Security and Compliance Analyst

About HausHaus is a first of its kind decision science platform for the new digital privacy paradigm where data sharing and PII is restricted. Haus uses frontier causal inference based econometric models to run experiments and help brands understand how the actions they take in marketing, pricing and promotions impact the bottom line. Our team is comprised of former product managers, economists and engineers from Google, Netflix, Amazon and Meta who saw how costly it is to support high-quality decision science tooling and incrementality testing. Our mission is to make this technology available to all businesses, where all the heavy lifting of experiment design, data cleaning, and analysis/insights are taken care of for you. Haus is working with well known brands like FanDuel, Sonos, and Hims & Hers, and has seen more than 30x ROI by running experiments and helping brands make more profitable decisions. We are backed by top VCs like Insight Partners, 01 Advisors, Baseline Ventures, and Haystack.
What you'll doWe're seeking a proactive Security & Compliance Analyst to join our growing team. This role is a unique opportunity for a junior to mid-career professional to deepen their expertise across cybersecurity, data privacy, and regulatory compliance in a company that’s scaling fast. You’ll work cross-functionally with our product, engineering, science and operations teams to ensure we’re secure by design and always audit-ready.

Responsibilities

• Be audit-ready, always. You’ll be the engine behind our compliance programs—owning the day-to-day operations of our SOC 2 Type II and ISO 27001 controls, managing evidence with precision, keeping us aligned with auditors, and getting us ready to tackle new frameworks as the business evolves.
• Shine a light on risk. From reviewing new tools and vendors to helping lead internal risk assessments, you’ll help us identify potential threats before they become real problems—and you’ll make sure risk is something we talk about, not fear.
• Improve policies & processes: Collaborate on writing, reviewing, and socializing internal security and compliance policies.
• Keep us in the know. You’ll track control performance, surface insights, and keep leadership informed with clear, concise reports. You’ll be a bridge between security and the rest of the business.
• Train like a champion. Whether it’s a phishing drill, a Slack-friendly security tip, or onboarding for new hires, you’ll make sure that security is something everyone at Haus can understand—and care about.
• Help us sleep at night. When something suspicious pops up, you’ll help us triage, investigate, document, and improve. You’ll be part of the team that ensures our incident response is proactive, not panicked.
• Partner across the org. You’ll work hand-in-hand with product, engineering, data, science, marketing, finance and operations teams—making sure security is embedded into everything from new feature launches to infrastructure design. You’ll bring clarity, pragmatism, and collaboration to every conversation.

Qualifications

• Bachelor's degree in Computer Science, Information Security, or a related field.
• 1-3 years of experience in a security or compliance role.
• Familiarity with security frameworks and standards (e.g., SOC 2, ISO 27001, NIST).
• Strong analytical and problem-solving skills.
• Excellent communication skills, both written and verbal.
• Certifications such as CompTIA Security+, CISA, or CISSP.
• Experience with cloud platforms (e.g., AWS, GCP) and understanding of their security features.
• Knowledge of data privacy regulations like GDPR and CCPA.

About You

• You’re curious and eager to learn. You may be earlier in your career, but you’re hungry to grow and ready to dive into new tools, frameworks, and methodologies.
• You care about the "why." Whether it’s a policy update or a security alert, you seek to understand the risk behind the rule.
• You take pride in getting the details right. You’re methodical, organized, and never afraid to double-check a data flow diagram or a vendor risk assessment.
• You’re comfortable in the grey. In a scaling company, things don’t always come with a checklist. You’re resourceful and solution-oriented when things aren’t black and white.
• You’re a team player. You know security and compliance aren’t solo sports. You collaborate well, communicate clearly, and bring a friendly, helpful energy.
• You value purpose-driven work. You care about protecting people’s data and doing the right thing—even when no one’s watching.

Haus is an equal opportunity employer and makes employment decisions without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran status, disability status, age, or any other status protected by law.