Temporal
SaaS
SeniorSoftwareEngineer,CloudIdentity
Neural analysis suggests this role is
optimal for Senior candidates.
“Senior Software Engineer, Cloud Identity at Temporal. Skills: Cloud Identity, Authentication, Authorization, SaaS Platform. Build identity platform. Improve identity platform”
Industry & Context.
On-call responsibility
What They're Looking For.
Must Have
Hands-on experience building production identity systems, Experience operating distributed systems, On-call responsibility
Nice to Have
Familiarity with policy engines, Proficiency in Python, Proficiency in Java, Proficiency in Rust, Exposure to workload identity, Experience with SCIM provisioning, Experience with enterprise SSO integrations, Contributions to identity OSS projects, Familiarity with compliance frameworks, Familiarity with Temporal, Experience designing customer-facing API auth
What You'll Do.
Build identity platform
Improve identity platform
Authenticate workloads
Integrate identity providers
Support user provisioning
Ship secure-by-default patterns
Contribute to IAM lifecycle
Contribute to audit practices
Write architecture docs
Contribute to technical direction
How You'll Work.
Team & Collaboration
Partner with Security; Partner with Product; Partner with infrastructure teams; Collaborate across teams
Full Job Description
SUMMARY Temporal is hiring a Senior Software Engineer for Identity to help design, build, and operate the identity and access systems behind Temporal Cloud — a multi-tenant SaaS platform. You'll work on the systems that authenticate users and workloads, authorize access to namespaces and APIs, and integrate with customer identity providers. You'll partner with Security, Product, and infrastructure teams to deliver "secure by default" capabilities while keeping the developer and operator experience strong. WHAT YOU'LL DO - Build and improve core parts of Temporal Cloud's identity platform — authentication (OAuth 2.0/OIDC, SAML), authorization (RBAC and policy-based access), and workload identity — so customers and workloads can authenticate securely - Help keep the auth path fast and reliable to meet Temporal Cloud's SLOs through caching, token handling, and revocation strategies - Integrate with enterprise identity providers (Okta, Entra ID, Google Workspace) and support user provisioning (SCIM), with attention to common identity threats such as token replay and privilege escalation - Partner with Security, Product, and platform teams to ship secure-by-default patterns and contribute to IAM lifecycle and audit practices - Write clear architecture and design docs, and contribute to the team's technical direction WHAT YOU'LL BRING - Solid hands-on experience building and operating production identity or auth systems — OAuth 2.0/OIDC, SAML, JWT, and token/key rotation - Good understanding of authorization models (RBAC, ABAC); familiarity with policy engines like OPA, Cedar, or OpenFGA is a plus - Experience operating distributed systems in production, including some on-call responsibility - Proficiency in Go; experience with Python, Java, or Rust is a plus - Strong communication skills and the ability to collaborate across security, product, and engineering teams NICE TO HAVE - Exposure to workload identity or short-lived / federated credentials (SPIFFE/SPIRE, mTLS, WI
Applying for this Senior Software Engineer, Cloud Identity role?
Most applicants get filtered before a human reads their resume. See if yours makes the cut.
How to Apply on Ashby
- Ashby is a fast modern ATS — most applications take under 3 minutes.
- The resume parser is strong; verify parsed experience dates and job titles.
- Custom screening questions are often scored algorithmically — answer completely.
- Location field affects geo-based screening; use your actual metro area.
ANONYMOUS · UNFILTERED
What do employees actually say about Temporal?
Real rants from real employees. Read before you apply.