What You'll Do

• GRC Automation: Build and maintain automated workflows for risk assessments and audit evidence collection using modern APIs and AI coding assistants.
• Compliance-as-Code: Implement automated integrations (e.g., Tines, AWS Lambda) to monitor technical controls against frameworks like SOC 2, ISO 27001, and NIST CSF.
• Data Visualization: Develop and maintain real-time dashboards in tools like ThoughtSpot to provide visibility into security posture and compliance metrics.
• Program Automation & Integration: Build integrations between GRC platforms, awareness tools, and business systems—automating policy acknowledgments, training compliance tracking, evidence collection, and custom workflows where platform capabilities fall short.
• Technical Control Implementation: Translate security policies into technical control standards and automated validation scripts, ensuring policy requirements are continuously verified.
• Cross-Functional Collaboration: Partner with Legal, HR, and Engineering to collect technical requirements, build integrations, and ensure automated controls align with business needs.

What We're Looking For

• Experience: 4–6 years in GRC Engineering, Security Automation, or IT Compliance, with a track record of building automated solutions.
• Technical Proficiency: Comfortable writing and debugging code (Python, PowerShell, or JavaScript) and working with REST APIs/JSON structures.
• AI Tool Fluency: Active experience using AI tools (Gemini, GitHub Copilot, Claude, etc.) to accelerate coding, writing, and problem-solving.
• Cloud & Infra Knowledge: Hands-on experience with cloud environments (AWS or GCP) and serverless architectures (Lambda, Cloud Functions).
• GRC Platforms: Familiarity with tools such as Auditboard, Vanta, Drata, or Archer, particularly regarding API integrations.
• Framework Expertise: Working knowledge of SOC 2, ISO 27001, and NIST CSF, with the ability to translate requirements into technical controls.
• Operational Mindset: Proven ability to manage multiple concurrent engineering initiatives, from building compliance automations to developing policy management systems, in a fast-paced environment.
• Communication: Strong written and verbal skills to document technical implementations, collaborate with stakeholders, and translate business requirements into technical solutions.

About [Employer hidden — sign up to reveal]

[Employer hidden — sign up to reveal] (Nasdaq: NAVN) is the leading all-in-one business travel, payments, and expense management platform that makes travel easy for frequent travelers. From finding flights and hotels to automating expense reconciliation, with 24/7 support along the way, [Employer hidden — sign up to reveal] delivers an intuitive experience travelers love and finance teams rely on. See how [Employer hidden — sign up to reveal] customers benefit and learn more at [Employer hidden].com.

Founded in 2015 by Ariel Cohen and Ilan Twig as [Employer hidden — sign up to reveal], [Employer hidden — sign up to reveal] reported $613M in LTM revenue and $7.6B in LTM gross booking volume, each for the twelve months ended July 31, 2025.

Workplace Policy

[Employer hidden — sign up to reveal] believes in the value of in-person connections. Our employees work from the office four days a week. This policy applies to all roles tied to an office, including this London-based position.

Equal Opportunity

[Employer hidden — sign up to reveal] is an equal opportunity employer. We provide equal employment opportunity to all applicants and employees without discrimination. If you need assistance or accommodations due to a disability, email [Employer hidden — sign up to reveal].