Our Story

When the SolarWinds and Codecov breaches unfolded, we were driving CI/CD security initiatives at our previous employers. The glaring lack of security in CI/CD pipelines that these incidents highlighted compelled us to start StepSecurity. We looked around, spoke with peers, and realized there was no solution to prevent such CI/CD attacks.

So, a couple of years back, we started building our product in the open and offered it for free to help secure CI/CD pipelines for open-source developers. Little did we know that it would be the beginning of something special.

The Founders

StepSecurity is driven by a team of seasoned security professionals who have built hyper-scale security functions at Microsoft, Uber, and Plaid. We are on a mission to build the best CI/CD security platform.

Varun Sharma

CEO & Co-Founder

View LinkedIn

Ashish Kurmi​

CTO & Co-Founder

View LinkedIn

Careers

We're hiring

If you want real ownership and direct impact on how thousands of organizations secure their software supply chain, come build it with us.

Account Executive

United States (Remote)

Own new business across our SMB and mid-market segments. Source, qualify, and close full-cycle deals with security and engineering leaders, partnering with SDR and Solutions Engineering to build pipeline.

Apply on LinkedIn →

Solutions Engineer

United States (Remote)

Own the technical relationship with customers from first demo through onboarding and success. Run demos, support POCs, lead security assessments, and work closely with the founders and sales team.

Apply on LinkedIn →

Founding Customer Success Engineer

United States (Remote)

Own technical onboarding and troubleshooting for our enterprise customers end to end. A deeply technical, hands-on role focused purely on adoption — no renewals or commercial conversations.

Apply on LinkedIn →

Founding Customer Success Engineer

India (Remote)

Own technical onboarding and troubleshooting for our enterprise customers end to end. A deeply technical, hands-on role focused purely on adoption — no renewals or commercial conversations.

Apply on LinkedIn →

Software Engineer

United States (Remote)

Design and build backend services in Golang that power our supply chain security platform. Own scalable, fault-tolerant systems end to end in a fast-moving, zero-to-one environment.

Apply on LinkedIn →

Software Engineer

India (Remote)

Design and build backend services in Golang that power our supply chain security platform. Own scalable, fault-tolerant systems end to end in a fast-moving, zero-to-one environment.

Apply on LinkedIn →

Backed by leading VCs

Meet Our Angels

Anmol Malhotra

Head of Product Security, Coinbase

Ash Devata

CEO, GreyNoise

Ashish Popli

CISO, Spotnana

David Cross

Venture Partner, Rain Capital

Deepen Desai

CSO, Zscaler

Kamal Shah

CEO, Prophet Security

Lucas Moody

SVP & CISO, Alteryx

Prabhdeep Singh

CEO, Neonomic

Rinki Sethi

VP & CISO, Bill.com

Sekhar Sarukkai

Co-Founder, Skyhigh Networks

Travis McPeak

CEO, Resourcely

Our Values

Customer Obsession

We put the customer at the heart of everything we do, building our strategies around their needs. While acknowledging competitors, our focus is on earning and maintaining customer trust through consistent service.

Ownership

We value agility in our decisions, understanding that quick, well-considered actions drive progress. We embrace calculated risks and acknowledge that many decisions can be reversed, allowing us to maintain momentum.

Trust

We foster a culture of reliance, where trust in colleagues is foundational. We believe in collaboration, recognizing that teamwork strengthens our ability to succeed together.

Remediate

We think ahead and consider company's long-term goals, not just immediate wins. We take initiative beyond our immediate team, recognizing that each decision impacts the entire organization.