Rodeo
ResourcesPartnersSign in

Bright Ascension Ltd

Product Security Architect

City of Edinburgh
£65k – £70k/yr
Posted 1 day ago
Sign up to applySee more jobs like this

How your CV stacks up

1Upload CV
2Analyse CV
3Improve CV

Upload your CV to see how well it fits this job role

?%

At Bright Ascension

We're building the software that powers the next generation of space missions. Our flagship platform, HELIX®, enables organisations to develop, deploy, and operate complex space systems faster, more efficiently, and with greater confidence.

As we continue to grow across commercial, government, defence, and national security sectors, we're looking for an exceptional Security Architect to help define how security is designed, implemented, and governed across our technology ecosystem.

This is a unique opportunity to influence the security architecture of a cutting-edge software platform that supports mission-critical systems deployed in some of the world's most demanding environments.

The Opportunity

Reporting to the Chief Architect, this role ensures that security is embedded by design across HELIX’s model-based, component-based and service-oriented approach.

The Product Security Architect drives a distributed, zero-trust security architecture that is deployable across diverse computing infrastructures, including cloud, on-premise, air-gapped and mission-critical environments.

The role bridges abstract architectural principles and real-world implementation, translating security principles into product security features, engineering standards, secure deployment patterns and assurance activities for customers, including those in National Security and Defence domains in the UK and US.

If you are passionate about Zero Trust Architecture, cloud security, secure deployment patterns, and influencing technical strategy at scale, we'd love to hear from you.

What You'll Be Doing

Security Architecture

  • Define, develop, and maintain the security aspects of the HELIX reference architecture.
  • Embed security principles (e.g., zero trust, least privilege, defence-in-depth) within HELIX’s model-based, service-oriented, and component-based paradigms.
  • Ensure architectural consistency across all HELIX products and development kits.
  • Own the translation of security principles into product security capabilities, engineering standards and secure-by-design product patterns.

Technology Mapping and Standards

  • Identify, evaluate, and select key security technologies and standards appropriate for HELIX applications.
  • Define clear mappings from technology-independent architecture to implementation using selected technologies.
  • Maintain alignment with industry and government security standards relevant to defence and sensitive applications.

Product Security Feature Design

  • Define and architect product security capabilities within HELIX and associated products, including authentication, authorisation, identity federation, role-based access control and policy-based access control.
  • Specify product requirements for audit logging, security event capture, tamper evidence, compliance reporting and customer security administration.
  • Define encryption, key management, secrets management and secure configuration approaches appropriate for product and deployment contexts.
  • Work with product managers, architects and engineering teams to translate security architecture into product backlog items, acceptance criteria and implementation guidance.
  • Ensure security features are usable, scalable and appropriate for customer deployment environments.

Reasons to use Rodeo

I’m in my final year doing Economics and I don’t know whether to apply for grad schemes now or do a masters first. What do you think?

Honest answer — it depends on where you want to end up. A lot of top grad schemes (Big 4, civil service, banking) don’t need a masters. Let’s look at the ones you’d be competitive for now, and we can decide if a masters actually adds anything.

Also worth knowing: most autumn 2026 applications are open now. Timing matters more than you think.

Start with a chat, not a search bar

Grad scheme, placement, apprenticeship? Not sure what you want yet — that's fine. Your agent talks it through with you and turns "I have no idea" into a shortlist.

P

Graduate Consultant — 2026 Scheme

PwC·London, UK
£35,000/yr

Why you're a good match

Strong

Your economics background and your summer at a regional bank line up with what PwC looks for on the consulting scheme. Applications close in four weeks.

See breakdown
Save jobNot relevant
View details

It searches the market for you

Every day your agent scans the market matching roles against what actually matters to you, not just keywords on a CV.

Why you're a good match

You’ve got the grades and the economics background, and your bank internship is exactly the experience this scheme looks for. Apply soon — deadlines close within the month.

See breakdown
Strong

Experience fit

Your summer at the bank plus your econometrics coursework map directly to the day-one responsibilities on this scheme — client modelling, market briefings, and deal support.

See breakdown
Strong

Only hits

No noise. No "maybe this fits." Just roles with a clear explanation of why they're right — and where to focus when applying.

Implementation Guidance and Assurance

  • Provide expert guidance to product architects and engineering teams on implementing security architecture.
  • Support assurance activities, including verification of security controls and architectural compliance.
  • Collaborate with teams to ensure secure coding, secure system integration, and appropriate use of cryptography and identity services.

Secure Software Development and DevSecOps

  • Establish and mature secure software development practices across product engineering teams
  • Define security requirements, secure coding standards, security acceptance criteria and release gates
  • Embed threat modelling, attack surface analysis and security design reviews into product development processes
  • Guide the integration of security tooling into CI/CD pipelines, including static application security testing, software composition analysis, secrets scanning, container scanning and dependency vulnerability management
  • Support vulnerability triage, remediation prioritisation and product security risk reporting

Deployment Architecture

  • Define and maintain a reference set of secure deployment patterns supporting distributed and cloud-based environments
  • Ensure deployment approaches meet both architectural principles and customer-specific needs
  • Support product engineering teams in implementing deployment architectures across varied infrastructure environments (e.g., public cloud, private cloud, on-premise, air-gapped systems)

Technology Selection for Deployment

  • Identify and guide the adoption of deployment technologies (e.g., containerisation, orchestration, infrastructure-as-code)
  • Ensure deployment approaches support secure operations, scalability, and resilience

Customer and Stakeholder Engagement

  • Understand and incorporate customer deployment and security requirements, particularly in regulated and high-assurance environments.
  • Act as a product security subject matter expert for customer assurance, bids, security questionnaires, audits and due diligence activities.

What We're Looking For

Essential technical skills and experience

  • Strong experience in security architecture for distributed and cloud-based systems.
  • Practical knowledge of zero trust architecture principles and their application in complex systems
  • Experience with cloud platforms (e.g., AWS, Azure, or similar), including secure architecture patterns.
  • Deep understanding of; Identity and Access Management (IAM), federation, and authentication protocols (e.g., OAuth 2.0, OpenID Connect, SAML)
  • Cryptography and key management (e.g., PKI, TLS, HSMs)
  • Network security principles (segmentation, secure communication, service mesh)
  • Secure API design, audit logging, tenant isolation, access control models and product security administration patterns
  • Familiarity with containerisation and orchestration technologies (e.g., Docker, Kubernetes) and their security implications
  • Experience with infrastructure-as-code and repeatable deployment patterns.
  • Knowledge of relevant standards and frameworks such as:
    • NIST Cybersecurity Framework / NIST 800-53
    • ISO/IEC 27001
    • UK NCSC guidance and Cloud Security Principles
    • Zero Trust Architecture (NIST SP 800-207)
    • OWASP Top 10, OWASP SAMM and NIST Secure Software Development Framework
  • Experience embedding secure software development practices, threat modelling and security design reviews into product development processes
  • Experience integrating application security and supply-chain security tooling into CI/CD pipelines, including SAST, SCA, secrets scanning and container scanning
  • Experience defining architectures independently of specific technologies and then mapping them onto implementations

Get help with your application

Your very own career expert that helps elevate your application to the next level.

Get help applying for this job

Essential personal skills and experience

  • Strong systems thinking and ability to operate at both conceptual and implementation levels
  • Excellent communication skills with the ability to convey complex security concepts to engineers and other stakeholders
  • Collaborative mindset with experience working across architecture and engineering teams
  • Ability to influence technical direction without direct authority
  • High attention to detail combined with strategic thinking
  • Strong problem-solving capabilities in complex, ambiguous environments

Desirable skills and experience

  • Experience in National Security, Defence, or highly regulated domains in the UK or US
  • Familiarity with:
    • Secure by Design and DevSecOps practices
    • Cross-domain solutions and handling data at different classification levels
    • Service mesh technologies (e.g., Istio, Linkerd)
  • Knowledge of compliance frameworks such as:
    • UK OFFICIAL/SECRET handling requirements
    • US DoD Zero Trust Strategy
    • FedRAMP/IL-level environments
  • Experience with high-assurance systems, mission-critical systems, or accreditation processes.
  • Exposure to model-based engineering approaches.

Why Join Bright Ascension?

At Bright Ascension, you'll have the opportunity to work on technology that directly supports the future of space exploration, satellite operations, and mission-critical systems around the world.

You'll join a collaborative, innovative team where your expertise will have genuine impact, helping shape the architecture of products used in some of the most challenging and exciting technical environments.

We offer:

  • The opportunity to influence the future direction of a market-leading space software platform
  • Exposure to cutting-edge cloud, security, and distributed systems technologies
  • A highly collaborative engineering culture
  • The chance to work with customers across commercial, government, defence, and international markets
  • Professional growth in a rapidly expanding company at the forefront of the space industry

Additional Information

  • Occasional travel may be required to support customers, partners, and internal teams.
  • Eligibility for UK and/or US Security Clearance may be required depending on project involvement.
  • A strong alignment with Bright Ascension's values, culture, and engineering excellence is essential.

If you're excited by the challenge of securing the next generation of space software and want to play a key role in shaping the future of HELIX®, we'd love to hear from you.

Trusted by 25,000+ job seekers

“It took my CV and asked me questions relevant to understanding what kind of jobs to suggest for me. Suggestions were almost perfect. Jobs were exactly what I’ve been looking for.”

Jessica, London

Get help applying for this job

Skills

Security Architecture
Zero Trust Architecture
Cloud Security
Identity and Access Management
Cryptography
Network Security
Secure API Design
Containerization
Infrastructure-as-Code
Secure Software Development
Threat Modelling
DevSecOps
Deployment Technologies
Compliance Frameworks
Mission-Critical Systems
High-Assurance Systems

Location

City of Edinburgh, Scotland, United Kingdom

Sign up to applySee more jobs like this