About StepSecurity

StepSecurity prevents, detects, and responds to software supply chain attacks by analyzing behavior across the full software development lifecycle for both developers and AI coding agents. We are building a vertical AI agent for supply chain security across three pillars: securing AI agents on developer machines, OSS package security, and CI/CD security, covering the entire agentic pipeline from dev environment to cloud.

Founded by Varun Sharma (ex-Microsoft, 21 years, led supply chain security for Azure) and Ashish Kurmi (ex-Uber, Microsoft, Plaid, 17 years), we are a 16-person team working on hard problems at the intersection of security, AI, and open source.

Why this role is exciting

• We are at the forefront of supply chain security research and product development. We were the first to detect several major supply chain attacks in 2025 and 2026, including the axios npm compromise and tj-actions. (https://www.stepsecurity.io/newsroom)
• Our research is regularly cited by Bloomberg, TechCrunch, Hacker News, and Dark Reading. The US Cybersecurity and Infrastructure Security Agency (CISA) has published advisories citing StepSecurity. (https://www.cisa.gov/news-events/alerts/2025/09/23/widespread-supply-chain-compromise-impacting-npm-ecosystem)
• Beyond our enterprise customers, StepSecurity has been adopted by more than 15,000 open-source projects, including projects from Microsoft, Google, Amazon, and Datadog.
• This is our second Solutions Engineering hire. You will help define how the function operates and have direct, daily impact on how customers experience StepSecurity.

About the role

As an early Solutions Engineer at a young startup, you will work across the entire stack, from presales to post sales. You will own the technical relationship with customers from the first demo through onboarding and ongoing success, and you will work very closely with the founders and the sales team.

What you'll do

• Run customer demos and clearly communicate the technical value of our platform.
• Answer technical questions and support customers throughout proof-of-concept (POC) evaluations.
• Lead vendor security assessments and respond to customer security and compliance requirements.
• Build onboarding plans and guide customers through onboarding and implementation.
• Troubleshoot customer issues and serve as a trusted technical point of contact.
• Drive customer education and enablement so customers get lasting value from the product.
• Partner closely with the founders and sales team to shape how we sell, onboard, and support customers.

What we're looking for

• 2–5 years of experience in a solutions engineering, sales engineering, technical account management, or similar customer-facing technical role.
• Strong technical foundation, with the ability to run demos, support POCs, and troubleshoot real customer problems.
• Familiarity with CI/CD, DevOps, cloud platforms (AWS, Azure, or GCP), or application/software security.
• Comfort leading vendor security assessments and engaging with customer security teams.
• Excellent communication skills, with the ability to explain technical concepts to both engineers and decision-makers.
• Prior early-stage startup experience and comfort in a hands-on, zero-to-one environment.
• An AI-native mindset.
• A security background is a plus but not required.