Staff Application Security Engineer

 

Temporal is an open source programming model that can simplify code, make applications more reliable, and help developers focus on the important things like delivering features faster. Our amazing user community provides us with real-time feedback and contributions to improve the developer experience everywhere.

 

Backed by top VC firms, we have built a team of professionals from various successful start-ups and well-known technology companies. Together, we collaborate cross-functionally, engage with and support our users to improve the developer experience, deliver world-class open-source software, and enhance our commercial SaaS platform.

 

Temporal is growing and working towards building the best community. We are looking for those who share our values, challenge 'standard' thinking, and want to influence our future. If you have a passion for helping developer communities, open-source software, and want to be a part of our amazing team, we'd love to hear from you!

Introduction to the Role

Join our dynamic team as a Staff Application Security Engineer, where you'll play a pivotal role in securing the Temporal development pipeline and product. In this position, you'll directly contribute by working closely with our software engineering teams and customers, empowering you to substantially impact our technology and community. We're looking for individuals who are ready to innovate and build the most supportive and inclusive developer ecosystem in the industry.

What You’ll Do

• Collaborate with product and engineering teams to integrate security principles into the design and architecture of products, including the development pipeline.
• Lead complex threat modeling and risk assessments to identify vulnerabilities and potential attack vectors.
• Drive strategy, influence architecture, and set direction for security across multiple teams or org-wide.
• Act as a security advocate, fostering a culture of security within the organization.
• Triage Bug Bounty findings and responsibility disclosed vulnerabilities.
• Able to participate in on-call rotation.
• Mentor other engineers in areas of application security, including brown bag sessions.

What You’ll Bring

• Bachelor’s degree in Computer Science, Cybersecurity, or a related field (or equivalent experience).
• 7+ years in application or product security or a related role.
• Proven partnership with engineering teams, bringing security expertise to the planning and development process.
• Knowledge of encryption, authentication, and secure communication protocols.
• Familiarity with multiple tools in the areas of SAST, DAST, and penetration testing frameworks.
• A deep understanding of application architecture and design principles, ability to effectively identify vulnerabilities across multiple programming languages
• An understanding of AI-related threats, including MCP servers.
• Demonstrated success defining actionable roadmaps from loosely scoped or ambiguous problem domains.
• Excellent collaboration and communication skills.
• Excellent communication and ability to explain complex security concepts to non-technical stakeholders.
• History of some software development more complex than scripting.
• Familiarity with Python and Go.

Nice to Have

• Distributed computing and related vulnerability experience.
• Running a Security Champions program.
• Kubernetes security posture and auditing.
• Open Source automation or automation projects.
• Professional Software Engineering experience.

 

 

• $3,600 / Year Work from Home Meals 
• $1,500 / Year Career Development & Learning
• $1,200 / Year Lifestyle Spending Account
• $1,000 / Year In-Home Office Setup (In addition to Temporal issued equipment - laptop, monitor, keyboard, mouse, trackpad, and extension power cable at no cost to you)
• $500 / Year Professional Memberships
• $74 / Month Reimbursement for Internet
• Calm App Subscription for Mental Health & Wellness