Application Guide

How to Apply for Staff GRC Risk Specialist

at Crusoe

🏢 About Crusoe

Crusoe is uniquely positioned at the intersection of energy innovation and high-performance computing, transforming stranded or wasted energy (like flared natural gas) into eco-friendly power for cloud and AI data centers. This mission-driven approach directly reduces carbon emissions and environmental impact, making it an ideal workplace for professionals who want their technical expertise to contribute to tangible climate solutions. The company operates at the cutting edge of sustainable infrastructure, offering a chance to build GRC programs from the ground up in a fast-paced, mission-aligned environment.

About This Role

As a Staff GRC Risk Specialist at Crusoe, you will be the primary owner for building and operationalizing the enterprise risk function across three critical domains: Security Risk, AI Risk, and Third-Party Risk Management (TPRM). This role is highly impactful as you'll directly design scalable, automated GRC workflows that strengthen audit readiness for major frameworks (like SOC 2 and ISO 42001) and build customer trust in Crusoe's AI and data infrastructure products. Your work will ensure that the company's innovative energy-to-compute platform grows securely and in alignment with evolving regulations, particularly around AI systems.

💡 A Day in the Life

A typical day might involve leading a technical risk assessment workshop with AI engineering teams to evaluate new model deployment infrastructure, followed by updating the enterprise risk register with findings and mitigation plans. You could spend time automating a Third-Party Risk Management (TPRM) workflow using GRC tools to streamline vendor assessments, then prepare a strategic risk report for leadership highlighting key exposures in cloud-native architectures. The role balances deep technical collaboration with product teams and strategic program building to ensure Crusoe's innovative platform remains secure, compliant, and trustworthy as it scales.

🚀 Application Tools

Generate Cover Letter

AI-powered, tailored for Crusoe

Interview Prep

Practice questions for this role

🎯 Who Crusoe Is Looking For

  • Has 7+ years in GRC or security engineering with proven experience owning an entire risk management program—not just participating—including maintaining risk registers, conducting technical risk assessments on complex systems, and delivering strategic reports to executives.
  • Possesses deep, practical knowledge of applying specific frameworks like ISO 27001, SOC 2, NIST AI RMF, and ISO 42001 to real-world cloud-native and AI inference infrastructures, not just theoretical understanding.
  • Demonstrates strong product and architecture fluency, enabling them to conduct technical risk assessments on AI systems, data architectures, and the unique infrastructure that powers Crusoe's energy-to-compute platform.
  • Is a builder who can design and automate GRC workflows from scratch in a scaling startup environment, with an understanding of how risk management strengthens customer trust in a B2B context.

📝 Tips for Applying to Crusoe

1

Explicitly quantify your experience owning risk programs: Instead of 'managed risk assessments,' write 'owned and maintained the enterprise risk register for 3 years, reducing critical findings by 40% through automated workflows'—tailor metrics to Crusoe's domains (AI, TPRM, Security).

2

Highlight specific framework expertise relevant to Crusoe's tech: Mention direct experience applying NIST AI RMF to AI systems or ISO 42001 to data/AI products, and how it impacted customer trust or audit outcomes.

3

Show product/architecture fluency: In your resume, detail risk assessments you've conducted on cloud-native architectures, data pipelines, or AI inference infrastructure—Crusoe needs someone who understands the tech stack, not just compliance checklists.

4

Research and reference Crusoe's mission: Briefly connect your GRC experience to enabling sustainable infrastructure or securing innovative energy-to-compute platforms, showing you understand their unique value proposition.

5

Prepare a portfolio or case study: Be ready to discuss a specific example where you designed an automated GRC workflow that improved audit readiness or customer trust, ideally in a scaling tech or energy company context.

✉️ What to Emphasize in Your Cover Letter

['Demonstrate your ownership mentality: Provide a concise example of a risk management program you built or significantly matured, emphasizing outcomes like improved audit scores or enhanced customer trust.', "Connect your framework expertise to Crusoe's needs: Explicitly mention experience with ISO 42001 (AI management) or NIST AI RMF, and how you've applied it to technical AI/data systems similar to Crusoe's products.", 'Show understanding of their business model: Explain how your GRC approach can secure and scale their unique energy-to-compute platform, addressing risks in AI, third-party partnerships, and cloud infrastructure.', 'Highlight automation and scalability: Describe your experience designing GRC workflows that reduce manual effort, as Crusoe is a growing company needing efficient, scalable risk operations.']

Generate Cover Letter →

🔍 Research Before Applying

To stand out, make sure you've researched:

  • Deep dive into Crusoe's core technology: Understand how they convert stranded energy (e.g., flared gas) into data center power, and research their Cloud and AI product offerings to grasp the technical infrastructure you'll be securing.
  • Review their public communications: Study recent blog posts, press releases, or executive interviews to understand company priorities, growth trajectory, and how they discuss AI, sustainability, and customer trust.
  • Investigate their regulatory landscape: Research compliance demands for energy-tech companies and AI/data centers, including frameworks like NIST AI RMF, which is directly mentioned in the job requirements.
  • Explore their partnerships and customers: Look into who Crusoe works with (energy companies, cloud providers, AI firms) to understand the third-party risk and customer trust dynamics relevant to the role.

💬 Prepare for These Interview Topics

Based on this role, you may be asked about:

1 Walk us through how you would conduct a technical risk assessment on Crusoe's AI inference infrastructure or data architectures for their energy-to-compute platform.
2 Describe your experience operationalizing the NIST AI RMF or ISO 42001 in a product environment. How did it impact customer trust or regulatory alignment?
3 How would you design a scalable, automated workflow for Third-Party Risk Management (TPRM) at a fast-growing company like Crusoe, especially for energy or cloud partners?
4 Give an example of a risk register you owned and maintained. How did you prioritize risks and report strategic insights to leadership?
5 How do you balance security risk management with the need for innovation and speed in a mission-driven startup like Crusoe?
Practice Interview Questions →

⚠️ Common Mistakes to Avoid

  • Focusing only on generic compliance tasks without demonstrating ownership of end-to-end risk programs or experience with technical risk assessments on AI/cloud architectures.
  • Showing lack of product fluency by using vague GRC language without connecting it to tangible systems, data flows, or customer-impacting outcomes in a tech company context.
  • Failing to research Crusoe's unique mission, leading to generic applications that don't address how GRC supports sustainable energy innovation or secures AI/data products.

📅 Application Timeline

This position is open until filled. However, we recommend applying as soon as possible as roles at mission-driven organizations tend to fill quickly.

Typical hiring timeline:

1

Application Review

1-2 weeks

2

Initial Screening

Phone call or written assessment

3

Interviews

1-2 rounds, usually virtual

Offer

Congratulations!

Ready to Apply?

Good luck with your application to Crusoe!

← Back to Job Listing Apply Now →