Governance, Risk and Compliance Manager in Edinburgh

Who are we?

CodeBase is a tech ecosystem support organisation and startup incubator that helps people build better tech startups. We help people build and grow better tech startups through community, education, and workspace.

CodeBase has created and delivers startup programmes for a number of organisations including the Scottish Government, the UK Government, Local Authorities and large corporations. We promote and facilitate collaboration in tech innovation by working with startups, scaleups, corporates, governments, academia, investors and the third sector. CodeBase also delivers scaleup and corporate programmes across industry verticals such as law, health and energy, which connect and educate corporates, startups and scaleups.

CodeBase has offices in Edinburgh, Glasgow, Stirling, Aberdeen, Dundee, Inverness, and Dumfries

CodeBase offers flexible workspace (hotdesking, coworking and office space), delivers expert accelerator and mentorship programmes, hosts a peer-led community for people in the startup ecosystem to meet and connect with each other, and delivers a wide range of collaborative industry-startup bridge programmes.

What are we looking for?

We\’re looking for an experienced Governance, Risk, and Compliance (GRC) professional to establish and manage our GRC function. This is a new function within CodeBase, and we are open to applications from candidates at Manager or Head of level (job title depending on experience) In this role, you\’ll bring together existing materials and processes from across the organisation to build a cohesive, high-performing framework that supports strong governance, effective risk management, and compliance.

While general operational support will be available, this position is ideal for someone who thrives in taking ownership, leading projects, and navigating ambiguity in a fast-paced environment. It\’s a great opportunity for someone with experience in a larger organisation who\’s ready to step up, lead, and apply their expertise to shape and grow a new function.

What will you be doing?

• Owning the risk register, internal audit plan and compliance framework
• Ensuring internal auditing of key areas to ensure compliance
• Leading compliance areas, such as GDPR (including Subject Access Requests) and Freedom of Information requests
• Coordinating formal complaints: logging, appointing Lead Investigator and tracking actions
• Advising on contract renewals; maintaining oversight log
• Monitoring policy review cycles; coordinating sign-off with the SVP of Operations/Deputy
• Working with the IT Manager on data protection and cyber security governance
• Producing assurance reports for leadership

What do we need from you?

• At least 3 years\’ experience in risk, governance and compliance (incl. GDPR)
• Experience of developing internal audits and policy frameworks from scratch
• Experience of influencing busy colleagues to achieve the goals of your role around their own objectives.
• Experience of training colleagues to ensure efficient governance, risk, and compliance management.
• Strong organisation and documentation discipline

Please also tell us if you have:

• Experience working with government or government agencies
• Any relevant qualifications for the role

What will you get?

• £55k – £70k per annum depending on experience
• 4 day working week (please note that this role may require out of hours working from time to time for which you will receive time off in lieu)
• 23 days holiday + 2 weeks off over Christmas and New Year
• 10% employer pension contribution on Qualifying Earnings
• 12 weeks maternity or paternity leave at full pay
• Bupa private medical and dental insurance
• Income protection insurance, death in service insurance, and critical illness insurance

About the job

Work Days: This role is 28 hours a week over 4 days (day off to be decided with line manager), 9am – 5pm

Location: Edinburgh – 37a Castle Terrace

Start Date: January 2026

Contract: Permanent

How do you apply?

We strongly believe that diversity is a tremendous asset in every part of life and that no one should be held back by their background or culture. It is our responsibility to ensure that our team and our community reflects this by being diverse, inclusive, equal and fair. If this resonates with you, then we want to hear from you.

The Process

We hire by posting a job description on our website and other online job boards, asking applicants to complete an application form with specific role related questions and to submit a tailored CV.

When we shortlist we give people a chance and overlook less than perfect academic performance or gaps on CVs as we know that structural inequalities, mental health challenges and family considerations can be unfairly held against people. We conduct a panel interview as part of our interview process. We then start a 3–6 month probationary period where we encourage open communication to ensure that we do everything we can to set you up to succeed in the role.

Key Dates and Links

The closing date for this role is
Monday 8th December

at
9am

with interviews scheduled for
11th or 15th December

. To apply for the role please click \’apply now\’ to be redirected to our website.