What are the responsibilities and job description for the Application Security Architect / Senior AppSec Engineer position at Unisys?
Application Security Architect / Senior AppSec Engineer
π Location: Rockville, MD or Tysons Coner, VA and NJ and NYC Hybrid (3 Days Onsite / 2 Days Remote)
Are you passionate about shaping enterprise security strategy, evaluating emerging security technologies, and building secure-by-design application ecosystems?
We are seeking an experienced Application Security professional who can operate at both the strategic and technical levels. This role is ideal for an Application Security Architect, Senior Application Security Engineer, Lead Penetration Tester, or Security Consultant with strong threat modeling and security assessment experience.
The ideal candidate will evaluate new security technologies, perform proof-of-concepts, establish security standards, and partner with engineering teams to drive enterprise-wide security initiatives.
What You'll Do
- Research, evaluate, and perform proof-of-concepts (POCs) for emerging security technologies and enterprise security platforms.
- Assess security tooling and recommend solutions that can be implemented across large-scale enterprise environments.
- Conduct architecture reviews and identify security gaps across applications, APIs, cloud environments, and modern platforms.
- Lead threat modeling exercises and security design reviews.
- Develop security baselines, standards, and reference architectures.
- Partner with engineering teams to implement security controls and secure design principles.
- Evaluate and recommend application security tools including SAST, DAST, IAST, and Software Composition Analysis solutions.
- Design security guardrails for cloud-native applications, APIs, microservices, containers, and serverless environments.
- Support DevSecOps initiatives and security integration within CI/CD pipelines.
- Drive enterprise-wide security improvements and strategic security programs.
- Stay current on emerging threats, attack techniques, and security technologies.
Required Qualifications
Must Have
β Strong Application Security background
β Threat Modeling experience (STRIDE, PASTA, OCTAVE, or similar)
β Penetration Testing and Security Assessment experience
β Experience evaluating and recommending enterprise security tools
β Ability to perform technical research, proof-of-concepts, and strategic security analysis
β Cloud Security experience (AWS, Azure, or GCP)
β Deep understanding of secure software development principles
β Strong knowledge of OWASP Top 10, security architecture, and secure design practices
β Excellent communication and stakeholder management skills
Preferred Qualifications
β Experience supporting large enterprise environments
β DevSecOps and CI/CD security experience
β API Security expertise
β Experience with microservices and containerized applications
β Secure authentication and authorization design (OAuth, OIDC, SAML, MFA, SSO)
β Programming or scripting experience (Python, Java, JavaScript, etc.)
β Knowledge of security automation and security engineering practices
β Experience with GitLab or GitLab security tooling
β Exposure to Generative AI, LLM security, AI governance, or AI risk management
Ideal Backgrounds
We are open to candidates from the following backgrounds:
- Application Security Architect
- Senior Application Security Engineer
- Lead Penetration Tester
- Security Consultant
- Security Researcher
- DevSecOps Security Engineer
- Cloud Security Architect
What We're Looking For
This role requires someone who can think strategically while remaining technically hands-on. You should be comfortable evaluating new technologies, influencing engineering teams, leading security initiatives, and helping shape the future direction of enterprise application security.
If you enjoy solving complex security challenges, conducting deep technical evaluations, and driving security improvements at scale, we'd love to hear from you.