investigations.