At a Glance
- Tasks: Ensure security in tech projects, embedding practical controls and managing risks effectively.
- Company: Fora, a forward-thinking company prioritising work-life balance and employee wellbeing.
- Benefits: Flexible working hours, 28 days leave, health cash plan, and a matched pension scheme.
- Other info: Dynamic environment with opportunities for personal growth and meaningful contributions.
- Why this job: Make a real impact on security while enjoying the freedom to work from anywhere.
- Qualifications: Hands-on experience in information security and strong communication skills.
The predicted salary is between 55000 - 65000 £ per year.
The role is 4 days in the office and 1 day working from anywhere. As an Information Security Analyst, you will sit at the point where technology, delivery, and governance meet – embedding pragmatic security assurance into vendor selection, SaaS adoption, and project delivery. Your job is to make sure security risks are identified early, articulated clearly, and driven through to real, implemented controls. This is a hands-on, delivery-focused role. You will work closely with engineers, delivery teams, IT operations, and business owners to ensure security commitments translate into action – not just documents. If you are technically credible, comfortable challenging designs constructively, and prefer practical outcomes over theoretical risk language, this role is built for you.
What you’ll be doing:
- Vendor & SaaS Security Assurance
- Identity and access controls
- Data protection
- Hosting environments
- Vulnerability management
- Incident response
Translate technical findings into clear risk statements, practical mitigations, and informed acceptance options, maintaining evidence suitable for investor, audit, and assurance review.
Secure Project Delivery:
- Secrets management and credential handling
- Access lifecycle and permissions
- Key rotation and logging expectations
You will engage early in projects and technical change, shaping security before designs are finalised. You will work pragmatically with delivery teams (including those using tools like Azure DevOps), integrating security into delivery plans – not adding friction at the end.
Operational Risk Follow-Through:
- Tracking remediation actions
- Following up on overdue items
- Escalating issues with evidence, impact, and clear options – not abstract theory
Risk & Governance Support:
- Maintain a decision-focused risk register, ensuring it reflects real control posture and delivery reality.
- Prepare concise risk summaries and evidence packs for senior decision-makers and contribute to improving governance processes where they genuinely help clarity, accountability, and delivery.
Why this role is different:
- Not policy-only
- Not compliance-led
- Focused on real delivery, real controls, and real outcomes
Requirements:
Essential experience:
- Hands-on experience in information security roles spanning technical and assurance responsibilities
- Experience assessing vendors, SaaS platforms, or third parties
- Strong understanding of:
- Cloud and SaaS security
- Identity and access management
- Secrets management and key rotation
- Vulnerability management
- Comfortable working with engineers and delivery teams
- Able to communicate risk clearly, pragmatically, and credibly
Desirable:
- Experience supporting investor-led, audit, or assurance requirements
- Familiarity with modern delivery tooling (e.g. Azure DevOps)
- Exposure to secure design or architecture reviews
- Comfortable in fast-moving environments with low tolerance for heavy process
Benefits:
At Fora, we believe work should enhance your life – not compete with it. Our benefits support your wellbeing, fuel your ambitions, and give you the freedom to live and work your way.
- Work Your Way: Core working hours with flexibility – because life doesn’t run 9-5. Two weeks ‘Work from Anywhere’ – swap your desk for a beach, a mountain, or anywhere that inspires you.
- Time to Rest & Recharge: 28 days’ annual leave + bank holidays. Your birthday off – celebrate you. Buy additional annual leave to create even more time for what matters.
- Wellbeing & Security: 5% matched pension scheme – supporting your future. Life assurance for peace of mind. Discounted gym membership to keep you feeling your best. Health cash plan – supporting day-to-day medical expenses. Mental wellbeing support – confidential in-person or online therapy sessions.
- Smarter, Greener Commuting: Cycle to Work Scheme. Season Ticket Loan to make your journey easier and more affordable.
- Perks That Make You Smile: 25% off at Fora cafés – your morning coffee just got better. 2 volunteer days / year.
Senior Information Security Analyst - Governance & Delivery employer: Fora Space Limited
At Fora, we prioritise a work culture that enhances your life, offering flexible working arrangements with core hours and the opportunity to work from anywhere for two weeks each year. Our commitment to employee wellbeing is evident through generous leave policies, a robust pension scheme, and mental health support, all designed to foster personal and professional growth in a collaborative environment focused on real outcomes.
StudySmarter Expert Advice🤫
We think this is how you could land Senior Information Security Analyst - Governance & Delivery
✨Tip Number 1
Get to know the company culture before your interview. Check out their social media, read up on their values, and see how they engage with their community. This will help you tailor your responses and show that you're genuinely interested in being part of their team.
✨Tip Number 2
Practice your technical skills and be ready to discuss real-world scenarios. Since this role is hands-on, think about past experiences where you tackled security challenges and how you communicated risks effectively. We want to see your practical knowledge in action!
✨Tip Number 3
Network with current employees or industry professionals. Reach out on LinkedIn or attend relevant events to get insights into the role and the company. This can give you a leg up and might even lead to a referral – which is always a bonus!
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets seen by the right people. Plus, it shows you’re proactive and serious about joining our team. Let’s make it happen!
We think you need these skills to ace Senior Information Security Analyst - Governance & Delivery
Some tips for your application 🫡
Tailor Your Application:Make sure to customise your CV and cover letter for the Senior Information Security Analyst role. Highlight your hands-on experience in information security and how it aligns with our focus on practical outcomes over theoretical risk language.
Showcase Your Technical Credibility:We want to see that you're technically credible! Include specific examples of how you've assessed vendors or managed vulnerabilities in past roles. This will help us understand your comfort level in challenging designs constructively.
Be Clear and Concise:When articulating your experiences, keep it clear and to the point. We appreciate straightforward communication, especially when it comes to translating technical findings into risk statements and mitigations.
Apply Through Our Website:Don’t forget to apply through our website! It’s the best way for us to receive your application and ensures you’re considered for this exciting opportunity. We can’t wait to hear from you!
How to prepare for a job interview at Fora Space Limited
✨Know Your Stuff
Make sure you brush up on your technical knowledge, especially around cloud and SaaS security, identity management, and vulnerability management. Be ready to discuss how you've applied this knowledge in real-world scenarios, as this role is all about practical outcomes.
✨Speak Their Language
When discussing risks and controls, use clear and straightforward language. Avoid jargon and focus on articulating your points in a way that resonates with both technical and non-technical stakeholders. This will show that you can bridge the gap between engineering and governance.
✨Show Your Hands-On Experience
Prepare examples from your past roles where you’ve engaged directly with delivery teams or managed security in project settings. Highlight specific instances where your involvement led to tangible improvements in security posture or project delivery.
✨Be Proactive and Pragmatic
Demonstrate your ability to identify security risks early in the project lifecycle. Discuss how you’ve successfully integrated security into delivery plans without causing friction. This shows that you understand the importance of balancing security with operational efficiency.
