StepSecurity
https://stepsecurity.ioAbout
StepSecurity is dedicated to enhancing CI/CD security by providing solutions to prevent pipeline attacks. Founded by seasoned security professionals with experience at Microsoft, Uber, and Plaid, StepSecurity addresses the security gaps highlighted by major breaches like SolarWinds and Codecov.
Founders:
- Varun Sharma: CEO & Co-Founder, formerly at Microsoft.
- Ashish Kurmi: CTO & Co-Founder, with experience at Plaid, Uber, and Microsoft.
Advisors:
- Sekhar Sarrukai, David Cross, Gagan Gulati, Jordan Harband, Ram Shankar Siva Kumar.
Investors:
StepSecurity is backed by leading VCs and notable angel investors, including Anmol Malhotra (Coinbase), Ash Devata (GreyNoise), and David Cross (Rain Capital).
Funding raised: $3M - Seed Funding
For more detailed information, visit - https://www.stepsecurity.io/team
Tech stack
Go Programming (Golang)
Amazon Web Services (AWS)
NodeJS (Node.js)Candid answers by the company
StepSecurity provides a comprehensive security platform for GitHub Actions
Product showcase
Photos
Company social profiles
Jobs at StepSecurity
Go Programming (Golang)Amazon Web Services (AWS)About StepSecurity
StepSecurity, a US-based cybersecurity startup prevents, detects, and responds to software supply chain attacks by analyzing behavior across the full software development lifecycle for both developers and AI coding agents. We are building a vertical AI agent for supply chain security across three pillars: securing AI agents on developer machines, OSS package security, and CI/CD security, covering the entire agentic pipeline from dev environment to cloud.
We are a 16-person team, founded by Varun Sharma (ex-Microsoft, 21 years, led supply chain security for Azure) and Ashish Kurmi (ex-Uber, Microsoft, Plaid, 17 years).
About the Job
We are seeking backend engineers to build and maintain our CI/CD security platform's backend systems and components (GitHub Actions). This high-impact role involves setting best practices and owning engineering processes, with contributions used by thousands of developers globally. Our primary languages are Golang and Node.js.
Requirements
- 2–5 years of experience, strong engineering fundamentals (cyber security background not mandatory), AI-native mindset, comfortable with a hands-on zero-to-one environment. We use Golang as our primary language.
- Must-haves: Golang backend programming; AWS/Azure/GCP background; scalable/fault-tolerant system design.
- For all engineering positions, prior early-stage startup experience is a must-have requirement.
- Bachelor’s or Master’s degree in Computer Science, Engineering, or a related field.
- Solid understanding of software development principles, design patterns, and best practices.Expertise in building scalable and fault-tolerant systems.
- Strong collaborative and problem-solving skills.
- Self-motivated, creative thinker with a drive for continuous improvement.
- Experience in a startup or high-impact, outcome-driven environment.
Location
India remote. Candidates should be able to overlap a few hours with Pacific Time (PT) when working on urgent customer issues as required.
Responsibilities
- Design, develop, and maintain robust, scalable software solutions.
- Architect and implement CI/CD components (GitHub Actions).
- Deliver features incrementally in quick iterations.
- Write clean, efficient, and maintainable code following industry best practices.
- Conduct code reviews and provide constructive feedback.
- Troubleshoot and debug complex software issues promptly.
Why Join Us
- StepSecurity is at the forefront of supply chain security research and product development. We were the first to detect several major supply chain attacks in 2025 and 2026 such as the axios npm compromise, tj-actions, etc (https://www.stepsecurity.io/newsroom)
- Our research and findings are regularly cited by major publications such as Bloomberg, TechCrunch, Hacker News, and Dark Reading. The Cybersecurity and Infrastructure Security Agency (CISA), the primary cybersecurity agency for the US federal government, has published several cybersecurity advisories citing StepSecurity (e.g., https://www.cisa.gov/news-events/alerts/2025/09/23/widespread-supply-chain-compromise-impacting-npm-ecosystem)
- In addition to having several enterprise customers, StepSecurity has been adopted by more than 15,000 open-source projects, including projects from Microsoft, Google, Amazon, Datadog, and others.
- Engineers joining now get to work on hard, high-impact problems at the intersection of security, AI, and open source, with meaningful equity upside at an early stage.
Similar companies
About the company
We’re a UI/UX design company, super-powering businesses by crafting simple & delightful digital experiences.
We are designers, artists, creators, researchers, visualizers and observers; well a bunch of driven individuals with creative minds, working together as User Interface and User Experience Designers!
At Monsoonfish, we believe in working in an environment that suits each teammate, makes them feel comfortable and encourages them to become a better version of themselves at work and beyond. Our agency culture is open, liberal, accepting, outgoing, driven, focused, and the one that values work-life balance.
Jobs
9
About the company
About Us
Incubyte is an AI-first software development agency built on the principles of software craftsmanship—where how we build is just as important as what we build. We partner with organizations across stages, from enterprises looking to scale and modernize to early-stage founders bringing new ideas to life.
At Incubyte, AI is deeply integrated across the software development lifecycle to drive speed, efficiency, and smarter outcomes. Guided by Software Craftsmanship values and Extreme Programming practices, we combine high velocity with disciplined engineering to deliver reliable, high-impact solutions.
We don’t just build software—we incubate dedicated engineering teams. From designing systems to shaping team structures and organizational strategy, we enable our clients to launch and scale products that are relevant today and resilient for the future.
Whether you’re scaling an existing product, building from scratch, or optimizing manual processes, we help you move faster with confidence:
- Scale and modernize your product
- Launch quickly and iterate continuously
- Automate processes for non-linear growth
- Build systems that are stable, predictable, and measurable
Our approach is rooted in ownership. As a DevOps-driven organization, our engineers take responsibility for the entire lifecycle—from development to release—ensuring quality at every step.
Founded by product professionals, we bring a strong product mindset into services. We’re driven by curiosity, continuous learning, and a passion for building great software the right way.
We’re always looking for people who care deeply about code, craftsmanship, and growth. Join us if you’re excited to build, learn, and make an impact.
Jobs
7
About the company
Deep Tech Startup Focusing on Autonomy and Intelligence for Unmanned Systems. Guidance and Navigation, AI-ML, Computer Vision, Information Fusion, LLMs, Generative AI, Remote Sensing
Jobs
4
About the company
Jobs
6
About the company
Jobs
0
About the company
Jobs
8
About the company
We're Inferentics, an early-stage funded B2B EdTech startup building AI-powered exam analytics infrastructure for CBSE schools across India. Our core product ingests student exam data and turns it into diagnostic insights and recommended actions for teachers, HODs, and principals.
We have a live product, real school partners, and real data. Now we're building the team that takes us to scale.
We’re on a mission to improve learning outcomes for students in emerging markets. By partnering with schools we transform exam data into personalised learning paths for each student, tailored to their unique learning gaps.
Jobs
0
About the company
Kris replaces fragmented outbound with one intelligent sales window. Signal-based prospecting, prioritization & outreach. 15× more qualified meetings at 1/3 the cost.
Jobs
2
About the company
We are building the Operating System for Talent. At FAIHR, we believe the talent market has a clarity problem. People struggle to understand their strengths and career direction, while organizations rely on signals that reveal only a fraction of a person’s true potential. Through ReflectEngine™, our reflection-aware AI, we help individuals gain clarity about how they think, work, and grow, and help organizations uncover potential beyond keywords and resumes.
With FAIHR OS™, we bring together career clarity for individuals and intelligence for organizations in one unified platform. By combining verified data with behavioral and growth insights, we enable people to communicate their potential with confidence and help companies make more informed talent decisions. We are building the clarity layer the talent ecosystem has been missing.
Jobs
2
About the company
Jobs
2
