Sr. Application Security

Opportunity Overview:

We are seeking a hands-on Application Security Engineer to help embed security into the core architecture of our cloud-native healthcare platform. This role focuses on implementing secure application frameworks, identity systems, and developer security capabilities across modern distributed systems.

As an Application Security Engineer, you will work closely with engineering and platform teams to implement secure patterns for authentication, authorization, API security, and service-to-service communication. You will support architecture reviews, threat modeling, and secure design discussions, and implement practical security controls directly in their applications and services.

This role is deeply integrated into the engineering and platform ecosystem, working on secure API architectures, identity integrations, CI/CD security, and reusable security frameworks that enable teams to build secure services by default.

The ideal candidate combines strong software engineering and cloud architecture experience with deep expertise in modern identity platforms such as Okta, and a passion for helping engineering teams deliver secure systems at scale.

Experience in healthcare or other regulated environments is strongly preferred.

What you’ll do:

• Contribute to designing secure architecture patterns for cloud-native applications, APIs, and microservices
• Implement secure patterns for authentication, authorization, and identity propagation across distributed systems
• Design secure approaches for service-to-service communication and API protection
• Support architecture and threat modeling reviews for new services and platform capabilities
• Design and implement secure identity and authentication flows using Okta and AWS Cognito
• Implement OAuth2, OpenID Connect, and token-based authentication patterns
• Apply secure approaches for API gateway authorization and token validation
• Integrate security controls into CI/CD pipelines and DevSecOps workflows
• Work closely with engineering teams on secure service and API design
• Contribute to building reusable security frameworks and developer tooling that enable teams to build secure services by default

Required Qualifications:

• 6 or more years of experience in application security, secure software engineering, or cloud security architecture
• Strong background in designing and securing cloud-native applications, APIs, and microservices architectures
• Deep expertise with modern authentication and identity protocols, including OAuth2, OpenID Connect, and JWT
• Hands-on experience designing and implementing identity architectures using Okta, including SSO, federation, and MFA
• Experience integrating Okta with cloud-native applications and APIs, including token validation and identity propagation
• Experience working with AWS Cognito or similar cloud identity platforms
• Strong understanding of secure API design, including gateway authorization and service-to-service authentication
• Experience embedding security into CI/CD pipelines and DevSecOps workflows
• Ability to review application code and guide secure coding practices across engineering teams
• Experience contributing to security frameworks or reusable libraries that enable engineers to build secure services by default.

Ability to commute/relocate:

• Hyderabad, Telangana: Reliably commute or planning to relocate before starting work (Preferred)

Interview Process*:

1. Connect with Talent Acquisition 
2. Meet with the Hiring Manager
3. Behavioral Interview(s)
4. Case Study
5. Interview with Senior Leadership

*Subject to change

About Cohere Health:

Cohere Health’s clinical intelligence platform delivers AI-powered solutions that streamline access to quality care by improving payer-provider collaboration, cost containment, and healthcare economics. Cohere Health works with over 660,000 providers and handles over 12 million prior authorization requests annually. Its responsible AI auto-approves up to 90% of requests for millions of health plan members.

With the acquisition of ZignaAI, we’ve further enhanced our platform by launching our Payment Integrity Suite, anchored by Cohere Validate™, an AI-driven clinical and coding validation solution that operates in near real-time. By unifying pre-service authorization data with post-service claims validation, we’re creating a transparent healthcare ecosystem that reduces waste, improves payer-provider collaboration and patient outcomes, and ensures providers are paid promptly and accurately.

Cohere Health’s innovations continue to receive industry wide recognition. We’ve been named to the 2025 Inc. 5000 list and in the Gartner® Hype Cycle™ for U.S. Healthcare Payers (2022-2025), and ranked as a Top 5 LinkedIn™ Startup for 2023 & 2024. Backed by leading investors such as Deerfield Management, Define Ventures, Flare Capital Partners, Longitude Capital, and Polaris Partners, Cohere Health drives more transparent, streamlined healthcare processes, helping patients receive faster, more appropriate care and higher-quality outcomes.

The Coherenauts, as we call ourselves, who succeed here are empathetic teammates who are candid, kind, caring, and embody our core values and principles. We believe that diverse, inclusive teams make the most impactful work. Cohere is deeply invested in ensuring that we have a supportive, growth-oriented environment that works for everyone.

We can’t wait to learn more about you and meet you at Cohere Health!

Equal Opportunity Statement: 

Cohere Health is an Equal Opportunity Employer. We are committed to fostering an environment of mutual respect where equal employment opportunities are available to all.  To us, it’s personal.

ISMS roles and responsibilities:

• Good knowledge of Information practices.
• Assist the manager in all the information security activities implementation and maintenance process.
• Ensuring the  team and imparted with Competence related to Information security
• Responsible for implementation of security policies and procedures and report any issues to the Information Security Manager.