Design and operate Temporal Cloud's identity and access platform, focusing on authentication and authorization systems while ensuring security and performance at scale.
About Us
Temporal is an open source programming model that can simplify code, make applications more reliable, and help developers focus on the important things like delivering features faster. We are on a mission to be the reliable foundation of every developer’s toolbox, and are building the team that will make that happen.
Our values guide us —they are present in how we show up, make decisions, and work together to make an impact. We’re curious, driven, collaborative, genuine and humble.
Temporal is growing and we are looking for those who share our values, challenge 'standard' thinking, and want to influence our future. If you have a passion for improving the developer experience, building world-class open-source software and communities, and want to be a part of our amazing team, we'd love to hear from you!
Summary
Temporal is hiring a Staff Software Engineer for Identity to design, build, and operate the identity and access platform behind Temporal Cloud — a multi-tenant SaaS serving high-throughput workloads. You'll own the systems that authenticate humans and workloads, authorize fine-grained access to namespaces and APIs, federate with customer IdPs, and distribute auth material to clients and workers at scale. This role partners closely with Security, Product, and platform teams to deliver "secure by default" capabilities without compromising developer or operator experience.
What You'll Do
- Design and build Temporal Cloud's identity platform end-to-end — authentication (OAuth 2.0/2.1, OIDC, SAML, token exchange), authorization (RBAC/ReBAC/policy engines), and workload identity federation — so customers and workloads authenticate without long-lived secrets
- Scale the auth hot path to meet Temporal Cloud's SLOs: in-memory auth bundles, JWKS caching, decision caching, and revocation strategies that keep latency low and eliminate single points of failure
- Integrate with enterprise IdPs (Okta, Entra ID, Google Workspace, SAML/OIDC), own SCIM 2.0 provisioning, and threat-model identity flows against token replay, confused deputy, scope escalation, and mix-up attacks
- Partner with Security, Product, and platform teams to ship secure-by-default patterns, define IAM lifecycle and audit strategies, and shape the technical roadmap by tracking emerging standards (IETF OAuth WG, OpenID Foundation)
- Mentor engineers, maintain clear architecture docs, and engage directly with customers to understand requirements and unblock adoption
What You'll Bring
- Deep hands-on experience building and operating production identity systems — OAuth 2.0/2.1, OIDC, SAML, JWT/JOSE, JWKS rotation, SCIM, and at least some exposure to workload identity (SPIFFE/SPIRE, WIF, mTLS, or short-lived federated credentials)
- Strong grasp of authorization at scale (RBAC, ABAC, ReBAC/Zanzibar) and familiarity with policy engines like OPA, Cedar, or OpenFGA
- Track record operating latency-sensitive distributed systems in production, including on-call ownership and operational excellence
- Proficiency in Go; experience with Python, Java, or Kotlin is a plus
- Strong communication skills with the ability to align stakeholders across security, product, and engineering and drive execution end-to-end
Nice to Have
- Contributions to identity OSS projects (Keycloak, Ory, Dex, OpenFGA, SPIRE) or standards bodies (IETF OAuth WG, OpenID Foundation)
- Experience with compliance frameworks (FedRAMP, SOC 2, ISO 27001, HIPAA) as they apply to IAM
- Familiarity with Temporal or other durable-execution engines, especially auth implications around workers and task queues
- Experience designing customer-facing API auth (scoped tokens, API keys, rotation UX) and building well-structured APIs
Compensation
- Base Salary Range - $212,000 to $286,000, depending on qualifications and location
- Equity Options - Eligible for stock options as part of Temporal's equity plan
Compensation ranges reflect salary and commission compensation (when applicable) across several geographic markets. Employment offers carefully consider multiple factors, including prior experience, knowledge, expertise, skillset, market location, and job level assessed during the interview process.
Employee benefits and perks below are for full-time employees, part-time or temporary positions are excluded.
U.S. Benefits
- Unlimited PTO, 12 Holidays + 2 Floating Holidays
- 100% Premiums Coverage for Medical, Dental, and Vision
- AD&D, LT & ST Disability, and Life Insurance (Standard & Supplemental Available)
- Empower 401K Plan
- Additional Perks for Learning & Development, Lifestyle Spending, In-Home Office Setup, Professional Memberships, WFH Meals, Internet Stipend and more!
International Benefits
Paid Time Off (PTO) and Benefits outside the United States vary by country, and are issued in partnership with Remote.com. Additionally, Temporal offers perks to all international employees for learning & career development, a lifestyle spending account, in-home office setup (in addition to company-issued hardware), professional memberships, work-from-home meals, and access to the Calm app for mental wellness.
Travel
Temporal is a globally distributed, collaborative team that values opportunities for in-person connection. Occasional travel may be required for company events, team offsites, and other meaningful moments that bring us together.
Additional Perks
- $3,600 / Year Work from Home Meals
- $1,800 / Year Professional Enrichment (Career Development & Professional Memberships)
- $1,200 / Year Lifestyle Spending Account
- $1,000 / Year In-Home Office Setup (In addition to Temporal issued equipment - laptop, monitor, keyboard, mouse, trackpad, and extension power cable at no cost to you)
- $74 / Month Reimbursement for Internet
- Calm App Subscription for Mental Health & Wellness
Temporal Technologies is an Equal Opportunity Employer. Temporal Technologies does not discriminate on the basis of race, religion, color, sex, gender identity, sexual orientation, age, non-disqualifying physical or mental disability, national origin, veteran status, or any other basis covered by appropriate law. All employment is decided on the basis of qualifications, merit, and business need. We embrace and celebrate differences and diversity.
Temporal is committed to providing access, equal opportunity, and reasonable accommodation for individuals with disabilities in employment, its services, programs, and activities. If you need to request a reasonable accommodation, please let your Recruiter know so we can assist.
We are not working with external recruitment agencies, thanks.
Temporal Technologies Bellevue, Washington, USA Office
Bellevue, Washington, United States
Similar Jobs
Digital Media • Information Technology • News + Entertainment
Home-based, client-facing account executive responsible for local retail ad sales, new business development and account management. Develops proposals, presents market research, coordinates with internal teams, manages contracts/schedules/collections, maintains CRM records and sales forecasts, and meets annual revenue targets. Requires in-person client meetings, prospecting, and flexible hours.
Top Skills:
Freewheel
Cloud • Information Technology • Security • Software • Cybersecurity
Lead technical engagements with major accounts: deliver product demos, gather requirements, design evaluations and custom configurations, and guide customers through successful proof-of-concept and deployment activities for Zscaler cloud security solutions.
Top Skills:
Cloud-NativeDnsFirewallsRoutingTcp/IpVpnZscaler Zero Trust Exchange
Digital Media • Information Technology • News + Entertainment
Field-based enterprise sales role responsible for territory strategy, prospecting, acquiring and managing mid-market and multi-location customers via direct and partner channels. Deliver face-to-face presentations, exceed sales targets, retain customers through strong service, collaborate with internal teams, maintain sales records, and apply working knowledge of networking and security technologies.
Top Skills:
23)Business ContinuityCustomer Premise Equipment (Cpe)CybersecurityDisaster RecoveryEthernetLanManNetwork SecurityNetworking Protocols (Layers 1SdwanVoipVpnWanWdm
What you need to know about the Seattle Tech Scene
Home to tech titans like Microsoft and Amazon, Seattle punches far above its weight in innovation. But its surrounding mountains, sprinkled with world-famous hiking trails and climbing routes, make the city a destination for outdoorsy types as well. Established as a logging town before shifting to shipbuilding and logistics, the Emerald City is now known for its contributions to aerospace, software, biotech and cloud computing. And its status as a thriving tech ecosystem is attracting out-of-town companies looking to establish new tech and engineering hubs.
Key Facts About Seattle Tech
- Number of Tech Workers: 287,000; 13% of overall workforce (2024 CompTIA survey)
- Major Tech Employers: Amazon, Microsoft, Meta, Google
- Key Industries: Artificial intelligence, cloud computing, software, biotechnology, game development
- Funding Landscape: $3.1 billion in venture capital funding in 2024 (Pitchbook)
- Notable Investors: Madrona, Fuse, Tola, Maveron
- Research Centers and Universities: University of Washington, Seattle University, Seattle Pacific University, Allen Institute for Brain Science, Bill & Melinda Gates Foundation, Seattle Children’s Research Institute
