×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity IT Business Analyst Information Security IT Support

IT Governance Risk & Compliance; GRC Analyst

Job in Ridgeland, Madison County, Mississippi, 39158, USA
Listing for: Trustmark
Full Time position
Listed on 2026-06-15
Job specializations:
  • IT/Tech
    Cybersecurity, IT Business Analyst, Information Security, IT Support
Salary/Wage Range or Industry Benchmark: 60000 - 80000 USD Yearly USD 60000.00 80000.00 YEAR
Job Description & How to Apply Below
Position: IT Governance Risk & Compliance (GRC) Analyst

Overview

The IT GRC Analyst operates within the enterprise Cybersecurity Operations function and supports the Information Technology, Information Systems, and other technology teams aligned under the Chief Information Officer. This role executes governance, risk, and compliance activities aligned with regulatory frameworks and internal policies. Core responsibilities include ensuring operational alignment with frameworks such as GLBA, FFIEC, SOX, NIST CSF, and the Computer Risk Institute (CRI) Profile;

conducting IT assessments and Risk Control Self Assessments (RCSAs); maintaining control libraries; and supporting recurring testing, reporting, and metrics analysis and response. The analyst contributes to recurring reporting cycles, supports departmental risk remediation and response efforts associated with findings and risks, and helps drive continuous improvement of governance practices through collaboration, documentation, and control maturity efforts.

The analyst collaborates with Enterprise Risk, Audit (internal and external), Compliance, and Policy Management teams to execute these activities effectively. Day-to-day responsibilities include control documentation, testing coordination, assistance with reviewing and updating policies, standards, and control libraries, and policy lifecycle support. Familiarity with GRC platforms (e.g., Audit Board), ITSM tools (e.g., Service Now), and regulatory compliance in financial services is strongly preferred.

The analyst also contributes to the development and maintenance of IT policies and procedures and supports the definition and tracking of key performance indicators (KPIs) and key risk indicators (KRIs). Success in this role requires strong technical writing skills, cross-functional engagement, and a focus on building and maintaining automation to streamline control testing and reporting processes. The role demands a self-driven desire to continuously learn and improve along with a collaborative mindset and a willingness to meet teammates and coworkers where they are in their processes.

The analyst must be committed to helping develop, strengthen, and sustain a resilient and effective IT GRC program across the organization.

This position may be filled as a Level I, II or III. Additional responsibilities and qualifications apply.

Responsibilities
  • Serve as liaison between internal IT/IS/Cyber teams and Enterprise Risk and Audit to facilitate compliance efforts and assessments (GLBA, FFIEC, SOX, CRI/NIST CSF).
  • Coordinate the collection of sufficient, appropriate evidence for assessments, including facilitating questionnaires and direct engagement with engineers and operational personnel.
  • Execute and document testing procedures in spreadsheets and GRC platforms; draft reports based on results and environmental context.
  • Utilize GRC tools to manage questionnaires, evidence collection, assessment documentation, and asset definitions.
  • Track, document, and support remediation of findings, risk exceptions, and issues identified through audits, assessments, or operational testing, escalating unresolved items as appropriate.
  • Collaborate with internal IT/IS teams to maintain and review policy/standards documentation.
  • Research, implement, and monitor compliance initiatives to protect organizational assets.
  • Assess systems for compliance gaps and oversee sustainable remediation efforts.
  • Manage new and recurring compliance initiatives by conducting control assessments and recommending remediation or compensating controls.
  • Collaborate with peers and leadership to review and refine assessment work.
  • Stay current on regulatory changes and industry best practices to maintain alignment with standards.
  • Facilitate cross-functional collaboration (IT, Engineering, Legal, HR) to address security risks.
  • Advise IT and IS leadership on risk impacts and governance priorities.
  • Assist with the design and monitoring of KPIs and KRIs aligned to operational objectives.
  • Support timely execution of user access reviews and associated remediation efforts.
  • Perform other duties commensurate with responsibilities of an IT GRC department.
  • Associates are expected to perform all additional duties as…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search