At a Glance
- Tasks: Lead security assessments and ensure safe project delivery in a hands-on role.
- Company: Dynamic company focused on real outcomes and innovative security solutions.
- Benefits: Flexible working hours, generous leave, wellness support, and a matched pension scheme.
- Other info: Enjoy a vibrant work culture with opportunities for personal and professional growth.
- Why this job: Make a tangible impact on security while collaborating with tech teams.
- Qualifications: Hands-on experience in information security and strong understanding of cloud security.
The predicted salary is between 55000 - 65000 £ per year.
Information Security Analyst – 4 days in the office and 1 day working remotely. In this hands‑on, delivery‑focused role you will embed pragmatic security assurance into vendor selection, SaaS adoption and project delivery. You will identify security risks early, articulate them clearly and drive them to implementation.
What You'll Be Doing
- Vendor & SaaS Security Assurance: Lead assessments of new and existing vendors and SaaS platforms, reviewing identity and access controls, data protection, hosting environments, vulnerability management and incident response. Translate findings into risk statements, mitigations and acceptance options with evidence for investor, audit and assurance reviews.
- Secure Project Delivery: Engage early in projects and technical change to shape security before designs are finalised. Review architectures and delivery approaches, challenge credential handling, access lifecycle, key rotation and logging expectations. Work pragmatically with delivery teams, including those using Azure DevOps, integrating security into plans.
- Operational Risk Follow‑Through: Ensure identified risks are tracked and remediated, follow up on overdue items and escalated with evidence and clear options.
- Risk & Governance Support: Maintain a decision‑focused risk register, prepare concise risk summaries and evidence packs and improve governance where it enhances clarity and accountability.
Why This Role is Different
- Not policy‑only
- Not compliance‑led
- Focused on real delivery, real controls and real outcomes
Requirements
- Essential experience: Hands‑on experience in information security roles with technical and assurance responsibilities. Experience assessing vendors, SaaS platforms or third parties. Strong understanding of cloud and SaaS security, identity and access management, secrets management and key rotation, vulnerability management. Comfortable working with engineers and delivery teams and communicating risk clearly and credibly.
- Desirable: Experience supporting investor‑led or audit requirements, familiarity with modern delivery tooling such as Azure DevOps, exposure to secure design or architecture reviews and ability to thrive in fast‑moving, low‑process environments.
Benefits
- Benefits are designed to enhance wellbeing and provide flexibility.
- Core working hours with flexibility; two weeks “Work from Anywhere” per year.
- 28 days annual leave plus bank holidays; your birthday off; purchase additional leave.
- 5% matched pension scheme; life assurance; discounted gym membership; health cash plan; confidential mental wellbeing support.
- Cycle to Work scheme; seasonal ticket loan.
- 25% off at Fora cafés; two volunteer days per year.
We are an equal opportunity employer and welcome applications from all backgrounds.
Senior Information Security Analyst - Governance & Delivery employer: Fora
As a Senior Information Security Analyst at our company, you will thrive in a dynamic work environment that prioritises real delivery and impactful outcomes. With a strong focus on employee wellbeing, we offer flexible working arrangements, generous leave policies, and a supportive culture that encourages professional growth and collaboration. Join us to be part of a team that values your expertise and fosters innovation in the field of information security.
StudySmarter Expert Advice🤫
We think this is how you could land Senior Information Security Analyst - Governance & Delivery
✨Tip Number 1
Network like a pro! Reach out to folks in the industry on LinkedIn or at events. A friendly chat can lead to opportunities that aren’t even advertised yet.
✨Tip Number 2
Prepare for interviews by researching the company and its projects. Show us you’re not just another candidate; demonstrate your passion for security and how you can add value to their team.
✨Tip Number 3
Practice your responses to common interview questions, especially around risk management and vendor assessments. We want to see you articulate your thoughts clearly and confidently.
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets seen by the right people. Plus, we love seeing candidates who take that extra step.
We think you need these skills to ace Senior Information Security Analyst - Governance & Delivery
Some tips for your application 🫡
Tailor Your CV:Make sure your CV speaks directly to the role of Senior Information Security Analyst. Highlight your hands-on experience in information security, especially with vendor assessments and SaaS platforms. We want to see how your skills align with our focus on pragmatic security assurance.
Craft a Compelling Cover Letter:Your cover letter is your chance to shine! Use it to explain why you're passionate about security governance and delivery. Share specific examples of how you've identified and mitigated risks in past roles, as this will resonate with us at StudySmarter.
Showcase Your Technical Skills:Don’t forget to mention your technical expertise! Whether it's cloud security, identity management, or vulnerability management, we want to know how you’ve applied these skills in real-world scenarios. Be clear and concise in your descriptions.
Apply Through Our Website:We encourage you to apply through our website for a smoother application process. It helps us keep track of your application and ensures you don’t miss out on any important updates. Plus, it shows you’re keen on joining our team!
How to prepare for a job interview at Fora
✨Know Your Stuff
Make sure you brush up on your knowledge of information security, especially around vendor assessments and SaaS platforms. Be ready to discuss specific examples from your past experience where you've identified risks and implemented solutions.
✨Speak Their Language
Familiarise yourself with the technical jargon and tools mentioned in the job description, like Azure DevOps. This will help you communicate effectively with the delivery teams and show that you're comfortable in a hands-on role.
✨Prepare for Scenario Questions
Expect questions that ask you to walk through how you would handle specific security challenges. Think about real-life scenarios where you had to assess risks or manage vulnerabilities, and be ready to articulate your thought process clearly.
✨Show Your Collaborative Side
This role involves working closely with various teams, so highlight your teamwork skills. Share examples of how you've successfully collaborated with engineers or project managers to integrate security into project delivery.
