Senior GRC Analyst

Crusoe is on a mission to accelerate the abundance of energy and intelligence. As the only vertically integrated AI infrastructure company built from the ground up, we own and operate each layer of the stack — from electrons to tokens — to power the world's most ambitious AI workloads. When you join Crusoe, you join a team that is building the future, faster.

We're in the midst of the greatest industrial revolution of our time. The demand for AI compute is boundless, and power is a bottleneck. We're solving that — with an energy-first approach that makes AI infrastructure better for the world and faster for the people innovating with AI.

We're looking for problem-solving, opportunity-finding teammates with a sense of urgency, who believe in the scale of our ambition and thrive on a path not fully paved — people who want to grow their careers alongside a team of experts across energy, manufacturing, data center construction, and cloud services.

If you want to do the most meaningful work of your career, help our customers and partners advance their AI strategies, and be part of a high-performing team that believes in each other, come build with us at Crusoe.

We’re seeking a GRC Analyst to support the day-to-day execution of our Governance, Risk, and Compliance program. Reporting to the Head of GRC, this role focuses on operational compliance activities; including user access reviews, evidence collection, customer trust support, and vendor risk management.

You’ll play a key role in maintaining our continuous compliance posture by supporting audits, updating policies, responding to customer security inquiries, and helping improve processes within our GRC platform. The ideal candidate is detail-oriented, organized, and proactive, with a strong interest in improving efficiency through automation and AI tools.

• Supporting User Access Reviews (UARs) across systems and applications on a recurring schedule

• Monitoring completion of security awareness training and following up with teams as needed

• Assisting in maintaining and updating organizational security policies and standards

• Supporting third-party security assessments and vendor risk management processes

• Collecting, organizing, and preparing audit evidence for SOC 2, ISO 27001, HIPAA, and other frameworks

• Partnering with internal teams to ensure evidence is accurate, current, and audit-ready

• Responding to customer security questionnaires and due diligence requests with guidance from senior team members

• Maintaining and updating audit and compliance documentation

• Supporting updates and improvements within the GRC platform, including control tracking and workflows

• Identifying opportunities to streamline and improve GRC processes

• Leveraging AI tools to streamline GRC activities, including drafting responses, summarizing evidence, and enhancing program documentation

• Tracking compliance tasks and supporting reporting on control health and program status

• 5-7 years of experience in GRC, information security, IT audit, or a related compliance role

• Foundational knowledge of compliance frameworks such as SOC 2, ISO 27001, HIPAA, or NIST CSF

• Experience working with GRC platforms (Vanta preferred; Drata, AuditBoard, or similar tools also valued)

• Hands-on experience performing user access reviews, vendor risk assessments, or audit support activities

• Familiarity with customer security questionnaires and customer trust processes

• Comfort using AI tools (e.g., Gemini, Claude, Copilot) to improve efficiency in day-to-day work

• Certifications such as Security+, CISA (in progress), or ISO 27001 foundations

• Exposure to cloud environments (GCP preferred; AWS/Azure helpful)

• Experience with policy management or security awareness training tools

• Interest in AI governance, risk, or emerging compliance frameworks