Senior Application Security Engineer

About Us Temporal is an open source programming model that can simplify code, make applications more reliable, and help developers focus on the important things like delivering features faster. We are on a mission to be the reliable foundation of every developer’s toolbox, and are building the team that will make that happen. Our values guide us —they are present in how we show up, make decisions, and work together to make an impact. We’re curious, driven, collaborative, genuine and humble. Temporal is growing and we are looking for those who share our values, challenge 'standard' thinking, and want to influence our future. If you have a passion for improving the developer experience, building world-class open-source software and communities, and want to be a part of our amazing team, we'd love to hear from you! Summary Join our dynamic team as a Senior Application Security Engineer , where you'll play a pivotal role in securing the Temporal development pipeline, product, and customer execution environment. In this position, you'll work closely with software engineering teams and customers to build security deeply into our platform across multiple clouds. You'll also help shape how we use AI responsibly in both our product and our engineering processes. We're looking for individuals who are passionate about enabling engineering teams to build and ship securely, serving as trusted security partners across the organization. What You’ll Do Collaborate with product and engineering teams to integrate security principles into the design and architecture of products. Conduct threat modeling and risk assessments to identify vulnerabilities and potential attack vectors across the full product surface. Manage the Secure Development pipeline including code security and 3rd party library supply chain security. Stay current on emerging standards and guidance (e.g. OWASP Top 10 for LLMs, MCP security specifications) and translate these into actionable internal policy. Triage Bug Bounty findings and responsibility disclosed vulnerabilities. Able to participate in on-call rotation. What You’ll Bring Bachelor’s degree in Computer Science, Cybersecurity, or a related field (or equivalent experience). 5+ years in application or product security or a related role. Proven partnership with engineering teams, bringing security expertise to the planning and development process. Knowledge of encryption, authentication, and secure communication protocols. Familiarity with tools like SAST, DAST, and penetration testing frameworks. A deep understanding of application architecture and design principles, ability to effectively identify vulnerabilities across multiple programming languages Excellent communication and ability to explain complex security concepts to non-technical stakeholders. Kubernetes security posture management and auditing, including workload hardening, RBAC design, and admission control. Demonstrated experience with multi-tenant security architecture, including data plane isolation, control plane hardening, and cross-tenant data leakage prevention. Excellent collaboration and communication skills. Expertise in at least one programming language, familiarity with Python and Go. Nice to Have Distributed computing and related vulnerability experience. Running a Security Champions program. Open Source automation or automation projects. Expertise in other areas of security. Security conference talks or published research. Compensation The estimated pay range for this role is $180,000 - $225,000, depending on qualifications and location. This role is eligible to participate in Temporal's equity plan. Compensation ranges reflect salary and commission compensation (when applicable) across several geographic markets. Employment offers carefully consider multiple factors, including prior experience, knowledge, expertise, skillset, market location, and job level assessed during the interview process. Employee ben ... (truncated, view full listing at source)