Skip to content
FluidstackFluidstackNew York, NY

GRC Analyst

GRC Analyst responsible for running day-to-day compliance programs (SOC 2, ISO 27001, NIST, FedRAMP) including evidence collection, policy maintenance, audits, and scaling controls across new sites in a high-security AI compute infrastructure environment. Requires hands-on audit experience defending controls and driving adherence from engineering teams.

200k – 270k
On-site3+ YOEOther

About the role

Responsibilities

  • Run the day-to-day compliance program end to end across SOC 2 Type II, ISO 27001, NIST 800-53, and FedRAMP Moderate equivalency: continuous evidence collection, control monitoring, and audit readiness held on GRC platforms (Vanta) and the tooling we build in-house.
  • Own the policy and procedure set: draft, maintain, and run the review cycle so documentation keeps pace with the controls as the program grows.
  • Run recurring control operations on cadence, access reviews, control owner attestations, and evidence refreshes, chasing system owners and employees across the org directly to get them done on time.
  • Drive audit and assessment cycles with external auditors and assessors and manage the POA&M to closure, tracking each finding to a named owner and milestone so nothing ages past its deadline.
  • Bring each new site and team into the compliance program as we scale, mapping their systems to existing controls so coverage stays consistent instead of fragmenting facility by facility.

Requirements

  • Operated controls and pulled evidence against at least one major framework (SOC 2, ISO 27001, NIST 800-53, or FedRAMP) through a real audit.
  • Owned a compliance documentation set, policies, procedures, and control narratives, and kept it current as the environment changed.
  • Sat across from an auditor or assessor, defended how a control runs in practice, and closed findings.
  • Get evidence and adherence out of busy engineers, system owners, and employees across the org, on time, without a manager pushing.
  • Catch a stale control, an expired access grant, or a coverage gap before an assessor does, by watching the portfolio continuously.
  • Translate a control requirement into the exact artifact that proves it, and keep that mapping tight across overlapping frameworks.

Nice-to-Haves

  • FedRAMP Moderate equivalency or NIST 800-53 evidence work.
  • GRC platforms (Vanta) or comparable continuous-compliance tooling.
  • Cloud, GPU, or data center environments.
  • Mapping controls across SOC 2, ISO 27001, and NIST in parallel.

Skills

SOC 2ISO 27001Nist 800-53FedRAMPGRCVantaCompliance AuditingPolicy ManagementControl MonitoringEvidence Collection

Similar roles

Fluidstack

Government Relations - Texas

FluidstackAustin, TX

Own state and local policy agenda for AI data center infrastructure. Build relationships with officials and regulators while drafting testimony and navigating permitting and utility approvals.

200k – 250k
On-siteOther
OpenAI

Technical Intelligence Analyst

OpenAISan Francisco, CA

Builds analytical tools and workflows using SQL and Python to identify AI abuse risks, surface novel harms, and scale intelligence analysis for product safety decisions. Requires 3+ years in technical intelligence or risk analysis.

198k – 320k
Hybrid3+ YOEOther
Discord

Oracle ERP Fusion Functional Analyst

DiscordSan Francisco, CA

Own incident resolution, functional support, enhancements, and quarterly upgrades for Discord's Oracle Fusion ERP environment. Serve as key liaison to Finance stakeholders across AR, AP, GL, and Procurement while maintaining SOX/ITGC compliance.

192k – 216k
On-site5+ YOEOther
Discord

Oracle ERP Fusion Technical Developer

DiscordSan Francisco, CA

Own technical incident resolution, report development, integrations, and enhancements in Discord's Oracle Fusion ERP environment. Provide L2/L3 support across GL, AP, AR, and Procurement modules while partnering with Finance and Accounting teams.

192k – 216k
On-site5+ YOEOther
Anthropic

Research Operations, Discovery

AnthropicSan Francisco, CA +1

Builds operational infrastructure for AI science research teams, managing contractor networks, partnerships, programs, and product strategy to enable efficient frontier research. Requires technical background in ML/software and experience in research ops or TPM in fast-paced environments.

210k – 310k
HybridOther