Forage is building the modern payments stack that powers inclusive commerce. Our technology enables grocers, delivery platforms, and point-of-sale systems to seamlessly accept EBT payments both online and in-store. Beyond infrastructure, we’re helping SNAP EBT shoppers stretch their grocery budgets every week, making healthy food more affordable and accessible to the 42 million Americans on food assistance.

Backed by leading fintech investors, Forage is a fast-growing startup with a clear vision and real-world impact, feeding tens of thousands of families daily. Our team is made up of kind, driven individuals who take ownership, move quickly, and collaborate closely. We value humility, curiosity, and a shared commitment to making a difference.

We’re not just building payments infrastructure — we’re helping feed tens of thousands of families each day, and transforming grocery access for millions more. Watch our story and see why we do what we do.

What we are looking for:

We’re looking for a Security Analyst to help keep Forage’s security and compliance programs running smoothly as we scale. You’ll own the operational backbone of our security practice. You will ensure our policies, controls, audits, and evidence stay organized, up-to-date, and ready for scrutiny. You’ll work closely with our Head of Security to turn strategic decisions into consistent day-to-day execution.

This is a hands-on role for someone who enjoys structure, documentation, problem-solving, and a broad variety of small-but-important tasks across security, compliance, and infrastructure.

Qualifications:

1-4 years of experience in GRC, security compliance, IT audit or security operations.
Familiarity with SOC 2, PCI DSS, ISO 27001, or similar security frameworks.
Ability to read and understand python code to validate security fixes
Strong organizational and documentation skills
Ability to own and prioritize multiple tasks open at once
Experience with vendor assessments, access reviews, evidence collection, or audit support
Comfort working with technical teams, asking clarifying questions, and escalating when need
Nice to have: Payments experience
Nice to have: Knowledge of penetration testing workflows
Nice to have: ability to read node

Key Responsibilities:

Triage and manage incoming security requests from entire company
Own and manage the full vendor security assessment lifecycle (new vendors and annual reviews)
Own and build device management and provisioning process
Troubleshoot and enhance in-office IT, wifi and physical security
Partner with product/engineering teams to clarify which controls apply to new features, systems, or architectural changes
Read python code to understand vulnerabilities and help validate fixes and make small bug fixes or configuration updates when appropriate
Maintain organized, audit-ready repositories of policies, SOC reports, and control documentation
Assist with security questionnaires from enterprise customers
Coordinate evidence collection and organize materials for quarterly/annual audits
Update and refine security policies to reflect current controls and organizational practices
Track remediation of security findings from vulnerability scans, pentests, and audits

Our Offer:

Your base salary would fall within the bands below. Please keep in mind that the equity portion of your offer is not included in these numbers and represents a significant part of your total compensation.

Compensation: $90k-$100k USD base + equity + benefits
Meaningful work that makes a positive impact on our society.
100% of Medical, Dental and Vision premium coverage for yourself and dependents.
Enjoy regular team lunches at our San Francisco office, fostering collaboration and connection over great food.
A fun and caring environment that prioritizes transparency, growth, and ownership.
A talented, diverse, high-achieving, and humble team with diverse backgrounds and viewpoints.

Our salary ranges are determined by role, level, and location. The range displayed on each job posting reflects the minimum and maximum target for new hire salaries at our headquarters in San Francisco, California. Individual pay is determined by work location, job-related skills, experience, and relevant education or training.

We aim to review every application within 4 business days of submission and provide feedback on each of your interviews within 2 business days of completion. If you don't hear from us, please reach out to your recruiter or careers[at]joinforage[dot]com directly to get an update on your candidacy.

Integrity & Fairness: To maintain a fair and equitable hiring process for all candidates, we require that interviews and exercises be completed without the use of AI-powered tools. We assess candidates based on their direct experience, judgment, and communication.

Please note: We are not engaging with third-party recruiters or agencies for this role. We kindly ask that you refrain from contacting us regarding recruitment services. Fees will not be paid for unsolicited resumes sent to Forage.

Please note: Forage is unable to provide visa sponsorship for this role. Applicants must have work authorization that does not require visa sponsorship now or in the future.

Ready to apply?

Powered by

First name *

Last name *

Email *

LinkedIn URL

Resume *

Click to upload or drag and drop here

LinkedIn Profile

Do you reside within North America (Mexico, United States, Canada)? *

No

Yes

Are you able to work from our San Francisco office 2-3 days a week? *

Yes

No

It Depends

Will you now or in the future require work sponsorship, including visa transfers, renewals or new sponsorships? *

No

Yes

Voluntary Self-Identification

To comply with government reporting requirements, we invite candidates to participate in the self-identification survey below. Your completion of this form is entirely optional, and your decision will neither influence the hiring process nor any subsequent stages. Any information you choose to share will be kept confidential and stored in a secure file. As outlined in our Equal Employment Opportunity policy, we uphold a commitment to non-discrimination based on any protected group status specified in applicable laws.

Gender

Race

Race and ethnicity descriptions

Voluntary Self-Identification of Veteran Status

VEVRAA requires Government contractors to take affirmative action to employ and advance in employment protected veterans. To help us measure the effectiveness of our outreach and recruitment efforts of veterans, we are asking you to tell us if you are a veteran covered by VEVRAA. If you believe that you belong to any of the following categories of protected veterans, please indicate by making the appropriate selection.

Veteran status descriptions

Disabled veteran

A veteran who served on active duty in the U.S. military and is entitled to disability compensation (or who but for the receipt of military retired pay would be entitled to disability compensation) under laws administered by the Secretary of Veterans Affairs, or was discharged or released from active duty because of a service-connected disability

Recently separated veteran

A veteran separated during the three-year period beginning on the date of the veteran's discharge or release from active duty in the U.S military, ground, naval, or air service

Active duty wartime or campaign badge veteran

A veteran who served on active duty in the U.S. military during a war, or in a campaign or expedition for which a campaign badge was authorized under the laws administered by the Department of Defense

Armed Forces service medal veteran

A veteran who, while serving on active duty in the U.S. military ground, naval, or air service, participated in a United States military operation for which an Armed Forces service medal was awarded pursuant to Executive Order 12985 (61 Fed. Reg. 1209).

Veteran status

Req ID: 57

Apply now

See more open positions at Forage

Privacy policy Cookie policy