Application Security Engineer

About the role

We're hiring an Application Security Engineer to work hands-on with our engineering teams to find and fix vulnerabilities, harden our applications, and keep security woven into how we build software. This is a practitioner role; you'll spend your time in code, in tooling, and in design reviews, not writing strategy decks or managing people. You'll report to our security leadership and collaborate daily with developers across the stack. The systems you help protect handle sensitive patient data, so the work carries real weight.

Responsibilities

• Perform secure code reviews, threat modeling, and security design reviews for new features and services.
• Use AI to automate tooling like SAST, DAST, SCA, secret scanning, and container scanning tools across our CI/CD pipelines.
• Use AI to triage and validate vulnerability findings from automated tools, penetration tests, and bug bounty submissions. Track remediation to closure.
• Work directly with engineering squads to fix security issues, helping developers understand the "why" and the fix, not just the finding.
• Support third-party penetration tests: scoping, coordination, triage, and follow-through on results.
• Contribute to developer security guides and training grounded in our actual codebase and stack.
• Help maintain and improve our vulnerability management workflows and tracking using AI.
• Support compliance work related to HIPAA and SOC 2 where it touches application and data security.
• Stay current on the threat landscape and flag emerging risks relevant to our technology and industry.

Requirements

• 5+ years of experience in application security.
• Technical Skills
• You've written production code and can read, review, and critique code in at least one modern language (Python, Go, Java, TypeScript, etc.).
• Solid working knowledge of common vulnerability classes (OWASP Top 10, injection attacks, auth flaws, insecure deserialization, etc.) and how to fix them.
• Hands-on experience with threat modeling and secure code review-you've done these against real systems, not just studied them.
• Experience working with security tooling in CI/CD pipelines (SAST, SCA, secret scanning, GitHub Actions, etc.).
• Familiarity with cloud environments (AWS) and container/Kubernetes basics from a security angle.
• Working understanding of auth standards (OAuth 2.0, OIDC, SAML) and API security concepts (REST, GraphQL).
• How You Work
• You're collaborative, you'd rather help a developer fix something than file a ticket and walk away.
• You communicate clearly. You can explain a vulnerability to an engineer and to a product manager without losing accuracy.
• You're organized enough to juggle multiple findings and remediation efforts across teams without things slipping.
• You're comfortable asking questions and navigating ambiguity in a fast-moving environment.
• You care about the mission; these systems handle patient data, and that responsibility resonates with you.
• Experience in healthcare or health-tech; familiarity with HIPAA Security Rule requirements.
• Exposure to compliance frameworks like SOC 2 Type II, HIPA

Benefits

Additional Information

About AKASA At AKASA, our mission is to build the future of healthcare with AI. As the leading provider of generative AI solutions for the healthcare revenue cycle, we help health systems comprehensively capture and communicate the full patient clinical journey. By empowering health systems to streamline their operations, they can focus on what matters most - delivering quality patient care. We have raised over $205M in funding from investors such as Andreessen Horowitz, BOND, and Costanoa Ventures. This is the most exciting time to join AKASA. Revenue bookings for our new AI-native product suite have grown over 20x since launching in 2024. In this time, we have broken our record for the largest deal in company history three times consecutively. This growth is driven by the massive improvement we are generating for our customers across clinical quality and documentation accuracy, both top priority areas for health system leaders. Our deployments have been recognized nationally as "one of the most comprehensive real-world uses of GenAI in healthcare finance to date" ( link ). Our customer base represents more than $120B+ in net patient revenue and includes the most innovative health systems in the country, like Cleveland Clinic, Duke, Stanford, and Johns Hopkins. Some of our recent recognitions include being named one of America's Top Startup Employers 2026 by Forbes, #1 most promising healthcare RCM startup of 2025 by Black Book Market Research, and one of the fastest-growing GenAI startups to watch by AIM Research. Our CEO was ranked among the "Top 50 Healthcare Technology CEOs" by the Healthcare Technology Report, and we have been certified as a "Great Place to Work" for the past 6 years in a row. We're building on this momentum to redefine what's possible in healthcare. We're looking for exceptional people to help us accelerate that reality.

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at akasa? Share your experience