StepSecurity

About StepSecurity:

StepSecurity is a US-based cybersecurity startup focused on building the best Continuous Integration (CI) / Continuous Deployment (CD) security platform. With 30+ years of combined industry experience, our founders have built cybersecurity functions at companies like Microsoft, Uber, and Plaid. We are well-funded by Tier 1 VCs with deep expertise in cybersecurity and SaaS. Industry leaders like Google, Microsoft, AWS, and DataDog trust our platform to secure their CI/CD pipelines. Based in Seattle, Washington, we embrace a remote-first culture with flexible remote working opportunities. We take pride in our open-source contributions and a collaborative team environment. 

Why Join StepSecurity? 

• High Impact: Be part of a startup where your work directly impacts developers worldwide, including teams at leading organizations. 
• Innovative Work: You'll be building a cutting-edge CI/CD cybersecurity product used by thousands of developers globally. 
• Growth Opportunity: As an early team member, you’ll influence the company's technical direction and growth trajectory. 
• Open-Source Focus: Contribute to the open-source ecosystem while shaping the security standards of CI/CD pipelines

Role Description:

We seek full-time founding engineers with a background in NodeJS and Typescript to build and maintain our CI/CD security platform’s backend systems and components (GitHub Actions). This high-impact role involves setting best practices and owning engineering processes, with contributions used by thousands of developers globally. You will primarily help StepSecurity build a large marketplace of StepSecurity Maintained Actions. All StepSecurity Maintained Actions are open-source, and you will mainly be making open-source contributions. 

Responsibilities:

- Onboard new Maintained Actions. 

- Maintain existing Maintained Actions to make sure that they are free of known vulnerabilities. 

- Implement mature engineering processes to manage a large number of StepSecurity Maintained Actions.   

- Architect and implement GitHub Actions CI/CD components. 

- Deliver features incrementally in quick iterations. 

- Write clean, efficient, and maintainable code following industry best practices. 

- Conduct code reviews and provide constructive feedback. 

- Troubleshoot and debug complex software issues promptly. 

Qualifications: 

- 2 to 5 years of enterprise hands-on backend experience. 

- Proficiency in NodeJS & TypeScript. 

- Experience in other languages such as Golang and Python is a plus. 

- Bachelor’s or Master’s degree in Computer Science, Engineering, or a related field. 

- Solid understanding of software development principles, design patterns, and best practices. 

- Strong collaborative and problem-solving skills. 

- Self-motivated, creative thinker with a drive for continuous improvement. 

- Experience in a startup or high-impact, outcome-driven environment. 

About the Company:

StepSecurity provides an industry-leading CI/CD security platform, trusted by over 4,000 open-source repositories, including those from Google, Microsoft, Amazon, and DataDog. Several enterprise customers also rely on StepSecurity to secure their CI/CD pipelines and infrastructure.

About the Role:

A key part of this role is to reach all relevant security and DevOps engineers and make them aware of StepSecurity and our value prop. Creating in depth tutorials on using the product (which can be fairly technical) and writing blogs about different aspects of CI/CD security will be few of the key things you will be working on. For context, checkout our current blogs here https://www.stepsecurity.io/blogs  

We believe creating content which people care about is fundamentally about telling good stories. Stories of what we stand for as a company, where StepSecurity stands as a product, how users can benefit from it, how we build the product. Everything is a story waiting to be told. 

What Will You Be Doing?

• Collaborate with the founders to build a content strategy supporting both open-source and enterprise StepSecurity customers.
• Create blog articles/tutorials covering product features and usage.
• Develop SEO-optimized content to capture Google traffic.
• Maintain StepSecurity’s technical documentation: https://docs.stepsecurity.io/
• Update READMEs for StepSecurity’s open-source repositories.
• Create video tutorials or documentation addressing common user issues.
• Organize and drive StepSecurity webinars.
• Identify content gaps and produce material to address them.
• Draft conference proposals.
• Work closely with founders to boost engagement with open-source and enterprise customers.

Possible Content Types

• Blog posts
• Technical documentation
• Case studies on how our current users are utilizing StepSecurity
• Tutorials to explain how users can achieve specific use cases

Who Would Be a Good Fit?

• 2+ years working as a Software developer or security engineer and has interest in explaining deep technical concepts in simple language. 
• Hands-on experience using and developing content for Dev tools or enterprise cybersecurity products. 
• Knowledge of CI/CD, security, and DevOps are required. 
• Passion for technical marketing, dev advocacy or product management 
• A flair for writing and growth mindset 

About the Interview

Our process involves a short initial exploratory chat, followed by 2 to 3 interviews/discussions. The aim is for both sides to learn more about each other. The process includes:

• A written assignment where you will be asked to write a tutorial on a technical topic.
• A discussion over a call with the founders.

About the Role

StepSecurity is a pioneering cybersecurity startup focused on securing CI/CD pipelines. Our mission is to help developers safeguard their software supply chains by offering robust security solutions tailored to modern development practices.

In a short span, StepSecurity has garnered significant traction within the developer community, making strides in enhancing the security of CI/CD pipelines globally.

About the Role

This role is integral to amplifying StepSecurity's presence among enterprises and conveying our unique value proposition. The creation and distribution of compelling content across channels frequented by technical and economic buyers are paramount.

We believe that impactful content stems from compelling storytelling. Stories about our company's mission, the evolution of StepSecurity, user benefits, and product development are all narratives waiting to be shared.

The primary responsibility of this role is to extract these stories from our team and present them in an engaging manner to our audience. Ensuring that the content resonates with developers and reaches them through the right channels is crucial.

Why Us?

• Opportunity to work with a leading cybersecurity startup.
• Engage with a passionate community and evangelize a transformative product.
• Supported by prominent VCs and industry leaders.
• Fully remote work environment with no office constraints.

What Will You Be Doing

• Identify content gaps and create targeted content to fill them. Potential content types include website content, blog posts, YouTube videos, email newsletters, social media posts, case studies, and tutorials.
• Discover the best channels to reach developers and generate interest through strategic content creation.
• Develop and implement strategies to drive community engagement and product usage growth.
• Disseminate content across relevant forums and communities.

Who Would Be a Good Fit

• 2+ years of experience in product marketing/growth roles. Ideal experience range: 2-5 years.
• Familiarity with tools and terminologies used by developers.
• A background in software engineering is a significant advantage.
• Strong writing skills and a growth-oriented mindset.
• Ability to explain complex technical concepts in a simple, engaging manner.
• We value entrepreneurial spirit. If you have experience as a startup founder or are between ventures, we encourage you to apply.

Who May Not Be a Good Fit

• Candidates who are fresh out of college.
• Those lacking experience with developer-focused products.
• Professionals with only B2C growth/marketing experience.