Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead and manage Identity and Access Management controls while assessing IT risks.
- Company: Join a leading bank focused on governance, risk, and compliance.
- Benefits: Remote-first work culture with competitive salary and professional growth opportunities.
- Why this job: Make a real impact by enhancing security and risk management in a dynamic environment.
- Qualifications: Experience in GRC, risk quantification, and strong collaboration skills required.
- Other info: Opportunity to work with senior stakeholders and drive continuous improvement.
The predicted salary is between 36000 - 60000 £ per year.
Join us as a Governance, Risk & Compliance Lead, Identity & Access Management. This role will see you applying effective controls and risk management thinking in an IT environment, anticipating and assessing the potential impact of risk across the bank. You’ll manage and oversee Identity and Access Management (IAM) controls, while supporting the identification and assessment of material IT risks, and in determining their position relative to agreed appetites. Collaborating with senior stakeholders across the function, you’ll drive forward the development and delivery of remedial action plans where identified risks are considered out of appetite.
What you'll do
- Lead and own the effectiveness of the IAM controls environment.
- Demonstrate risk leadership and advocacy, supporting a culture of proactive and pre‑emptive risk management and continuous improvement.
- Lead the controls design and management for Security Services.
- Quantify risk in terms of financial impact, reputation, operational disruption and regulatory impact.
- Interpret security metrics and develop reporting to leadership in a clear and actionable way.
- Manage and articulate risk, and design and assess controls to mitigate identified risks.
- Lead the Security Services Controls environment, ensuring all controls are adequate and effective.
- Support the creation of management action plans along with papers for the Risk Committees.
- Follow up on Management Action Plans, demonstrating stakeholder management and influencing skills.
- Lead reporting on controls, issues, test schedules, and outcomes.
- Take ownership for building and maintaining a network of key contacts and influencers.
- Conduct annual process and control assessments.
- Provide thought leadership for controls design and management for the IAM and Privileged Access Management transformations.
The skills you'll need
- Experience as a GRC professional with the ability to quantify risk.
- Trusted controls expert who can collaborate with Risk, Audit and Controls colleagues.
- Knowledge of internal and external audit processes and experience of preparing responses to auditors.
- Deep understanding of managing and articulating risk.
- Ability to design, implement, and assess internal controls to ensure compliance with regulatory and internal standards.
- Good data analysis skills and regulatory and framework knowledge, such as ISO27000, NIST, Sarbanes Oxley and PCI DSS.
- Excellent collaboration, communication and relationship-building skills.
- Meticulous attention to detail for policy, standards and compliance.
- Certifications such as CRISC, CISA, CGRC or CISM is desirable.
In addition to this, you'll demonstrate the ability to:
- Design and assess controls to mitigate identified risks.
- See through the delivery of management action plans to remediate inadequate or ineffective controls.
- Interpret metrics and report to leadership in a clear and actionable way.
- Manage stakeholders and management action plans from groups outside of Security.
- Explain complex risks, governance policies and compliance requirements to non-technical stakeholders.
Hours: 35
Job Posting Closing Date: 17/11/2025
Ways of Working: Remote First
Governance, Risk & Compliance Lead, Identity & Access Management (GRCIAM) in Edinburgh employer: NatWest Group
Contact Detail:
NatWest Group Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Governance, Risk & Compliance Lead, Identity & Access Management (GRCIAM) in Edinburgh
✨Network Like a Pro
Get out there and connect with people in the industry! Attend events, webinars, or even just grab a coffee with someone who works in Governance, Risk & Compliance. Building relationships can open doors that you didn’t even know existed.
✨Show Off Your Skills
When you get the chance to chat with potential employers, don’t hold back! Share your experiences with IAM controls and risk management. Use real examples to demonstrate how you’ve tackled challenges in the past – it’ll make you stand out!
✨Be Prepared for Interviews
Do your homework before any interview. Understand the company’s risk appetite and be ready to discuss how you can help them manage their IAM controls effectively. Tailor your answers to show you’re the perfect fit for their needs.
✨Apply Through Our Website
Don’t forget to apply through our website! It’s the best way to ensure your application gets seen by the right people. Plus, we love seeing candidates who are proactive about joining our team!
We think you need these skills to ace Governance, Risk & Compliance Lead, Identity & Access Management (GRCIAM) in Edinburgh
Some tips for your application 🫡
Tailor Your Application: Make sure to customise your CV and cover letter for the Governance, Risk & Compliance Lead role. Highlight your experience with IAM controls and risk management, and show us how your skills align with what we're looking for.
Showcase Your Skills: Don’t just list your qualifications; demonstrate how you've used them in real-world scenarios. We want to see examples of how you've quantified risk and managed controls effectively in previous roles.
Be Clear and Concise: When writing your application, keep it straightforward. Use clear language to explain your experience and achievements, especially when discussing complex risks and compliance requirements. We appreciate clarity!
Apply Through Our Website: We encourage you to submit your application through our website. It’s the best way for us to receive your details and ensures you’re considered for the role. Plus, it’s super easy!
How to prepare for a job interview at NatWest Group
✨Know Your GRC Inside Out
Make sure you’re well-versed in Governance, Risk & Compliance principles, especially as they relate to Identity & Access Management. Brush up on frameworks like ISO27000 and NIST, and be ready to discuss how you've applied these in past roles.
✨Quantify Your Impact
Prepare to talk about how you've quantified risk in terms of financial impact, reputation, and operational disruption. Use specific examples from your experience to illustrate your ability to assess and articulate risks effectively.
✨Showcase Your Stakeholder Skills
Since this role involves collaborating with senior stakeholders, think of examples where you've successfully managed relationships and influenced outcomes. Be ready to discuss how you’ve navigated complex stakeholder environments in the past.
✨Be Ready for Technical Questions
Expect questions that dive into your knowledge of internal and external audit processes. Prepare to explain how you’ve prepared responses to auditors and how you ensure compliance with regulatory standards. This will show your depth of understanding in the field.