Junior Governance, Risk & Compliance Analyst

Overview

Lee Enterprises is seeking a motivated Junior GRC Analyst to join our growing Governance, Risk & Compliance (GRC) team. This part-time, developmental position offers an opportunity to gain direct exposure to enterprise risk management, compliance, and governance initiatives in a fast-paced, collaborative environment.

This role serves as a launchpad - after a successful 90-day performance review, the position may transition into a full-time GRC Analyst role with expanded responsibilities and a competitive annual salary ($60K-$80K, commensurate with experience and performance).

The ideal candidate is curious, detail-oriented, and eager to learn. You ll work closely with senior members of the GRC team and cross-functional partners in Legal, Finance, IT, and Operations to strengthen our risk-aware culture and governance practices.

• Assist in identifying, assessing, and tracking risks across IT and enterprise functions.
• Support maintenance of the enterprise risk register and dashboards used by leadership.

• Help draft, organize, and maintain policies, standards, and procedures.
• Support compliance awareness campaigns and training that promote a culture of risk accountability.

• Learn and assist in mapping controls to frameworks such as NIST CSF, COBIT 2019, and ISO 27001.
• Support tracking and validation of control effectiveness through GRC tools or reports.

• Partner with GRC leadership to prepare reports, metrics, and presentations for management.
• Contribute to meetings with stakeholders across Legal, Finance, IT, and Operations.

• Provide day-to-day administrative and research assistance to the GRC team.
• Demonstrate initiative, curiosity, and a commitment to learning risk and compliance fundamentals.

• Strong organizational and written communication skills.
• Detail-oriented with an analytical mindset and ability to problem-solve.
• Interest in learning frameworks such as NIST, COBIT, ISO 27001, or SOC 2.
• Desire to learn, hunger to achieve, and persistence to accomplish.

• Internship experience in governance, risk, compliance, audit, or related disciplines (internships and academic experience welcome).
• Bachelor s degree (completed or in progress) in Information Security, Risk Management, Business Administration, or a related field - or equivalent experience.
• Experience supporting policy writing, audits, or risk assessments.
• Exposure to GRC tools or risk management platforms.
• Familiarity with cybersecurity, data protection, or IT operations concepts.
• Relevant certifications (e.g., Security+, CISA, CISM, CGRC) are a plus.

• Opportunity to develop real-world GRC experience in a supportive environment.
• Work directly with senior GRC leadership and cross-functional teams.
• Build the skills needed to progress into a full-time GRC Analyst role.
• Gain enterprise-wide exposure to risk management, compliance, and governance functions.
• Be part of a team driving a risk-first culture across the organization.