# Staff Cloud Security Engineer

Remote from[USA](https://jobicy.com/job-region/usa.md)Salary, yearly, USD 225,000                             - 275,000Department  [Software Engineering](https://jobicy.com/categories/engineering.md) Employment type Full Time, Job posted3 Jul 2026Apply before3 Aug 2026Experience level  Senior
Views / Applies 806 / 55 [About company](https://jobicy.com/company/temporal-technologies.md)

* Share About [Temporal Technologies](https://jobicy.com/company/temporal-technologies.md)

Changing how modern software is built by guaranteeing the execution of complex, long-running workflows, even in the presence of system failures.

[Computer Software](https://jobicy.com/company-category/software.md)
*  2019

Verified job posting This job post has been [manually reviewed](https://jobicy.com/tools/help-center/employee/how-does-jobicy-verify-the-legitimacy-of-remote-job-listings.md) for authenticity and compliance.

###  AI Summary

Temporal is seeking a Staff Cloud Security Engineer to secure its cloud environment across AWS, GCP, and Azure. The role involves integrating security into infrastructure design, conducting threat modeling, and managing cloud security posture. Candidates need 5+ years of experience, expertise in Kubernetes security, multi-tenant architecture, and proficiency in Go. The position offers the opportunity to shape AI usage in security processes and work with a dynamic team on a mission to improve developer experience.

### Role DNA

Job Complexity Easy Hard Pace & Pressure Relaxed Fast-paced Autonomy Level Guided Full Ownership Communication Load Independent Highly Collaborative

AI Insight The role requires deep expertise in cloud security, multi-cloud environments, and collaboration with engineering teams, making it challenging but not entry-level.

### Salary Analysis

Median  Highly Competitive  USD250,000US Market USD150k – 300k 0 USD330k      AI Insight The offered salary range of $225,000-$275,000 is competitive for a Staff Cloud Security Engineer role, aligning with the upper end of the US market median.

### Core Skills Required

[Cloud Security](https://jobicy.com/jobs?search_keywords=Cloud+Security.md) [Kubernetes](https://jobicy.com/jobs?search_keywords=Kubernetes.md) [AWS](https://jobicy.com/jobs?search_keywords=AWS.md) [GCP](https://jobicy.com/jobs?search_keywords=GCP.md) [Azure](https://jobicy.com/jobs?search_keywords=Azure.md) [Go](https://jobicy.com/jobs?search_keywords=Go.md) [gRPC](https://jobicy.com/jobs?search_keywords=gRPC.md) [mTLS](https://jobicy.com/jobs?search_keywords=mTLS.md) [Threat Modeling](https://jobicy.com/jobs?search_keywords=Threat+Modeling.md) [Service Mesh](https://jobicy.com/jobs?search_keywords=Service+Mesh.md)

### Cover Letter Sample

I am writing to express my strong interest in the Staff Cloud Security Engineer position at Temporal. With over 5 years of experience in cloud security and a deep expertise in multi-cloud environments, Kubernetes security, and threat modeling, I am excited about the opportunity to contribute to securing Temporal's innovative platform.

My background includes designing secure architectures for AWS, GCP, and Azure, implementing mTLS and service mesh configurations, and managing cloud security posture with tools like Wiz. I have a proven track record of collaborating with engineering teams to integrate security into the development lifecycle, ensuring robust protection for complex distributed systems.

I am particularly drawn to Temporal's mission to simplify code and make applications more reliable. The chance to work on securing a durable, stateful workflow engine and to shape responsible AI use in security processes aligns perfectly with my professional goals.

I am eager to bring my technical skills and collaborative mindset to the Temporal team. Thank you for considering my application; I look forward to the possibility of discussing how I can contribute to your mission.

Copy

### Sample Interview Questions

How would you approach securing a multi-tenant Kubernetes cluster in a cloud environment?I would implement RBAC with least privilege, use network policies for isolation, enable audit logging, and leverage admission controllers like OPA/Gatekeeper. Additionally, I'd use tools like Wiz for continuous misconfiguration detection and ensure secrets are managed via HashiCorp Vault or cloud-native solutions.Describe your experience with threat modeling for distributed systems. Can you give an example?I have used STRIDE and PASTA methodologies to model threats for a workflow engine. For instance, I identified attack surfaces in task queue integrity and client-server trust boundaries, leading to implementation of mTLS and payload encryption to protect sensitive data.How do you stay current with emerging cloud security standards and apply them?I follow CSA Cloud Controls Matrix and CIS Benchmarks, attend security conferences, and participate in industry groups. I translate these into internal policies by conducting gap analyses and updating security configurations, such as enforcing encryption at rest and in transit.Can you explain how you would secure gRPC communication in a microservices architecture?I would enforce mTLS for mutual authentication, use service mesh (e.g., Istio) for traffic encryption and authorization, implement rate limiting, and validate requests with API authentication. Additionally, I'd use short-lived certificates and rotate them regularly.What is your approach to integrating security into the development lifecycle?I advocate for shifting left by embedding security in design reviews, conducting threat modeling early, and providing security training. I also integrate SAST/DAST tools into CI/CD pipelines and establish clear security requirements for each sprint.

## About Us

Temporal is an open source programming model that can simplify code, make applications more reliable, and help developers focus on the important things like delivering features faster. We are on a mission to be the reliable foundation of every developer’s toolbox, and are building the team that will make that happen. Our values guide us —they are present in how we show up, make decisions, and work together to make an impact. We’re curious, driven, collaborative, genuine and humble. Temporal is growing and we are looking for those who share our values, challenge ‘standard’ thinking, and want to influence our future. If you have a passion for improving the developer experience, building world-class open-source software and communities, and want to be a part of our amazing team, we’d love to hear from you!

## Summary

Join our dynamic team as a Staff Cloud Security Engineer, where you’ll play a pivotal role in securing the Temporal cloud environment for our customers. In this position, you’ll work closely with our infrastructure teams, software engineering teams, and customers to build security deeply into our platform across multiple clouds. You’ll also help shape how we use AI responsibly in both our infrastructure and our engineering processes. We’re looking for individuals who are passionate about enabling engineering teams to build and ship securely, serving as trusted security partners across the organization.

## What You’ll Do

* Collaborate with product and engineering teams to integrate security principles into the design and architecture of cloud infrastructure across multiple clouds (AWS, GCP, Azure, and others).
* Secure Temporal’s core platform components, including the workflow engine, task queue architecture, and worker execution model – identifying attack surfaces unique to durable, stateful distributed systems.
* Conduct threat modeling and risk assessments to identify vulnerabilities and potential attack vectors across our multi-cloud environment, with particular focus on workflow execution, task queue integrity, and client-server trust boundaries.
* Secure Temporal’s gRPC-based communication layer, including mTLS certificate management, service mesh configuration, and API authentication.
* Manage cloud security posture using tools such as Wiz, including misconfiguration detection, compliance monitoring, and remediation across all three cloud providers.
* Stay current on emerging cloud security standards and guidance (e.g. CSA Cloud Controls Matrix, CIS Benchmarks) and translate these into actionable internal policy.
* Able to participate in on-call rotation.

## What You’ll Bring

* Bachelor’s degree in Computer Science, Cybersecurity, or a related field (or equivalent experience).
* 5+ years in cloud security or a related role.
* Proven partnership with engineering teams, bringing security expertise to infrastructure access and security posture.
* Kubernetes security posture management and auditing, including workload hardening, RBAC design, and admission control.
* Demonstrated experience with multi-tenant security architecture, including data plane isolation, control plane hardening, and cross-tenant data leakage prevention.
* Strong opinions on the use of AI in different areas (assessments, threat models, penetration testing, etc).
* A deep understanding of application architecture and design principles, ability to effectively identify vulnerabilities across multiple programming languages
* Experience with secrets management at scale (e.g. HashiCorp Vault, AWS Secrets Manager) and payload encryption patterns such as codec servers for protecting sensitive workflow data.
* Proficiency in Go; familiarity with Python. Go is Temporal’s primary server and SDK language.
* Strong command of gRPC security, mTLS, and service mesh architectures (Istio, Envoy).
* Excellent communication and ability to explain complex security concepts to non-technical stakeholders.
* Excellent collaboration and communication skills.

## Nice to Have

* Prior experience with Temporal, Cadence, or similar workflow orchestration platforms and an understanding of workflow history, replay semantics, and scheduling internals.
* FedRAMP, SOC 2 Type II, or ISO 27001 experience, particularly in the context of cloud-native SaaS.
* Open Source automation or automation projects.
* Expertise in other areas of security (AppSec, CorpSec, GRC)
* Security conference talks or published research.

Compensation
* The estimated pay range for this role is $225,000 – $275,000, depending on qualifications and location.
* This role is eligible to participate in Temporal’s equity plan.

Compensation ranges reflect salary and commission compensation (when applicable) across several geographic markets. Employment offers carefully consider multiple factors, including prior experience, knowledge, expertise, skillset, market location, and job level assessed during the interview process. Employee benefits and perks below are for full-time employees, part-time or temporary positions are excluded.  U.S. Benefits
* Unlimited PTO, 12 Holidays + 2 Floating Holidays
* 100% Premiums Coverage for Medical, Dental, and Vision
* AD&D, LT & ST Disability, and Life Insurance (Standard & Supplemental Available)
* Empower 401K Plan
* Additional Perks for Learning & Development, Lifestyle Spending, In-Home Office Setup, Professional Memberships, WFH Meals, Internet Stipend and more!

International Benefits

Paid Time Off (PTO) and Benefits outside the United States vary by country, and are issued in partnership with [Remote.com](http://remote.com/). Additionally, Temporal offers perks to all international employees for learning & career development, a lifestyle spending account, in-home office setup (in addition to company-issued hardware), professional memberships, work-from-home meals, and access to the Calm app for mental wellness.

Travel

Temporal is a globally distributed, collaborative team that values opportunities for in-person connection. Occasional travel may be required for company events, team offsites, and other meaningful moments that bring us together.

Additional Perks
* $3,600 / Year Work from Home Meals
* $1,800 / Year Professional Enrichment (Career Development & Professional Memberships)
* $1,200 / Year Lifestyle Spending Account
* $1,000 / Year In-Home Office Setup (In addition to Temporal issued equipment – laptop, monitor, keyboard, mouse, trackpad, and extension power cable at no cost to you)
* $74 / Month Reimbursement for Internet
* Calm App Subscription for Mental Health & Wellness

Temporal Technologies is an Equal Opportunity Employer. Temporal Technologies does not discriminate on the basis of race, religion, color, sex, gender identity, sexual orientation, age, non-disqualifying physical or mental disability, national origin, veteran status, or any other basis covered by appropriate law. All employment is decided on the basis of qualifications, merit, and business need. We embrace and celebrate differences and diversity. Temporal is committed to providing access, equal opportunity, and reasonable accommodation for individuals with disabilities in employment, its services, programs, and activities. If you need to request a reasonable accommodation, please let your Recruiter know so we can assist. We are not working with external recruitment agencies, thanks. Show more

[Apply now >](https://jobicy.com/jobs/145309-staff-cloud-security-engineer.md)

*

![Upload CV](data:image/svg+xml;base64,PHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHdpZHRoPSI2NSIgaGVpZ2h0PSI2NSIgZmlsbD0ibm9uZSIgeG1sbnM6dj0iaHR0cHM6Ly92ZWN0YS5pby9uYW5vIj48ZyBjbGlwLXBhdGg9InVybCgjQSkiPjxwYXRoIGQ9Ik0wIDBINjVWNjVIMFYwWiIgZmlsbD0iIzAyOWFlYiIvPjxnIGZpbGw9IiNmZmYiIHN0cm9rZT0iI2ZmZiIgc3Ryb2tlLXdpZHRoPSIyIj48cGF0aCBkPSJNMzMuMDQ5IDE1LjQ1NGExLjQzIDEuNDMgMCAwIDAtMi4wOTcgMGwtNy41NzkgOC4xNDdhMS4zOCAxLjM4IDAgMCAwIC4wOSAxLjk3MyAxLjQ0IDEuNDQgMCAwIDAgMi4wMDgtLjA4OGw1LjEwOS01LjQ5MnYyMC42MWExLjQxIDEuNDEgMCAwIDAgMS40MjEgMS4zOTdjLjc4NSAwIDEuNDIxLS42MjUgMS40MjEtMS4zOTd2LTIwLjYxbDUuMTA5IDUuNDkyYTEuNDQgMS40NCAwIDAgMCAyLjAwOC4wODggMS4zOCAxLjM4IDAgMCAwIC4wOS0xLjk3M2wtNy41NzktOC4xNDZ6TTE2Ljc2OSAzOC40YzAtLjc3My0uNjItMS40LTEuMzg1LTEuNFMxNCAzNy42MjcgMTQgMzguNHYuMTAybC4yMTUgNi4yMjljLjIyMyAxLjY4LjcwMSAzLjA5NSAxLjgxMyA0LjIxOHMyLjUxIDEuNjA3IDQuMTcyIDEuODMzYzEuNi4yMTggMy42MzYuMjE4IDYuMTYuMjE4aDExLjI4bDYuMTYtLjIxOGMxLjY2Mi0uMjI2IDMuMDYxLS43MDkgNC4xNzItMS44MzNzMS41ODktMi41MzggMS44MTMtNC4yMThDNTAgNDMuMTEzIDUwIDQxLjA1NSA1MCAzOC41MDNWMzguNGMwLS43NzMtLjYyLTEuNC0xLjM4NS0xLjRzLTEuMzg1LjYyNy0xLjM4NSAxLjRsLS4xOSA1Ljk1OGMtLjE4MiAxLjM3LS41MTUgMi4wOTUtMS4wMjYgMi42MTJzLTEuMjI4Ljg1My0yLjU4MyAxLjAzOGMtMS4zOTUuMTktMy4yNDMuMTkzLTUuODkzLjE5M0gyNi40NjJjLTIuNjUgMC00LjQ5OC0uMDAzLTUuODkzLS4xOTMtMS4zNTUtLjE4NC0yLjA3Mi0uNTIxLTIuNTgzLTEuMDM4cy0uODQ0LTEuMjQyLTEuMDI2LTIuNjEyYy0uMTg3LTEuNDEtLjE5MS0zLjI3OS0uMTkxLTUuOTU4eiIvPjwvZz48L2c+PGRlZnM+PGNsaXBQYXRoIGlkPSJBIj48cGF0aCBmaWxsPSIjZmZmIiBkPSJNMCAwaDY1djY1SDB6Ii8+PC9jbGlwUGF0aD48L2RlZnM+PC9zdmc+)

### Upload your resume now

To unlock remote work opportunities and be discovered by global employers.

This job listing has been manually reviewed by the Jobicy Trust & Safety Team for compliance with our posting guidelines, including verification of the company's legitimacy, accuracy of job details, clarity of remote work policy, and absence of misleading or fraudulent content.

## How to apply

## See a few more

Similar Software Engineering remote jobs

*
![Voyage Privé logo](https://jobicy.com/data/server-nyc0409/galaxy/mercury/2025/07/2b1f24db-221.png)

Voyage Privé

### [Staff Software Engineer – Full Remote or Hybrid (m/f/d)](https://jobicy.com/jobs/145788-staff-software-engineer-full-remote-or-hybrid-m-f-d.md)

Company Description✨ About Voyage PrivéBorn in France in 2006, Voyage Privé has grown from an ambitious startup into becoming Europe’s leading travel tech platform. Operating across 9 markets with tens…

![France flag](https://cloud.jobicy.com/nyc4-cold/img/round-flags/fr.svg)
FR•Full TimeNEW*
![infisical logo](https://jobicy.com/data/server-nyc0409/galaxy/mercury/2025/06/44e19225-221.png)

infisical

### [Senior Full Stack Engineer](https://jobicy.com/jobs/145861-senior-full-stack-engineer-5.md)

Infisical is looking to hire exceptional talent to join our teams in building the open source security infrastructure stack for the AI era.We’re building a generational company with a world-class…

![UK flag](https://cloud.jobicy.com/nyc4-cold/img/round-flags/gb.svg)

![USA flag](https://cloud.jobicy.com/nyc4-cold/img/round-flags/us.svg)
GB, US +3 more, CA, FR, BR•Full TimeUSD 180k-250k/year*
![Zscaler logo](https://jobicy.com/data/server-nyc0409/galaxy/mercury/2025/08/b3234031-221.png)

Zscaler

### [Partner Solution Architect – GSI](https://jobicy.com/jobs/145918-partner-solution-architect-gsi.md)

About Zscaler Zscaler accelerates digital transformation to ensure our customers can be more agile, efficient, resilient, and secure. As an AI-forward enterprise, we are constantly pushing the envelope, leveraging the…

![USA flag](https://cloud.jobicy.com/nyc4-cold/img/round-flags/us.svg)
US•Full TimeUSD 170,625-243,750/year*
![Sigma Computing logo](https://jobicy.com/data/server-nyc0409/galaxy/mercury/2025/06/5a8fdb55-221.jpg)

Sigma Computing

### [Solution Engineer](https://jobicy.com/jobs/145920-solution-engineer.md)

Sigma’s vision is to create an insight-driven world where people, organizations, and, ultimately, humanity are transformed for the better by data. At Sigma, we are building a cloud-native business intelligence…

![USA flag](https://cloud.jobicy.com/nyc4-cold/img/round-flags/us.svg)
US•Full TimeNEW*
![Samsara logo](https://jobicy.com/data/server-nyc0409/galaxy/mercury/2025/06/dd26f5ca-221.jpg)

Samsara

### [Enterprise Core Sales Engineer](https://jobicy.com/jobs/145932-enterprise-core-sales-engineer.md)

Who we are Samsara (NYSE: IOT) is the pioneer of the Connected Operations™ Cloud, which is a platform that enables organizations that depend on physical operations to harness Internet of…

![USA flag](https://cloud.jobicy.com/nyc4-cold/img/round-flags/us.svg)
US•Full TimeUSD 121,975-184,500/year*
![Samsara logo](https://jobicy.com/data/server-nyc0409/galaxy/mercury/2025/06/dd26f5ca-221.jpg)

Samsara

### [Senior Staff Software Engineer – STCE](https://jobicy.com/jobs/145939-senior-staff-software-engineer-stce.md)

Who we are Samsara (NYSE: IOT) is the pioneer of the Connected Operations™ Cloud, which is a platform that enables organizations that depend on physical operations to harness Internet of…

![Canada flag](https://cloud.jobicy.com/nyc4-cold/img/round-flags/ca.svg)
CA•Full TimeCAD 154,800-255,420/year*
![NTT DATA logo](https://jobicy.com/data/server-nyc0409/galaxy/mercury/2025/09/e2252da5-221.png)

NTT DATA

### [GenAI Engineer](https://jobicy.com/jobs/145940-genai-engineer.md)

Job Title: GenAI EngineerLocation Preference: 100% remote in Mexico, Brasil, Peru, Chile working EST Time Zone OR onsite in Washington, D.C.Duration: 1-Year Assignment with possibility of extensionNTT DATA is a…

![LATAM flag](https://cloud.jobicy.com/nyc4-cold/img/round-flags/latam.svg)
LATAM•Full TimeNEW*
![Canonical Ltd. logo](https://jobicy.com/data/server-nyc0409/galaxy/mercury/2025/06/b4d068a9-221-1.png)

Canonical Ltd.

### [Ubuntu Linux Kernel Test Engineer](https://jobicy.com/jobs/145995-ubuntu-linux-kernel-test-engineer.md)

Ubuntu is the most widely used Linux distribution in the world, delivering kernels across a vast matrix of versions, architectures, and configurations – with up to 15 years of security…

![APAC flag](https://cloud.jobicy.com/nyc4-cold/img/round-flags/apac.svg)

![China flag](https://cloud.jobicy.com/nyc4-cold/img/round-flags/cn.svg)
APAC, CN•Full TimeNEW*
![Testlio logo](https://jobicy.com/data/server-nyc0409/galaxy/mercury/2025/06/11024036-221.png)

Testlio

### [Freelance Software tester (Magenta TV, Poland)](https://jobicy.com/jobs/146019-freelance-software-tester-magenta-tv-poland.md)

Hi there! We are Testlio, a global software testing company with its own freelance network. Our freelancers test apps from companies across the globe. Testlio is a great place for…

![EMEA flag](https://cloud.jobicy.com/nyc4-cold/img/round-flags/emea.svg)
EMEA•Full TimeUSD 30k-30k/year*
![Playson logo](https://jobicy.com/data/server-nyc0409/galaxy/mercury/2025/06/6f266d9c-221-1.png)

Playson

### [Senior Software Engineer (Game Engine)](https://jobicy.com/jobs/146058-senior-software-engineer-game-engine.md)

About the RoleWe’re looking for a Senior Software Engineer to join a newly forming team that will own one of the most specialised and business-critical domains in our technology landscape…

![Europe flag](https://cloud.jobicy.com/nyc4-cold/img/round-flags/eu.svg)
EU•Full TimeNEW
[More Jobs](https://jobicy.com/jobs.md)