Apply

Ready to go for it?

AI Apply speeds things up—apply directly if you prefer.

FREE ACCESS
5,000–10,000 jobs/day
JobTailor Logo

See all jobs on JobTailor

Search thousands of fresh jobs every day.

Discover
  • Fresh listings
  • Fast filters
  • No subscription required
Create a free account and start exploring right away.
Temporal Technologies

Staff Software Engineer, Cloud Identity

Temporal Technologies

Staff Software Engineer designing, building, and operating identity platforms for Temporal Cloud. Focused on authentication, authorization, and integrating with enterprise identity providers.

Posted 5/28/2026full-timeRemote • 🇺🇸 United StatesLead💰 $212,000 - $286,000 per yearWebsite

Tech Stack

Tools & technologies
CloudDistributed SystemsGoJavaKotlinPython

About the role

Key responsibilities & impact
  • Design and build Temporal Cloud's identity platform end-to-end — authentication (OAuth 2.0/2.1, OIDC, SAML, token exchange), authorization (RBAC/ReBAC/policy engines), and workload identity federation — so customers and workloads authenticate without long-lived secrets
  • Scale the auth hot path to meet Temporal Cloud's SLOs: in-memory auth bundles, JWKS caching, decision caching, and revocation strategies that keep latency low and eliminate single points of failure
  • Integrate with enterprise IdPs (Okta, Entra ID, Google Workspace, SAML/OIDC), own SCIM 2.0 provisioning, and threat-model identity flows against token replay, confused deputy, scope escalation, and mix-up attacks
  • Partner with Security, Product, and platform teams to ship secure-by-default patterns, define IAM lifecycle and audit strategies, and shape the technical roadmap by tracking emerging standards (IETF OAuth WG, OpenID Foundation)
  • Mentor engineers, maintain clear architecture docs, and engage directly with customers to understand requirements and unblock adoption

Requirements

What you’ll need
  • Deep hands-on experience building and operating production identity systems — OAuth 2.0/2.1, OIDC, SAML, JWT/JOSE, JWKS rotation, SCIM, and at least some exposure to workload identity (SPIFFE/SPIRE, WIF, mTLS, or short-lived federated credentials)
  • Strong grasp of authorization at scale (RBAC, ABAC, ReBAC/Zanzibar) and familiarity with policy engines like OPA, Cedar, or OpenFGA
  • Track record operating latency-sensitive distributed systems in production, including on-call ownership and operational excellence
  • Proficiency in Go; experience with Python, Java, or Kotlin is a plus
  • Strong communication skills with the ability to align stakeholders across security, product, and engineering and drive execution end-to-end.

Benefits

Comp & perks
  • Unlimited PTO, 12 Holidays + 2 Floating Holidays
  • 100% Premiums Coverage for Medical, Dental, and Vision
  • AD&D, LT & ST Disability, and Life Insurance (Standard & Supplemental Available)
  • Empower 401K Plan
  • Additional Perks for Learning & Development, Lifestyle Spending, In-Home Office Setup, Professional Memberships, WFH Meals, Internet Stipend and more!

ATS Keywords

✓ Tailor your resume
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
OAuth 2.0OAuth 2.1OIDCSAMLJWTJOSEJWKSSCIMGoRBAC
Soft Skills
strong communication skillsmentoringstakeholder alignmentproblem-solvingcollaboration