About Us:

Forage is building the modern payments stack that powers inclusive commerce. Our technology enables grocers, delivery platforms, and point-of-sale systems to seamlessly accept EBT payments both online and in-store. Beyond infrastructure, we’re helping SNAP EBT shoppers stretch their grocery budgets every week, making healthy food more affordable and accessible to the 42 million Americans on food assistance.​

Backed by leading fintech investors, Forage is a fast-growing startup with a clear vision and real-world impact, feeding tens of thousands of families daily. Our team is made up of kind, driven individuals who take ownership, move quickly, and collaborate closely. We value humility, curiosity, and a shared commitment to making a difference.​

We’re not just building payments infrastructure — we’re helping feed tens of thousands of families each day, and transforming grocery access for millions more. Watch our story and see why we do what we do.

What we are looking for: 

We’re looking for a Security Analyst to help keep Forage’s security and compliance programs running smoothly as we scale. You’ll own the operational backbone of our security practice.  You will ensure our policies, controls, audits, and evidence stay organized, up-to-date, and ready for scrutiny. You’ll work closely with our Head of Security to turn strategic decisions into consistent day-to-day execution. 

This is a hands-on role for someone who enjoys structure, documentation, problem-solving, and a broad variety of small-but-important tasks across security, compliance, and infrastructure.

Qualifications: 

• 1-4 years of experience in GRC, security compliance, IT audit or security operations.
• Familiarity with SOC 2, PCI DSS, ISO 27001, or similar security frameworks.
• Ability to read and understand python code to validate security fixes
• Strong organizational and documentation skills
• Ability to own and prioritize multiple tasks open at once
• Experience with vendor assessments, access reviews, evidence collection, or audit support
• Comfort working with technical teams, asking clarifying questions, and escalating when need
• Nice to have: Payments experience
• Nice to have: Knowledge of penetration testing workflows
• Nice to have: ability to read node 

Key Responsibilities: 

• Triage and manage incoming security requests from entire company
• Own and manage the full vendor security assessment lifecycle (new vendors and annual reviews)
• Own and build device management and provisioning process
• Troubleshoot and enhance in-office IT, wifi and physical security
• Partner with product/engineering teams to clarify which controls apply to new features, systems, or architectural changes
• Read python code to understand vulnerabilities and help validate fixes and make small bug fixes or configuration updates when appropriate
• Maintain organized, audit-ready repositories of policies, SOC reports, and control documentation
• Assist with security questionnaires from enterprise customers
• Coordinate evidence collection and organize materials for quarterly/annual audits
• Update and refine security policies to reflect current controls and organizational practices
• Track remediation of security findings from vulnerability scans, pentests, and audits

Our Offer:

Your base salary would fall within the bands below. Please keep in mind that the equity portion of your offer is not included in these numbers and represents a significant part of your total compensation.

• Compensation: $90k-$100k USD base + equity + benefits
• Meaningful work that makes a positive impact on our society.
• 100% of Medical, Dental and Vision premium coverage for yourself and dependents. 
• Enjoy regular team lunches at our San Francisco office, fostering collaboration and connection over great food.
• A fun and caring environment that prioritizes transparency, growth, and ownership.
• A talented, diverse, high-achieving, and humble team with diverse backgrounds and viewpoints.

Our salary ranges are determined by role, level, and location. The range displayed on each job posting reflects the minimum and maximum target for new hire salaries at our headquarters in San Francisco, California. Individual pay is determined by work location, job-related skills, experience, and relevant education or training.

We aim to review every application within 4 business days of submission and provide feedback on each of your interviews within 2 business days of completion. If you don't hear from us, please reach out to your recruiter or careers[at]joinforage.com directly to get an update on your candidacy. 

Integrity & Fairness: To maintain a fair and equitable hiring process for all candidates, we require that interviews and exercises be completed without the use of AI-powered tools. We assess candidates based on their direct experience, judgment, and communication.

Please note: We are not engaging with third-party recruiters or agencies for this role. We kindly ask that you refrain from contacting us regarding recruitment services. Fees will not be paid for unsolicited resumes sent to Forage. 

Please note: Forage is unable to provide visa sponsorship for this role. Applicants must have work authorization that does not require visa sponsorship now or in the future.