Job Description

The Company

At Fora, we’re reimagining what the workplace can be.

We create inspiring, design‑led spaces that blend hospitality, community, and wellbeing—so people can work productively, creatively, and happily.

From our first London workspace over 20 years ago, we’ve grown to 60+ locations across the UK supporting 30,000+ members and partnering with trailblazing brands like Ocado, The British Fashion Council, and Pangaia.

Backed by The Office Group, Blackstone, and Brockton Capital, we’re growing fast and pioneering conscious design, sustainable construction, and workspaces that empower people to work in their own unique way.

At Fora, we’re not just shaping workplaces - we're shaping the future of work.

The role :

Please note this position is 4 days in the office and 1 day working from anywhere.

This role is about making security happen, not writing policies that sit on a shelf.

As an Information Security Analyst, you’ll sit at the point where technology, delivery, and governance mee t — embedding pragmatic security assurance into vendor selection, SaaS adoption, and project delivery. Your job is to make sure security risks are identified early, articulated clearly, and driven through to real, implemented controls.

This is a hands‑on, delivery‑focused role. You’ll work closely with engineers, delivery teams, IT operations, and business owners to ensure security commitments translate into action — not just documents.

If you’re technically credible, comfortable challenging designs constructively, and prefer practical outcomes over theoretical risk language, this role is built for you.

What you’ll be doing

🔐 Vendor & SaaS Security Assurance

You’ll lead security assessments for new and existing vendors and SaaS platforms, reviewing areas such as:

• Identity and access controls

• Data protection
• Hosting environments
• Vulnerability management
• Incident response

You’ll translate technical findings into clear risk statements, practical mitigations, and informed acceptance options, maintaining evidence suitable for investor, audit, and assurance review.

🚀 Secure Project Delivery

You’ll engage early in projects and technical change, shaping security before designs are finalised. This includes reviewing architectures and delivery approaches, and constructively challenging areas such as:

• Secrets management and credential handling

• Access lifecycle and permissions
• Key rotation and logging expectations

You’ll work pragmatically with delivery teams (including those using tools like Azure DevOps), integrating security into delivery plans — not adding friction at the end.

🔍 Operational Risk Follow‑Through

You’ll make sure security risks don’t stall after being identified:

• Tracking remediation actions

• Following up on overdue items
• Escalating issues with evidence, impact, and clear options, not abstract theory

📊 Risk & Governance Support

You’ll maintain a decision‑focused risk register, ensuring it reflects real control posture and delivery reality. You’ll help prepare concise risk summaries and evidence packs for senior decision‑makers, and contribute to improving governance processes where they genuinely help clarity, accountability, and delivery.

Why this role is different

• ✅ Not policy‑only
• ✅ Not compliance‑led
• ✅ Focused on real delivery, real controls, and real outcomes

Requirements

Essential experience

• Hands‑on experience in information security roles spanning technical and assurance responsibilities

• Experience assessing vendors, SaaS platforms, or third parties

• Strong understanding of:

• Cloud and SaaS security
• Identity and access management
• Secrets management and key rotation
• Vulnerability management

• Comfortable working with engineers and delivery teams

• Able to communicate risk clearly, pragmatically, and credibly

Desirable

• Experience supporting investor‑led, audit, or assurance requirements

• Familiarity with modern delivery tooling (e.g. Azure DevOps)
• Exposure to secure design or architecture reviews
• Comfortable in fast‑moving environments with low tolerance for heavy process

Benefits

At Fora, we believe work should enhance your life—not compete with it. That’s why our benefits are designed to support your wellbeing, fuel your ambitions, and give you the freedom to live and work your way.

💼 Work Your Way

• Core working hours with flexibility – because life doesn’t run 9–5
• Two weeks ‘Work from Anywhere’ – swap your desk for a beach, a mountain… anywhere that inspires you

🌴 Time to Rest & Recharge

• 28 days’ annual leave + bank holidays
• Your birthday off – celebrate you
• Buy additional annual leave to create even more time for what matters

💪 Wellbeing & Security

• 5% matched pension scheme – supporting your future
• Life assurance for peace of mind
• Discounted gym membership to keep you feeling your best
• Health cash plan - supporting day to day medical expenses
• Mental wellbeing support - confidential in-person or online therapy sessions

🚴 Smarter, Greener Commuting

• Cycle to Work Scheme
• Season Ticket Loan to make your journey easier and more affordable

☕ Perks That Make You Smile

• 25% off at Fora cafés – your morning coffee just got better
• 2 x volunteer days / year