Sr. Application Security
Cohere Healthabout 4 hours ago
Responsibilities
- Design secure architecture patterns for cloud-native applications, APIs, and microservices.
- Implement secure patterns for authentication, authorization, and identity propagation across distributed systems.
- Design secure approaches for service-to-service communication and API protection.
- Support architecture and threat modeling reviews for new services and platform capabilities.
- Design and implement secure identity and authentication flows using Okta and AWS Cognito.
- Implement OAuth2, OpenID Connect, and token-based authentication patterns.
- Apply secure approaches for API gateway authorization and token validation.
- Integrate security controls into CI/CD pipelines and DevSecOps workflows.
- Work closely with engineering teams on secure service and API design.
- Contribute to building reusable security frameworks and developer tooling.
Requirements
- 6 or more years of experience in application security, secure software engineering, or cloud security architecture.
- Strong background in designing and securing cloud-native applications, APIs, and microservices architectures.
- Deep expertise with modern authentication and identity protocols, including OAuth2, OpenID Connect, and JWT.
- Hands-on experience designing and implementing identity architectures using Okta, including SSO, federation, and MFA.
- Experience integrating Okta with cloud-native applications and APIs, including token validation and identity propagation.
- Experience working with AWS Cognito or similar cloud identity platforms.
- Strong understanding of secure API design, including gateway authorization and service-to-service authentication.
- Experience embedding security into CI/CD pipelines and DevSecOps workflows.
- Ability to review application code and guide secure coding practices across engineering teams.
- Experience contributing to security frameworks or reusable libraries that enable engineers to build secure services by default.