Senior Software Engineer, Cloud Identity
Build and operate Temporal Cloud's identity platform including OAuth 2.0/OIDC, SAML auth, RBAC authorization, and workload identity integrations with enterprise IdPs. Requires 5+ years building production auth systems and strong Go proficiency.
What You'll Do
- Build and improve core parts of Temporal Cloud's identity platform — authentication (OAuth 2.0/OIDC, SAML), authorization (RBAC and policy-based access), and workload identity
- Keep the auth path fast and reliable to meet Temporal Cloud's SLOs through caching, token handling, and revocation strategies
- Integrate with enterprise identity providers (Okta, Entra ID, Google Workspace) and support user provisioning (SCIM), with attention to common identity threats such as token replay and privilege escalation
- Partner with Security, Product, and platform teams to ship secure-by-default patterns and contribute to IAM lifecycle and audit practices
- Write clear architecture and design docs, and contribute to the team's technical direction
What You'll Bring
- Solid hands-on experience building and operating production identity or auth systems — OAuth 2.0/OIDC, SAML, JWT, and token/key rotation
- Good understanding of authorization models (RBAC, ABAC); familiarity with policy engines like OPA, Cedar, or OpenFGA is a plus
- Experience operating distributed systems in production, including some on-call responsibility
- Proficiency in Go; experience with Python, Java, or Rust is a plus
- Strong communication skills and the ability to collaborate across security, product, and engineering teams
Nice to Have
- Exposure to workload identity or short-lived / federated credentials (SPIFFE/SPIRE, mTLS, WIF)
- Experience with SCIM provisioning and enterprise SSO integrations
- Contributions to identity OSS projects (Keycloak, Ory, Dex, OpenFGA, SPIRE)
- Familiarity with compliance frameworks (SOC 2, ISO 27001, HIPAA) as they apply to IAM
- Familiarity with Temporal or other durable-execution engines, especially auth implications around workers and task queues
- Experience designing customer-facing API auth (scoped tokens, API keys, rotation)
Compensation
- Base Salary Range: $212,000 to $237,000
- Equity Options: Eligible for stock options as part of Temporal's equity plan
Benefits
- Unlimited PTO, 12 Holidays + 2 Floating Holidays
- 100% Premiums Coverage for Medical, Dental, and Vision
- AD&D, LT & ST Disability, and Life Insurance
- Empower 401K Plan
- $3,600 / Year Work from Home Meals
- $1,800 / Year Professional Enrichment
- $1,200 / Year Lifestyle Spending Account
- $1,000 / Year In-Home Office Setup
- $74 / Month Reimbursement for Internet
- Calm App Subscription for Mental Health & Wellness
Senior Security Engineer
Senior Security Engineer building proactive, automated security systems including SOAR/SIEM workflows, AI agents, vulnerability management, and cloud hardening for a fast-growing sports prediction market platform.
Senior Security Engineer, Cloud, AI, Product Security
Senior Security Engineer responsible for identifying infrastructure and product risks, defining remediation roadmaps, and building scalable secure engineering systems. Requires 5+ years in security engineering and strong IaC and code review experience.
Senior Software Engineer
Senior Software Engineer on the Core Cryptography team building and operating Tier-0 cryptographic infrastructure including MPC systems that secure 99% of customer assets. Requires 5+ years building highly available distributed systems and experience with applied cryptography, KMS/HSMs, and systems languages (Golang-heavy).
Security Engineer - Product
Lead product security for a fintech credit card infrastructure platform. Own API security, auth strategy, fraud primitives, secure SDLC, and compliance for partner-facing services. Hands-on engineering role reporting to Head of Engineering.