[Remote] Senior Software Engineer, Cloud Identity

Note: The job is a remote job and is open to candidates in USA. Temporal Technologies is an innovative company focused on improving the developer experience through open-source software. They are hiring a Senior Software Engineer for Cloud Identity to design, build, and operate identity and access systems for their multi-tenant SaaS platform, ensuring secure authentication and authorization processes.

Responsibilities

• Build and improve core parts of Temporal Cloud's identity platform — authentication (OAuth 2.0/OIDC, SAML), authorization (RBAC and policy-based access), and workload identity — so customers and workloads can authenticate securely
• Help keep the auth path fast and reliable to meet Temporal Cloud's SLOs through caching, token handling, and revocation strategies
• Integrate with enterprise identity providers (Okta, Entra ID, Google Workspace) and support user provisioning (SCIM), with attention to common identity threats such as token replay and privilege escalation
• Partner with Security, Product, and platform teams to ship secure-by-default patterns and contribute to IAM lifecycle and audit practices
• Write clear architecture and design docs, and contribute to the team's technical direction

Skills

• Solid hands-on experience building and operating production identity or auth systems — OAuth 2.0/OIDC, SAML, JWT, and token/key rotation
• Good understanding of authorization models (RBAC, ABAC); familiarity with policy engines like OPA, Cedar, or OpenFGA is a plus
• Experience operating distributed systems in production, including some on-call responsibility
• Proficiency in Go; experience with Python, Java, or Rust is a plus
• Strong communication skills and the ability to collaborate across security, product, and engineering teams
• Exposure to workload identity or short-lived / federated credentials (SPIFFE/SPIRE, mTLS, WIF)
• Experience with SCIM provisioning and enterprise SSO integrations
• Contributions to identity OSS projects (Keycloak, Ory, Dex, OpenFGA, SPIRE)
• Familiarity with compliance frameworks (SOC 2, ISO 27001, HIPAA) as they apply to IAM
• Familiarity with Temporal or other durable-execution engines, especially auth implications around workers and task queues
• Experience designing customer-facing API auth (scoped tokens, API keys, rotation)

Benefits

• Equity Options - Eligible for stock options as part of Temporal's equity plan
• Unlimited PTO, 12 Holidays + 2 Floating Holidays
• 100% Premiums Coverage for Medical, Dental, and Vision
• AD&D, LT & ST Disability, and Life Insurance (Standard & Supplemental Available)
• Empower 401K Plan
• Additional Perks for Learning & Development, Lifestyle Spending, In-Home Office Setup, Professional Memberships, WFH Meals, Internet Stipend and more!
• Paid Time Off (PTO) and Benefits outside the United States vary by country, and are issued in partnership with Remote.com.
• Temporal offers perks to all international employees for learning & career development, a lifestyle spending account, in-home office setup (in addition to company-issued hardware), professional memberships, work-from-home meals, and access to the Calm app for mental wellness.
• Occasional travel may be required for company events, team offsites, and other meaningful moments that bring us together.
• $3,600 / Year Work from Home Meals
• $1,800 / Year Professional Enrichment (Career Development & Professional Memberships)
• $1,200 / Year Lifestyle Spending Account
• $1,000 / Year In-Home Office Setup (In addition to Temporal issued equipment - laptop, monitor, keyboard, mouse, trackpad, and extension power cable at no cost to you)
• $74 / Month Reimbursement for Internet
• Calm App Subscription for Mental Health & Wellness

Company Overview

Company H1B Sponsorship