Security Analyst
$90k - $100kForage
About Us:
Forage is building the modern payments stack that powers inclusive commerce. Our technology enables grocers, delivery platforms, and point-of-sale systems to seamlessly accept EBT payments both online and in-store. Beyond infrastructure, we’re helping SNAP EBT shoppers stretch their grocery budgets every week, making healthy food more affordable and accessible to the 42 million Americans on food assistance.
Backed by leading fintech investors, Forage is a fast-growing startup with a clear vision and real-world impact, feeding tens of thousands of families daily. Our team is made up of kind, driven individuals who take ownership, move quickly, and collaborate closely. We value humility, curiosity, and a shared commitment to making a difference.
We’re not just building payments infrastructure — we’re helping feed tens of thousands of families each day, and transforming grocery access for millions more. Watch our story and see why we do what we do .
What we are looking for:
We’re looking for a Security Analyst to help keep Forage’s security and compliance programs running smoothly as we scale. You’ll own the operational backbone of our security practice. You will ensure our policies, controls, audits, and evidence stay organized, up-to-date, and ready for scrutiny. You’ll work closely with our Head of Security to turn strategic decisions into consistent day-to-day execution.
This is a hands-on role for someone who enjoys structure, documentation, problem-solving, and a broad variety of small-but-important tasks across security, compliance, and infrastructure.
Qualifications:
- 1-4 years of experience in GRC, security compliance, IT audit or security operations.
- Familiarity with SOC 2, PCI DSS, ISO 27001, or similar security frameworks.
- Ability to read and understand python code to validate security fixes
- Strong organizational and documentation skills
- Ability to own and prioritize multiple tasks open at once
- Experience with vendor assessments, access reviews, evidence collection, or audit support
- Comfort working with technical teams, asking clarifying questions, and escalating when need
- Nice to have: Payments experience
- Nice to have: Knowledge of penetration testing workflows
- Nice to have: ability to read node
Key Responsibilities:
- Triage and manage incoming security requests from entire company
- Own and manage the full vendor security assessment lifecycle (new vendors and annual reviews)
- Own and build device management and provisioning process
- Troubleshoot and enhance in-office IT, wifi and physical security
- Partner with product/engineering teams to clarify which controls apply to new features, systems, or architectural changes
- Read python code to understand vulnerabilities and help validate fixes and make small bug fixes or configuration updates when appropriate
- Maintain organized, audit-ready repositories of policies, SOC reports, and control documentation
- Assist with security questionnaires from enterprise customers
- Coordinate evidence collection and organize materials for quarterly/annual audits
- Update and refine security policies to reflect current controls and organizational practices
- Track remediation of security findings from vulnerability scans, pentests, and audits
Our Offer:
Your base salary would fall within the bands below. Please keep in mind that the equity portion of your offer is not included in these numbers and represents a significant part of your total compensation.
- Compensation: $90k-$100k USD base + equity + benefits
- Meaningful work that makes a positive impact on our society.
- 100% of Medical, Dental and Vision premium coverage for yourself and dependents.
- Enjoy regular team lunches at our San Francisco office, fostering collaboration and connection over great food.
- A fun and caring environment that prioritizes transparency, growth, and ownership.
- A talented, diverse, high-achieving, and humble team with diverse backgrounds and viewpoints.
Our salary ranges are determined by role, level, and location. The range displayed on each job posting reflects the minimum and maximum target for new hire salaries at our headquarters in San Francisco, California. Individual pay is determined by work location, job-related skills, experience, and relevant education or training.
We aim to review every application within 4 business days of submission and provide feedback on each of your interviews within 2 business days of completion. If you don't hear from us, please reach out to your recruiter or careers[at]joinforage.com directly to get an update on your candidacy.
Integrity & Fairness: To maintain a fair and equitable hiring process for all candidates, we require that interviews and exercises be completed without the use of AI-powered tools. We assess candidates based on their direct experience, judgment, and communication.
Please note: We are not engaging with third-party recruiters or agencies for this role. We kindly ask that you refrain from contacting us regarding recruitment services. Fees will not be paid for unsolicited resumes sent to Forage.
Please note: Forage is unable to provide visa sponsorship for this role. Applicants must have work authorization that does not require visa sponsorship now or in the future.
- ...Job Description Security Analyst - Endpoint Security & Infrastructure Location: Daly City, California, USA Work Mode: Onsite Employment Type: Full-Time Eligibility: Authorized to work in the US without sponsorship Experience: 5+ Years We...SuggestedFull timeImmediate startShift work
- ...Description Upwind is a next-generation Cloud Security Platform that leverages runtime context to identify and prioritize critical... ...meaningful impact on our growth. We are looking for a Security Analyst to join our MDR team. In this role, you will be part of our...Suggested
- ...About the Team The Security Governance, Risk, and Compliance team is part of Plaid’s security organization, focused on enabling the business by proactively managing information security risks and maintaining effective controls. Our mission is to reduce the likelihood...SuggestedContract workWork experience placementLocal area
- ...of key verticals and horizontals. Responsibilities Monitors and analyzes network traffic, identifying and responding to potential security threats. Works with security teams to develop and implement security policies and procedures, and provides technical support to other...Suggested
$1,750 - $2,150 per month
Role Overview Mercor is partnering with leading AI labs to engage experienced cybersecurity professionals — security analysts, penetration testers, incident responders, threat intelligence specialists, and security architects — to improve AI systems' reasoning around threat...SuggestedRemote jobHourly pay$75k - $100k
...US, UK, Europe, Japan and Canada, and has been used for more than 500,000 patients worldwide. Overview The Heartflow Information Security team is responsible for security across our corporate and product environments, protecting our patient data and medical device ecosystem...Local areaWorldwideRelocation$121.76k
...world and empower them to protect it. About the Opportunity Reporting to the Director of Information Technology, the Senior Security Analyst is responsible for configuring, maintaining, and monitoring internal security controls to prevent, detect, and respond to cyber...Full timeContract work$130k - $160k
...Role Overview As a Security Risk and Compliance Analyst you will play a hands‑on role in maturing and operating the company’s compliance and certification programme—specifically across controls maturity, policy governance, and audit execution. This role sits at the intersection...InternshipWork at officeLocal areaWork from homeWorldwide- Job43 - EITS Security Risk Analyst B (Engagement) Location: 100% Remote Max Submissions: 5 Proposed Start Date: ASAP Proposed End Date: 06/30/2026 Role Overview Serve as a liaison between the CISO’s strategic initiatives and the IT operational teams. Translate business...Remote jobImmediate startFlexible hours
- HackerOne is looking for a Product Security Analyst to work remotely within the U.S. As part of the Technical Services organization, you’ll evaluate vulnerability reports, collaborate with security researchers, and help maintain the integrity of HackerOne’s platform. This...Remote work
$110k - $140k
Security Compliance Analyst Manage Hive’s current risk management program Manage external and internal audits, including reviewing materials that require attention for accuracy and properly adhering to regulatory expectations. Implement ISMS in coordination with executive...$175k - $220k
...Coinbase, Workday, Lyft, Cloudflare, Harvey, Rippling, Vanta, LinkedIn, Monday.com, Nvidia, and Bridgewater. About the Team The Security team at LangChain treats compliance as a business enabler, not a checkbox. We move fast, build customer trust across regulated industries...Contract workWork at officeFlexible hours$130k - $155k
Cox Worldwide Funds plc is looking for a Trade Operations & Data Analyst to join the Investment Operations department in San Francisco. This role is pivotal for maintaining the integrity of security reference data and overall asset data quality. Successful candidates will...Work at officeWorldwide- DELTASOFT SOLUTIONS LLC seeks a remote EITS Security Risk Analyst B to bridge CISO initiatives and IT teams. The role involves developing risk metrics, conducting risk analyses, and ensuring compliance with healthcare regulations such as HIPAA. Candidates should possess...Remote jobImmediate start
$96.3k - $145.2k
...through AI, driving innovation, and keeping Salesforce’s core values at the heart of it all. About the Role The Security GRC (Governance, Risk, and Compliance) Analyst role is part of our Security and Compliance team, sitting at the intersection of internal operations and...Work at office$109.9k - $133.59k
...people and our planet come first. Our core values of Safety and Security, Teamwork, Excellence, Care, and Equity guide everything we do... ...Description Under general supervision, the 9212 Aviation Security Analyst performs routine and special-emphasis security checks of...Full timeWork experience placementWork at officeLocal areaImmediate startWorldwide- ...Position: IAM Remediation & Identity Security Analyst Location: Remote (working PST hours) Contract: 6+Months Overview We are seeking an experienced Identity & Access Management (IAM) professional to support remediation efforts following a recent...Contract workRemote work
- Ivo Inc. is seeking a GRC Analyst to support compliance and risk management initiatives in their San Francisco office. This is a crucial role designed to maintain Ivo's security compliance across multiple standards including SOC 2 Type II and ISO 27001. The successful candidate...Work at office
- United States Digital Space LLC is seeking a Security Risk and Compliance Analyst in San Francisco. You will enhance and operate compliance programs, focusing on controls maturity and audit execution. This role offers a unique opportunity for those with GRC experience...
$96.3k - $145.2k
Centaur Labs is searching for a Security GRC Analyst to lead the Unified Audit program, ensuring compliance with frameworks such as SOC 2 and HIPAA. The ideal candidate will have 2-4 years of experience in GRC and must manage internal evidence collection and external audit...$1,750 - $2,150 per month
...Role Responsibilities Review and evaluate AI-generated outputs related to threat analysis, vulnerability assessment, and security architecture recommendations. Create realistic scenarios based on cybersecurity workflows such as incident response runbooks, threat...Hourly payContract workSummer workRemote work- ARMA International is seeking an Information Security Operations Analyst in Berkeley, California. The role demands strong IT skills and at least 5 years of experience, focusing on security operations and incident response. The ideal candidate will join a collaborative team...
- The University of California, Berkeley is hiring an Information Security Operations Analyst to enhance the protection of its information systems. Candidates must have at least 5 years in IT and 3 years in security operations, focusing on incident response and log analysis...Full time
- ...Remote Contract Role | Information Security Technical Analyst Duration: 1 year contract with possible extension pay Range: 50 -54.80/hour on w2 Description: This role is within the Security Governance, Risk, and Compliance (SGRC) team, within ** Information...Contract workRemote work
- ...Job Title: Information Security Technical Analyst Location: Remote - West Coast - PST based. Pay Rate: $54.86/hr on w2 Paid Weekly! Initial Assignment Length: 12 Months (Extension is possible based on performance, attendance, and business need) Start Date...Weekly payRemote work
- Information Security Operations Analyst (0661U), Berkeley IT - 87198 Departmental Overview The Information Security Office (ISO) coordinates the risk management process for UC Berkeley's information systems and directs campus-wide efforts to adequately secure institutional...Full timeWork at office
$50 - $60 per hour
DataAnnotation is committed to creating high-quality AI. Enjoy the flexibility of remote work and the freedom to set your own schedule. This is an opportunity to work with us as an independent contractor. We're currently expanding into an exciting new area – teaching...Hourly payContract workFor contractorsWork experience placementRemote work- ...incidents. Defuse guest/employee disturbances. Call for outside assistance if necessary. Complete incident reports to document all Security/Loss Prevention related incidents. Handle all interruptions and complaints. Resolve safety hazard situations. Escort any unwelcome...Work experience placementLocal areaShift work
$17.5 - $20.4 per hour
...with peers and supervisors to accomplish tasks ~ Able to work a flexible schedule to support business needs ~0-2 years retail or security experience Benefits include: Associate discount; EAP; smoking cessation; bereavement; 401(k) Associate contributions; child...Hourly payTemporary workLocal areaHome officeFlexible hours$90k - $125k
...Job Overview Analyst – Real Estate, located in San Francisco, CA. The DWS real estate group seeks a Portfolio and Asset Management Analyst who will support Portfolio Managers and Asset Managers across 15‑25 properties in the industrial, multi‑family, and retail sectors...Work experience placementWork at officeRemote work
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Security Analyst. Be the first to apply!
- security analyst remote San Francisco, CA
- information security compliance analyst San Francisco, CA
- cloud security analyst San Francisco, CA
- rate analyst San Francisco, CA
- senior information security analyst San Francisco, CA
- entry level information security analyst San Francisco, CA
- security analyst intern San Francisco, CA
- security analyst San Francisco, CA
- security operations analyst San Francisco, CA
- entry level security analyst San Francisco, CA


