About AKASA

At AKASA our mission is to build the future of healthcare with AI. As the leading provider of generative AI solutions for the healthcare revenue cycle we help health systems comprehensively capture and communicate the full patient clinical journey. By empowering health systems to streamline their operations they can focus on what matters most - delivering quality patient care. We have raised over $205M in funding from investors such as Andreessen Horowitz BOND and Costanoa Ventures.

This is the most exciting time to join AKASA. Revenue bookings for our new AI-native product suite have grown over 20x since launching in 2024. In this time we have broken our record for the largest deal in company history three times consecutively. This growth is driven by the massive improvement we are generating for our customers across clinical quality and documentation accuracy both top priority areas for health system leaders.

Our deployments have been recognized nationally as one of the most comprehensive real-world uses of GenAI in healthcare finance to date (link). Our customer base represents more than $120B in net patient revenue and includes the most innovative health systems in the country like Cleveland Clinic Duke Stanford and Johns Hopkins.

Some of our recent recognitions include being named one of Americas Top Startup Employers 2026 by Forbes #1 most promising healthcare RCM startup of 2025 by Black Book Market Research and one of the fastest-growing GenAI startups to watch by AIM Research. Our CEO was ranked among the Top 50 Healthcare Technology CEOs by the Healthcare Technology Report and we have been certified as a Great Place to Work for the past 6 years in a row.

Were building on this momentum to redefine whats possible in healthcare. Were looking for exceptional people to help us accelerate that reality.

The opportunity

Were hiring an Application Security Engineer to work hands-on with our engineering teams to find and fix vulnerabilities harden our applications and keep security woven into how we build software. This is a practitioner role; youll spend your time in code in tooling and in design reviews not writing strategy decks or managing people.

Youll report to our security leadership and collaborate daily with developers across the stack. The systems you help protect handle sensitive patient data so the work carries real weight.

What youll do

• Perform secure code reviews threat modeling and security design reviews for new features and services.

• Use AI to automate tooling like SAST DAST SCA secret scanning and container scanning tools across our CI/CD pipelines.

• Use AI to triage and validate vulnerability findings from automated tools penetration tests and bug bounty submissions. Track remediation to closure.

• Work directly with engineering squads to fix security issues helping developers understand the why and the fix not just the finding.

• Support third-party penetration tests: scoping coordination triage and follow-through on results.

• Contribute to developer security guides and training grounded in our actual codebase and stack.

• Help maintain and improve our vulnerability management workflows and tracking using AI.

• Support compliance work related to HIPAA and SOC 2 where it touches application and data security.

• Stay current on the threat landscape and flag emerging risks relevant to our technology and industry.

Must-haves

• 5 years of experience in application security.

Technical Skills

• Youve written production code and can read review and critique code in at least one modern language (Python Go Java TypeScript etc.).

• Solid working knowledge of common vulnerability classes (OWASP Top 10 injection attacks auth flaws insecure deserialization etc.) and how to fix them.

• Hands-on experience with threat modeling and secure code reviewyouve done these against real systems not just studied them.

• Experience working with security tooling in CI/CD pipelines (SAST SCA secret scanning GitHub Actions etc.).

• Familiarity with cloud environments (AWS) and container/Kubernetes basics from a security angle.

• Working understanding of auth standards (OAuth 2.0 OIDC SAML) and API security concepts (REST GraphQL).

How You Work

• Youre collaborative youd rather help a developer fix something than file a ticket and walk away.

• You communicate clearly. You can explain a vulnerability to an engineer and to a product manager without losing accuracy.

• Youre organized enough to juggle multiple findings and remediation efforts across teams without things slipping.

• Youre comfortable asking questions and navigating ambiguity in a fast-moving environment.

• You care about the mission; these systems handle patient data and that responsibility resonates with you.

Nice-to-haves

• Experience in healthcare or health-tech; familiarity with HIPAA Security Rule requirements.

• Exposure to compliance frameworks like SOC 2 Type II HIPAA or HITRUST.

• Experience at a company where youve worn multiple hats.

• Relevant certifications (OSCP CSSLP CEH)nice signal not a gate.

Why youll love working here

• Real impactthe code you secure protects patient data at major health systems nationwide.

• A collaborative engineering culture where security is valued not treated as an afterthought.

• Hybrid model with focus time and in-person days (Wed & Thu in South San Francisco).

• Flexible PTO expansive health/dental/vision (including 100% free options) HSA contributions generous parental leave life insurance home office stipend cell/internet reimbursement company holidays and 401(k).

What We Offer

• Flexible paid time off (PTO)

• Expansive coverage for health dental and vision

• Employer contribution to Health Savings Accounts (HSA)

• Generous parental leave policy

• Full employee coverage for life insurance

• Home office stipend

• Cell phone/internet reimbursement

• Company-paid holidays

• 401(K) plan

Compensation

• Based on geo market data and other factors the salary range for this position is $205000-$275000 Equity. However a salary higher or lower than this range may be appropriate for a candidate whose qualifications differ meaningfully from those listed in the job description.

The above represents the expected salary range for this job requisition. Ultimately in determining your pay well consider your location experience and other job-related factors.

Were committed to doing the best work of our lives together. Come see if were the right team for you.

AKASA is a proud equal opportunity employer and we believe that a diverse and inclusive workforce is an imperative. We welcome people of different backgrounds genders races ethnicities abilities sexual orientations and perspectives just to name a few. We do not discriminate based upon any protected class and we encourage candidates of all identities and backgrounds to apply. AKASA considers qualified applicants regardless of criminal histories in accordance with the San Francisco Fair Chance Ordinance.

AKASA is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance or accommodations due to a disability please let us know at

Required Experience:

IC