Golang Backend Engineer

About StepSecurity StepSecurity, a US-based cybersecurity startup prevents, detects, and responds to software supply chain attacks by analyzing behavior across the full software development lifecycle for both developers and AI coding agents. We are building a vertical AI agent for supply chain security across three pillars: securing AI agents on developer machines, OSS package security, and CI/CD security, covering the entire agentic pipeline from dev environment to cloud. We are a 16-person team, founded by Varun Sharma (ex-Microsoft, 21 years, led supply chain security for Azure) and Ashish Kurmi (ex-Uber, Microsoft, Plaid, 17 years). About the Job We are seeking backend engineers to build and maintain our CI/CD security platform's backend systems and components (GitHub Actions). This high-impact role involves setting best practices and owning engineering processes, with contributions used by thousands of developers globally. Our primary languages are Golang and Node.js. Requirements - 2–5 years of experience, strong engineering fundamentals (cyber security background not mandatory), AI-native mindset, comfortable with a hands-on zero-to-one environment. We use Golang as our primary language. - Must-haves: Golang backend programming; AWS/Azure/GCP background; scalable/fault-tolerant system design. - For all engineering positions, prior early-stage startup experience is a must-have requirement. - Bachelor’s or Master’s degree in Computer Science, Engineering, or a related field. - Solid understanding of software development principles, design patterns, and best practices.Expertise in building scalable and fault-tolerant systems. - Strong collaborative and problem-solving skills. - Self-motivated, creative thinker with a drive for continuous improvement. - Experience in a startup or high-impact, outcome-driven environment. Location India remote. Candidates should be able to overlap a few hours with Pacific Time (PT) when working on urgent customer issues as required. Responsibilities - Design, develop, and maintain robust, scalable software solutions. - Architect and implement CI/CD components (GitHub Actions). - Deliver features incrementally in quick iterations. - Write clean, efficient, and maintainable code following industry best practices. - Conduct code reviews and provide constructive feedback. - Troubleshoot and debug complex software issues promptly. Why Join Us - StepSecurity is at the forefront of supply chain security research and product development. We were the first to detect several major supply chain attacks in 2025 and 2026 such as the axios npm compromise, tj-actions, etc (https://www.stepsecurity.io/newsroom) - Our research and findings are regularly cited by major publications such as Bloomberg, TechCrunch, Hacker News, and Dark Reading. The Cybersecurity and Infrastructure Security Agency (CISA), the primary cybersecurity agency for the US federal government, has published several cybersecurity advisories citing StepSecurity (e.g., https://www.cisa.gov/news-events/alerts/2025/09/23/widespread-supply-chain-compromise-impacting-npm-ecosystem) - In addition to having several enterprise customers, StepSecurity has been adopted by more than 15,000 open-source projects, including projects from Microsoft, Google, Amazon, Datadog, and others. - Engineers joining now get to work on hard, high-impact problems at the intersection of security, AI, and open source, with meaningful equity upside at an early stage. Skills:- Go Programming (Golang), Amazon Web Services (AWS) and CI/CD