Sr. Application Security

Responsibilities

• Contribute to designing secure architecture patterns for cloud-native applications, APIs, and microservices
• Implement secure patterns for authentication, authorization, and identity propagation across distributed systems
• Design secure approaches for service-to-service communication and API protection
• Support architecture and threat modeling reviews for new services and platform capabilities
• Design and implement secure identity and authentication flows using Okta and AWS Cognito
• Implement OAuth2, OpenID Connect, and token-based authentication patterns
• Apply secure approaches for API gateway authorization and token validation
• Integrate security controls into CI/CD pipelines and DevSecOps workflows
• Work closely with engineering teams on secure service and API design
• Contribute to building reusable security frameworks and developer tooling that enable teams to build secure services by default
• Required Qualifications:
• 6 or more years of experience in application security, secure software engineering, or cloud security architecture
• Strong background in designing and securing cloud-native applications, APIs, and microservices architectures
• Deep expertise with modern authentication and identity protocols, including OAuth2, OpenID Connect, and JWT
• Hands-on experience designing and implementing identity architectures using Okta, including SSO, federation, and MFA
• Experience integrating Okta with cloud-native applications and APIs, including token validation and identity propagation
• Experience working with AWS Cognito or similar cloud identity platforms
• Strong understanding of secure API design, including gateway authorization and service-to-service authentication
• Experience embedding security into CI/CD pipelines and DevSecOps workflows
• Ability to review application code and guide secure coding practices across engineering teams
• Experience contributing to security frameworks or reusable libraries that enable engineers to build secure services by default.
• Ability to commute/relocate:
• Hyderabad, Telangana: Reliably commute or planning to relocate before starting work (Preferred)
• Interview Process*:
• Connect with Talent Acquisition
• Meet with the Hiring Manager
• Behavioral Interview(s)
• Case Study
• Interview with Senior Leadership
• *Subject to change
• About Cohere Health:

Benefits

Additional Information

Opportunity Overview: We are seeking a hands-on Application Security Engineer to help embed security into the core architecture of our cloud-native healthcare platform. This role focuses on implementing secure application frameworks, identity systems, and developer security capabilities across modern distributed systems. As an Application Security Engineer, you will work closely with engineering and platform teams to implement secure patterns for authentication, authorization, API security, and service-to-service communication. You will support architecture reviews, threat modeling, and secure design discussions, and implement practical security controls directly in their applications and services. This role is deeply integrated into the engineering and platform ecosystem, working on secure API architectures, identity integrations, CI/CD security, and reusable security frameworks that enable teams to build secure services by default. The ideal candidate combines strong software engineering and cloud architecture experience with deep expertise in modern identity platforms such as Okta, and a passion for helping engineering teams deliver secure systems at scale. Experience in healthcare or other regulated environments is strongly preferred.

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at coherehealth? Share your experience