Staff GRC Risk Specialist

Crusoe's mission is to accelerate the abundance of energy and intelligence. We’re crafting the engine that powers a world where people can create ambitiously with AI — without sacrificing scale, speed, or sustainability.Be a part of the AI revolution with sustainable technology at Crusoe. Here, you'll drive meaningful innovation, make a tangible impact, and join a team that’s setting the pace for responsible, transformative cloud infrastructure.About This RoleWe’re seeking a Staff GRC Risk Specialist to own and operationalize our enterprise risk function across Security Risk, AI Risk, and Third-Party Risk Management (TPRM). This is a highly technical role, not a traditional analyst position, requiring deep fluency in product architecture, AI systems, data flows, and infrastructure to ensure compliance requirements are effectively embedded into how our platform is built and operated.Working closely with the Head of GRC, you’ll drive the maturity of our risk management program, maintain the Risk Register, lead technical risk assessments, and deliver strategic risk reporting to leadership. You’ll also design scalable, automated GRC workflows that strengthen audit readiness, customer trust, and regulatory alignment as the business evolves.What You’ll Be Working OnOwning the enterprise risk function, including development and continuous improvement of the Risk Register across identification, assessment, mitigation, and monitoringConducting deep technical risk assessments across AI systems and products, data architectures, and inference infrastructureReviewing risk for new products, features, applications, and datasets to embed security and compliance early in the development lifecycleTracking mitigation efforts, escalating critical risks, and providing clear, contextualized risk insights to stakeholders and leadershipDesigning and delivering executive risk reporting, including quarterly briefings on emerging regulations, business changes, and compliance impact forecastsBuilding real-time risk and control health dashboards using GRC and data visualization platformsLeading AI risk assessments aligned with emerging standards (e.g., ISO 42001, NIST AI RMF, EU AI Act considerations)Optimizing AI risk intake and assessment workflows within Jira Service Management (JSM) AtlassianLeveraging AI-driven automation to scale risk activities such as control mapping, evidence validation, and risk correlation analysisOwning the Third-Party Risk Management program, including vendor risk assessments and integration with procurement and vendor workflowsWhat You’ll Bring to the Team7+ years of experience in GRC, security engineering, or IT risk roles with strong product and architecture fluencyProven ownership of risk management programs, including risk registers, technical risk assessments, and executive-level reportingDeep knowledge of security and risk frameworks (ISO 27001, ISO 42001, SOC 2, NIST 800-53, NIST CSF, NIST AI RMF, HIPAA) and their application to real-world systemsStrong understanding of cloud-native architectures and security controls across AWS, GCP, or AzureExperience with GRC platforms (e.g., Vanta, Drata, OneTrust, ServiceNow GRC) and workflow tools such as Jira Service ManagementDemonstrated ability to leverage AI-powered tools and agents to automate GRC workflows and scale risk operationsBonus PointsExperience with quantitative risk frameworks such as FAIR, COSO, or ISO 31000Hands-on familiarity with AI/ML systems, agentic AI, MLOps, or AI safety governanceCertifications such as CISSP, CISA, CRISC, or ISO 27001 Lead AuditorPrior experience navigating AI-specific regulations (e.g., EU AI Act) or emerging technology compliance frameworksBenefits:Industry competitive payRestricted Stock Units in a fast growing, well-funded technology companyHealth insurance package options that include HDHP and PPO, vision, and dental for you and your dependentsEmployer contributions to HSA accounts Paid Parental Leave Paid life insurance, short-te ... (truncated, view full listing at source)