Opportunity Overview:
We are seeking a hands-on Application Security Engineer to help embed security into the core architecture of our cloud-native healthcare platform. This role focuses on implementing secure application frameworks, identity systems, and developer security capabilities across modern distributed systems.
As an Application Security Engineer, you will work closely with engineering and platform teams to implement secure patterns for authentication, authorization, API security, and service-to-service communication. You will support architecture reviews, threat modeling, and secure design discussions, and implement practical security controls directly in their applications and services.
This role is deeply integrated into the engineering and platform ecosystem, working on secure API architectures, identity integrations, CI/CD security, and reusable security frameworks that enable teams to build secure services by default.
The ideal candidate combines strong software engineering and cloud architecture experience with deep expertise in modern identity platforms such as Okta, and a passion for helping engineering teams deliver secure systems at scale.
Experience in healthcare or other regulated environments is strongly preferred.
What you'll do:
- Contribute to designing secure architecture patterns for cloud-native applications, APIs, and microservices
- Implement secure patterns for authentication, authorization, and identity propagation across distributed systems
- Design secure approaches for service-to-service communication and API protection
- Support architecture and threat modeling reviews for new services and platform capabilities
- Design and implement secure identity and authentication flows using Okta and AWS Cognito
- Implement OAuth2, OpenID Connect, and token-based authentication patterns
- Apply secure approaches for API gateway authorization and token validation
- Integrate security controls into CI/CD pipelines and DevSecOps workflows
- Work closely with engineering teams on secure service and API design
- Contribute to building reusable security frameworks and developer tooling that enable teams to build secure services by default
Required Qualifications:
- 6 or more years of experience in application security, secure software engineering, or cloud security architecture
- Strong background in designing and securing cloud-native applications, APIs, and microservices architectures
- Deep expertise with modern authentication and identity protocols, including OAuth2, OpenID Connect, and JWT
- Hands-on experience designing and implementing identity architectures using Okta, including SSO, federation, and MFA
- Experience integrating Okta with cloud-native applications and APIs, including token validation and identity propagation
- Experience working with AWS Cognito or similar cloud identity platforms
- Strong understanding of secure API design, including gateway authorization and service-to-service authentication
- Experience embedding security into CI/CD pipelines and DevSecOps workflows
- Ability to review application code and guide secure coding practices across engineering teams
- Experience contributing to security frameworks or reusable libraries that enable engineers to build secure services by default.
Ability to commute/relocate:
- Hyderabad, Telangana: Reliably commute or planning to relocate before starting work (Preferred)
Interview Process*:
- Connect with Talent Acquisition
- Meet with the Hiring Manager
- Interview with Senior Leadership
About Cohere Health:
Cohere Health's clinical intelligence platform and agentic AI-powered solutions connect health plans' strategic goals and providers' needs, optimizing the speed, cost, and quality of care. With an enterprise approach that streamlines payer-provider decision-making across the care continuum–including policy, prior authorization, payment accuracy, and more–the company improves collaboration and reduces burden, resulting in up to 8x ROI and 94% provider satisfaction.
With the acquisition of ZignaAI, we expanded our AI-native platform with a comprehensive Payment Integrity Suite that spans data mining, clinical and coding validation, authorization and claims reconciliation, and end-to-end payment integrity services across pre- and post-pay workflows. By connecting clinical and payment insights, our transparent, AI-powered solutions help health plans proactively improve payment accuracy, reduce waste and vendor dependency, strengthen provider relationships, and build smarter, more efficient payment integrity programs.
Cohere Health's innovations continue to receive industry-wide recognition. We've been recognized on TIME's World Top HealthTech Companies 2025 list, the 2025 Inc. 5000 list, in the Gartner® Hype Cycle™ for U.S. Healthcare Payers (2022-2025), and ranked as a Top 5 LinkedIn™ Startup for 2023 & 2024.
We can't wait to learn more about you and meet you at Cohere Health!
Equal Opportunity Statement:
Cohere Health is an Equal Opportunity Employer. We are committed to fostering an environment of mutual respect where equal employment opportunities are available to all. To us, it's personal.
ISMS roles and responsibilities:
- Good knowledge of Information practices.
- Assist the manager in all the information security activities implementation and maintenance process.
- Ensuring the team and imparted with Competence related to Information security
- Responsible for implementation of security policies and procedures and report any issues to the Information Security Manager.
