TemporalSenior Application Security Engineer
Join our team as a Senior Application Security Engineer to secure the Temporal development pipeline and product. Collaborate with engineering teams, conduct threat modeling, manage the secure development pipeline, and advocate for security.
Introduction to the Role
Join our dynamic team as a Senior Application Security Engineer, where you'll play a pivotal role in securing the Temporal development pipeline and product. In this position, you'll directly contribute by working closely with our software engineering teams and customers, empowering you to substantially impact our technology and community. We're looking for individuals who are ready to innovate and build the most supportive and inclusive developer ecosystem in the industry.
What You’ll Do
- Collaborate with product and engineering teams to integrate security principles into the design and architecture of products.
- Conduct threat modeling and risk assessments to identify vulnerabilities and potential attack vectors.
- Manage the Secure Development pipeline including code security and 3rd party library supply chain security.
- Act as a security advocate, fostering a culture of security within the organization.
- Triage Bug Bounty findings and responsibility disclosed vulnerabilities.
- Able to participate in on-call rotation.
What You’ll Bring
- Bachelor’s degree in Computer Science, Cybersecurity, or a related field (or equivalent experience).
- 5+ years in application or product security or a related role.
- Proven partnership with engineering teams, bringing security expertise to the planning and development process.
- Knowledge of encryption, authentication, and secure communication protocols.
- Familiarity with tools like SAST, DAST, and penetration testing frameworks.
- A deep understanding of application architecture and design principles, ability to effectively identify vulnerabilities across multiple programming languages
- Excellent communication and ability to explain complex security concepts to non-technical stakeholders.
- Ability to work in a self-directed manner in a fast-paced environment.
- Excellent collaboration and communication skills.
- Familiarity with Python and Go.
Nice to Have
- Distributed computing and related vulnerability experience.
- Running a Security Champions program.
- Kubernetes security posture and auditing.
- Open Source automation or automation projects.
- AI security knowledge.
Compensation
- The estimated pay range for this role is $150,000 - $210,000, depending on qualifications and location.
- This role is eligible to participate in Temporal's equity plan.