Opportunity Overview:
We are seeking a hands-on Application Security Engineer to help embed security into the core architecture of our cloud-native healthcare platform. This role focuses on implementing secure application frameworks, identity systems, and developer security capabilities across modern distributed systems.
As an Application Security Engineer, you will work closely with engineering and platform teams to implement secure patterns for authentication, authorization, API security, and service-to-service communication. You will support architecture reviews, threat modeling, and secure design discussions, and implement practical security controls directly in their applications and services.
This role is deeply integrated into the engineering and platform ecosystem, working on secure API architectures, identity integrations, CI/CD security, and reusable security frameworks that enable teams to build secure services by default.
The ideal candidate combines strong software engineering and cloud architecture experience with deep expertise in modern identity platforms such as Okta, and a passion for helping engineering teams deliver secure systems at scale.
Experience in healthcare or other regulated environments is strongly preferred.
What you’ll do:
- Contribute to designing secure architecture patterns for cloud-native applications, APIs, and microservices
- Implement secure patterns for authentication, authorization, and identity propagation across distributed systems
- Design secure approaches for service-to-service communication and API protection
- Support architecture and threat modeling reviews for new services and platform capabilities
- Design and implement secure identity and authentication flows using Okta and AWS Cognito
- Implement OAuth2, OpenID Connect, and token-based authentication patterns
- Apply secure approaches for API gateway authorization and token validation
- Integrate security controls into CI/CD pipelines and DevSecOps workflows
- Work closely with engineering teams on secure service and API design
- Contribute to building reusable security frameworks and developer tooling that enable teams to build secure services by default
Required Qualifications:
- 6 or more years of experience in application security, secure software engineering, or cloud security architecture
- Strong background in designing and securing cloud-native applications, APIs, and microservices architectures
- Deep expertise with modern authentication and identity protocols, including OAuth2, OpenID Connect, and JWT
- Hands-on experience designing and implementing identity architectures using Okta, including SSO, federation, and MFA
- Experience integrating Okta with cloud-native applications and APIs, including token validation and identity propagation
- Experience working with AWS Cognito or similar cloud identity platforms
- Strong understanding of secure API design, including gateway authorization and service-to-service authentication
- Experience embedding security into CI/CD pipelines and DevSecOps workflows
- Ability to review application code and guide secure coding practices across engineering teams
- Experience contributing to security frameworks or reusable libraries that enable engineers to build secure services by default.
Ability to commute/relocate:
- Hyderabad, Telangana: Reliably commute or planning to relocate before starting work (Preferred)
Interview Process*:
- Connect with Talent Acquisition
- Meet with the Hiring Manager
- Behavioral Interview(s)
- Case Study
- Interview with Senior Leadership
*Subject to change
About Cohere Health:
Cohere Health’s clinical intelligence platform and agentic AI-powered solutions connect health plans’ strategic goals and providers’ needs, optimizing the speed, cost, and quality of care. With an enterprise approach that streamlines payer-provider decision-making across the care continuum–including policy, prior authorization, payment accuracy, and more–the company improves collaboration and reduces burden, resulting in up to 8x ROI and 94% provider satisfaction.
With the acquisition of ZignaAI, we expanded our AI-native platform with a comprehensive Payment Integrity Suite that spans data mining, clinical and coding validation, authorization and claims reconciliation, and end-to-end payment integrity services across pre- and post-pay workflows. By connecting clinical and payment insights, our transparent, AI-powered solutions help health plans proactively improve payment accuracy, reduce waste and vendor dependency, strengthen provider relationships, and build smarter, more efficient payment integrity programs.
Cohere Health’s innovations continue to receive industry-wide recognition. We’ve been recognized on TIME’s World Top HealthTech Companies 2025 list, the 2025 Inc. 5000 list, in the Gartner® Hype Cycle™ for U.S. Healthcare Payers (2022-2025), and ranked as a Top 5 LinkedIn™ Startup for 2023 & 2024.
We can’t wait to learn more about you and meet you at Cohere Health!
Equal Opportunity Statement:
Cohere Health is an Equal Opportunity Employer. We are committed to fostering an environment of mutual respect where equal employment opportunities are available to all. To us, it’s personal.
ISMS roles and responsibilities:
- Good knowledge of Information practices.
- Assist the manager in all the information security activities implementation and maintenance process.
- Ensuring the team and imparted with Competence related to Information security
- Responsible for implementation of security policies and procedures and report any issues to the Information Security Manager.
Skills Required
- 6 or more years of experience in application security, secure software engineering, or cloud security architecture
- Strong background in designing and securing cloud-native applications, APIs, and microservices architectures
- Deep expertise with OAuth2, OpenID Connect, and JWT
- Hands-on experience designing and implementing identity architectures using Okta, including SSO, federation, and MFA
- Experience integrating Okta with cloud-native applications and APIs, including token validation and identity propagation
- Experience working with AWS Cognito or similar cloud identity platforms
- Experience embedding security controls into CI/CD pipelines and DevSecOps workflows
- Strong understanding of secure API design, including gateway authorization and service-to-service authentication
- Ability to review application code and guide secure coding practices across engineering teams
- Experience contributing to security frameworks or reusable libraries that enable engineers to build secure services by default
- Experience in healthcare or other regulated environments
- Ability to reliably commute or relocate to Hyderabad, Telangana
- Good knowledge of information security practices and ISMS responsibilities
- Experience implementing and maintaining information security policies, procedures, and reporting processes
- Experience ensuring team competence related to information security and assisting managers in security activities
Cohere Health Compensation & Benefits Highlights
-
Leave & Time Off Breadth — PTO is presented at up to 184 hours (23 days) per year plus company holidays, and feedback suggests flexibility and PTO are appreciated. Clear policy details on PTO and holidays are highlighted across official materials.
-
Parental & Family Support — Parental leave is listed as up to 14 weeks paid in the U.S., with adoption and fertility benefits also referenced. Candidates are encouraged to confirm specifics given potential variations by role, timing, or location.
-
Healthcare Strength — Coverage spans medical, dental, vision, life, and disability insurance alongside an EAP, with hosted plan summaries indicating concrete medical and disability offerings. Inclusive elements such as transgender health care benefits and pet insurance are also cited.
Cohere Health Insights
What We Do
Cohere Health’s clinical intelligence platform and agentic AI-powered solutions connect health plans’ strategic goals and providers’ needs, optimizing the speed, cost, and quality of care. With an enterprise approach that streamlines payer-provider decision-making across the care continuum–including policy, prior authorization, payment accuracy, and more–the company improves collaboration and reduces burden, resulting in up to 8x ROI and 94% provider satisfaction. With the acquisition of ZignaAI, we expanded our AI-native platform with a comprehensive Payment Integrity Suite that spans data mining, clinical and coding validation, authorization and claims reconciliation, and end-to-end payment integrity services across pre- and post-pay workflows. By connecting clinical and payment insights, our transparent, AI-powered solutions help health plans proactively improve payment accuracy, reduce waste and vendor dependency, strengthen provider relationships, and build smarter, more efficient payment integrity programs. Cohere Health’s innovations continue to receive industry-wide recognition. We’ve been recognized on TIME’s World Top HealthTech Companies 2025 list, the 2025 Inc. 5000 list, in the Gartner® Hype Cycle™ for U.S. Healthcare Payers (2022-2025), and ranked as a Top 5 LinkedIn™ Startup for 2023 & 2024.
Why Work With Us
Cohere Health brings together a community of healthcare and technology team members, passionate about changing the challenging parts of healthcare. If you enjoy solving challenging problems and learning about healthcare, then Cohere Health is a great career choice.
Gallery
Cohere Health Offices
Remote Workspace
Employees work remotely.
Cohere employees work from 45 different states throughout the US - Cohere hosts retreats at our headquarters in Boston. ZignaAI, a Cohere Health Company, employees based in Hyderabad, India, work in-office 5 days a week.









































