Entry Level Governance Risk And Compliance Jobs
New grad governance risk and compliance jobs attract recent graduates and entry level candidates with zero to two years of experience, where a strong internship background or relevant coursework can matter more than a lengthy resume. Most openings mix on-site, remote, and hybrid settings across Accounting & Auditing, Consulting & Professional Services, and Media & Entertainment, with employers like Weaver, Agero, and Trustmark hiring at this level now.
Find JobsOverview
Showing 5 of 6+ Entry Level Governance Risk And Compliance jobs











The analyst collaborates with Enterprise Risk, Audit (internal and external), Compliance, and Policy Management teams to execute these activities effectively. Day-to-day responsibilities include control documentation, testing coordination, assistance with reviewing and updating policies, standards, and control libraries, and policy lifecycle support. Familiarity with GRC platforms (e.g., AuditBoard), ITSM tools (e.g., ServiceNow), and regulatory compliance in financial services is strongly preferred.
The analyst also contributes to the development and maintenance of IT policies and procedures and supports the definition and tracking of key performance indicators (KPIs) and key risk indicators (KRIs). Success in this role requires strong technical writing skills, cross-functional engagement, and a focus on building and maintaining automation to streamline control testing and reporting processes. The role demands a self-driven desire to continuously learn and improve along with a collaborative mindset and a willingness to meet teammates and coworkers where they are in their processes. The analyst must be committed to helping develop, strengthen, and sustain a resilient and effective IT GRC program across the organization.
This position may be filled as a Level I, II or III. Additional responsibilities and qualifications apply.
- Serve as liaison between internal IT/IS/Cyber teams and Enterprise Risk and Audit to facilitate compliance efforts and assessments (GLBA, FFIEC, SOX, CRI/NIST CSF).
- Coordinate the collection of sufficient, appropriate evidence for assessments, including facilitating questionnaires and direct engagement with engineers and operational personnel.
- Execute and document testing procedures in spreadsheets and GRC platforms; draft reports based on results and environmental context.
- Utilize GRC tools to manage questionnaires, evidence collection, assessment documentation, and asset definitions.
- Track, document, and support remediation of findings, risk exceptions, and issues identified through audits, assessments, or operational testing, escalating unresolved items as appropriate.
- Collaborate with internal IT/IS teams to maintain and review policy/standards documentation.
- Research, implement, and monitor compliance initiatives to protect organizational assets.
- Assess systems for compliance gaps and oversee sustainable remediation efforts.
- Manage new and recurring compliance initiatives by conducting control assessments and recommending remediation or compensating controls.
- Collaborate with peers and leadership to review and refine assessment work.
- Stay current on regulatory changes and industry best practices to maintain alignment with standards.
- Facilitate cross-functional collaboration (IT, Engineering, Legal, HR) to address security risks.
- Advise IT and IS leadership on risk impacts and governance priorities.
- Assist with the design and monitoring of KPIs and KRIs aligned to operational objectives.
- Support timely execution of user access reviews and associated remediation efforts.
- Perform other duties commensurate with responsibilities of an IT GRC department.
- Associates are expected to perform all additional duties as assigned.
- Bachelor’s degree in information security, Information Systems/Technology, Risk Management, Cybersecurity, or a similar discipline.
- 1 year of experience in IT GRC, IT audit, or a closely related compliance or risk function.
- Ability to coordinate with operational and IT/IS personnel to gather evidence, clarify processes, and support control implementation.
- Proficiency with Microsoft Office 365, including Excel and SharePoint for documentation and collaboration.
- Strong written and verbal communication skills, including drafting audit findings and control narratives.
- Familiarity with enterprise infrastructure components such as operating systems, directory services, and security technologies.
- External-facing project experience (e.g., consulting, public accounting) is a plus.
- Strong Preference for candidates located within commuting distance of Ridgeland, MS or willing to work hybrid/remote with occasional in-person sessions.
- 3 years of experience in IT GRC, IT audit, or a closely related compliance or risk function.
- Demonstrated ability to work independently with minimal oversight.
- Experience documenting control testing results in GRC platforms or structured formats.
- Working knowledge of GRC platforms (e.g., Archer, AuditBoard, ServiceNow).
- At least one relevant certification (e.g., CISSP, CISM, CISA, CIA, CRISC, CGRC).
- Experience translating regulatory requirements into detailed policies, standards, and control procedures, with the ability to explain technical and regulatory concepts clearly to non-GRC stakeholders.
- Understanding of cybersecurity infrastructure (e.g., firewalls, vulnerability management, IDS/IPS).
- Proactively identifies tasks and next steps rather than waiting for work to be assigned.Approaches problems from a solution oriented perspective and brings proposed options when raising issues.
- Recognizes and corrects gaps or weaknesses in own work prior to submission.
- Produces well structured, professionally formatted reports, presentations, and spreadsheets suitable for executive, audit, and regulatory audiences, with minimal need for substantive review, rework, or edits.
Additional qualifications required for Level III:
- 5 years of experience in IT GRC, IT audit, or a closely related compliance or risk function.
- Proven ability to manage cross-functional collaboration across IT, Engineering, Legal, HR, and other stakeholders.
- Advanced analytical skills with experience using tools like Alteryx, Tableau, Power BI, or Python for reporting and automation.
- Independently identifies, prioritizes, and drives work with minimal direction, proactively voicing and coordinating areas where effort is needed.
- Provides guidance, instruction, and informal training to Analyst I and Analyst II team members.
- Leads project execution by bringing structure, ideas, and recommended solutions, and translating detailed analysis into clear direction.
- Reviews the work of others constructively, identifying weaknesses and improvement opportunities.
- Produces work requiring minimal review and demonstrates sound judgment in improving overall team output beyond personal deliverables.
Physical Requirements & Working Conditions:
Disclaimer:
Trustmark Bank does not accept unsolicited resumes from agencies and/or search firms for any job postings on this site. Resumes submitted to any Trustmark Bank employee by a third-party agency and/or search firm without a valid, written search agreement signed by Trustmark, will become the sole property of Trustmark Bank. No fee will be paid if a candidate is hired for a position as a result of an unsolicited agency or search firm referral.
See All 6 Entry Level Governance Risk And Compliance Jobs
Find roles that match your experience and apply in just a few clicks.
Find JobsEntry Level Governance Risk And Compliance Job Market
Who's Hiring
- Weaver2

- Agero1
- Trustmark1
- Sinclair Broadcast1
- Saint Luke'S Health System1

Top Industries Hiring
- Accounting & Auditing2
- Consulting & Professional Services2
- Media & Entertainment1
- Banking & Financial Services1
- Healthcare & Medical Services1
Entry Level Governance Risk And Compliance Jobs: Frequently Asked Questions
How do I get an entry level governance risk and compliance job?
Employers hiring at the entry level look for candidates who understand regulatory frameworks, risk assessment basics, and compliance documentation, even if that knowledge comes from coursework or internships rather than full-time roles. A relevant degree in business, law, finance, or information security gives you a foundation. Certifications like CompTIA Security+, CISA, or a GRC-focused certificate course can sharpen your profile and signal commitment beyond the classroom.
Which companies hire entry level governance risk and compliances?
Companies hiring entry level governance risk and compliances right now include Weaver, Agero, and Trustmark, based on current listings on Migrate Mate as of July 2026. Financial institutions, healthcare organizations, technology firms, and consulting companies are among the most consistent employers at this level, driven by ongoing regulatory demands that require dedicated junior compliance and risk staff.
Are there remote entry level governance risk and compliance jobs?
Yes, though availability varies by employer and role type. About 0% of entry level governance risk and compliance openings are remote or hybrid as of July 2026, reflecting demand for analysts who can work within digital compliance platforms and conduct virtual audits. Hybrid arrangements are common, particularly at larger organizations with established remote-work policies for junior staff.
Are these new grad governance risk and compliance jobs?
Yes, these listings include new grad, recent graduate, and junior roles that explicitly welcome candidates with limited professional experience. A new grad posting in this field typically accepts zero to two years of experience and treats internships, practicum work, or a portfolio of compliance projects as equivalent to entry-level employment. Look for postings that list a degree as the primary qualification rather than requiring years of prior work.
Which industries hire the most entry level governance risk and compliances?
Entry Level governance risk and compliance roles concentrate in Accounting & Auditing, Consulting & Professional Services, and Media & Entertainment, based on current listings on Migrate Mate as of July 2026. These sectors face dense regulatory environments, meaning they need a steady pipeline of junior professionals to support audit preparation, policy documentation, and internal controls work that more senior staff oversee.