GRC Engineer

Crusoe is building the World’s Favorite AI-first Cloud infrastructure company. We’re pioneering vertically integrated,  purpose-built AI infrastructure solutions trusted by Fortune 500 companies to power their most advanced AI applications. Crusoe is redefining AI cloud infrastructure, with a mission to align the future of computing with the future of the climate. Our AI platform is recognized as the "gold standard" for reliability and performance. Our data centers are optimized for AI workloads and are powered by clean, renewable energy.

Be part of the AI revolution with sustainable technology at Crusoe. Here, you'll drive meaningful innovation, make a tangible impact, and join a team that’s setting the pace for responsible, transformative cloud infrastructure.

We are seeking a skilled GRC Engineer with expertise in programming and automation to drive the development and implementation of Governance, Risk, and Compliance frameworks. This role combines technical prowess in automation and coding with in-depth knowledge of GRC best practices. You will develop and optimize automated solutions to streamline compliance processes, improve risk management workflows, and integrate GRC tools into enterprise systems.

Key Responsibilities:

• Design, develop, and maintain automation workflows to streamline GRC processes such as compliance monitoring, reporting, and risk assessments.

• Implement and customize GRC platforms (e.g., Vanta, Archer, Auditboard, Anecdotes, etc.) using programming languages and APIs.

• Develop scripts and tools to automate repetitive GRC tasks, such as audit evidence collection and control testing.

• Build and maintain dashboards for real-time risk and compliance monitoring using data visualization tools.

• Collaborate with IT and security teams to integrate GRC tools into CI/CD pipelines and enterprise systems.

• Monitor, assess, and mitigate risks by leveraging automated systems and data-driven insights.

• Stay current with regulatory and industry standards (e.g., ISO 27001, SOC 2, HIPAA, GDPR, NIST) and ensure compliance requirements are met.

• Provide technical guidance and training to teams on GRC automation and tools.

• Support internal and external audits by providing automated solutions for data collection and evidence generation.

• Prepare and maintain compliance documentation.

Qualifications:

• Proven experience in GRC engineering with a strong focus on automation and programming.

• Proficiency in programming languages such as Python, YAML, JavaScript, or PowerShell.

• Experience with APIs and integration of GRC tools with enterprise systems (e.g., SIEMs, ticketing systems, cloud platforms).

• Familiarity with automation frameworks and tools like Selenium, Jenkins, or Ansible.

• Strong understanding of regulatory and compliance standards (e.g., GDPR, HIPAA, ISO 27xxx, PCI DSS, SOC 2).

• In-depth knowledge of security framework controls as they apply to public cloud (GCP preferred), on-prem, SaaS and IaaS environments.

• Strong communication and collaboration skills, with experience working in cross-functional teams.

• Ability to communicate complex technical and compliance information effectively to both technical and non-technical audiences.

• Serve as a subject matter expert and advisor on complex security risk issues.

Preferred Qualifications:

• Certifications such as CISSP, CISA, or CRISC.

• Experience with DevSecOps practices and integrating security compliance into CI/CD pipelines.

• Hands-on experience with cloud environments (e.g., AWS, Azure, Google Cloud) and their compliance automation tools.

• Knowledge of risk management frameworks such as FAIR, COSO, or ISO 31000.

• Bachelor’s degree in Computer Science, Information Security, or related field.

Compensation Range

Compensation will be paid in the range of $110,000 - $135,000. Restricted Stock Units are included in all offers. Compensation to be determined by the applicants knowledge, education, and abilities, as well as internal equity and alignment with market data.

Crusoe is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, disability, genetic information, pregnancy, citizenship, marital status, sex/gender, sexual preference/ orientation, gender identity, age, veteran status, national origin, or any other status protected by law or regulation.