Security Governance Analyst

Benefits

Parental leave

Not verified

Non-birth-parent leave

Not verified

Family-building benefits

• Fertility benefits: Not verified
• Adoption assistance: Not verified
• Surrogacy assistance: Not verified

Mental health support

Not verified

Relocation assistance

Not verified

Childcare support

Not verified

Learning budget

Not verified

Verification

Not verified

Salary

Not verified

Was this benefit information wrong? Tell us.

Schedule

Shift type

Not verified

Weekend work

Not verified

Company

Company stage

Public-company Verified - from the job posting source checked Jun 20, 2026

Equity

Offered Verified - SEC 10-K source checked Jun 20, 2026

Application

Cover letter

Not verified

Assessment

Not verified

Deadline

Not stated

Where they hire

State eligibility is not yet verified.

About this role

Security Governance Analyst London, UK Navan is looking for a Security Governance & Awareness Analyst to join our team and execute the day-to-day operations of our security awareness programs and policy management lifecycle. You will own the operational delivery of phishing simulations, targeted training campaigns, and policy review cycles-focusing on defending against modern threats like AI-generated social engineering while maintaining our regulatory and compliance posture. Sitting at the intersection of Security Culture and Compliance, you will be responsible for operational execution while collaborating closely with your manager on program strategy. This is a role for someone with strong program management skills, excellent communication abilities, and an eye for detail-with increasing emphasis on leveraging AI tools to amplify impact and efficiency. What You'll Do: Security Awareness Operations: Lead the day-to-day execution of phishing simulations and mandatory training, focusing on modern threats like AI-generated social engineering, deepfake audio/video, and sophisticated LLM-based phishing. Targeted Training Programs: Develop and deliver specialized training for high-risk employee groups (e.g., Helpdesk, Sales, Call Centers) to defend against account takeover, identity verification bypass, and customer data targeting. Policy Lifecycle Management: Own the operational cycle for all security policies, standards, and procedures-ensuring documents are reviewed, updated, and published on schedule with proper version control and stakeholder feedback. Compliance Documentation: Maintain the centralized policy repository and ensure policies align with SOC 2, ISO 27001, PCI-DSS, and evolving AI governance standards for audit readiness. Security Communications: Design and distribute internal security alerts, manage the security and compliance newsletter, and create engaging

Read the full description at navan.com. FewerJobs shows a preview and links to the original posting.