Governance, Risk and Compliance Manager / Head of Governance, Risk and Compliance

Who are we?

CodeBase is a tech ecosystem support organisation and startup incubator that helps people build better tech startups. We help people build and grow better tech startups through community, education, and workspace. 

CodeBase has created and delivers startup programmes for a number of organisations including the Scottish Government, the UK Government, Local Authorities and large corporations. We promote and facilitate collaboration in tech innovation by working with startups, scaleups, corporates, governments, academia, investors and the third sector. CodeBase also delivers scaleup and corporate programmes across industry verticals such as law, health and energy, which connect and educate corporates, startups and scaleups.

CodeBase has offices in  Edinburgh, Glasgow, Stirling, Aberdeen, Dundee, Inverness, and Dumfries

CodeBase offers flexible workspace (hotdesking, coworking and office space), delivers expert accelerator and mentorship programmes, hosts a peer-led community for people in the startup ecosystem to meet and connect with each other, and delivers a wide range of collaborative industry-startup bridge programmes.

‍

What are we looking for?

We’re looking for an experienced Governance, Risk, and Compliance (GRC) professional to establish and manage our GRC function.  This is a new function within CodeBase, and we are open to applications from candidates at Manager or Head of level (job title depending on experience)  In this role, you’ll bring together existing materials and processes from across the organisation to build a cohesive, high-performing framework that supports strong governance, effective risk management, and compliance.

While general operational support will be available, this position is ideal for someone who thrives in taking ownership, leading projects, and navigating ambiguity in a fast-paced environment. It’s a great opportunity for someone with experience in a larger organisation who’s ready to step up, lead, and apply their expertise to shape and grow a new function.

‍

What will you be doing?

• Owning the risk register, internal audit plan and compliance framework
• Ensuring internal auditing of key areas to ensure compliance
• Leading compliance areas, such as GDPR (including Subject Access Requests) and Freedom of Information requests
• Coordinating formal complaints: logging, appointing Lead Investigator and tracking actions
• Advising on contract renewals; maintaining oversight log
• Monitoring policy review cycles; coordinating sign-off with the SVP of Operations/Deputy
• Working with the IT Manager on data protection and cyber security governance
• Producing assurance reports for leadership

‍

What do we need from you?

• At least 3 years’ experience in risk, governance and compliance (incl. GDPR)
• Experience of developing internal audits and policy frameworks from scratch
• Experience of influencing busy colleagues to achieve the goals of your role around their own objectives.
• Experience of training colleagues to ensure efficient governance, risk, and compliance management.
• Strong organisation and documentation discipline

‍

Please also tell us if you have:

• Experience working with government or government agencies
• Any relevant qualifications for the role

‍

What will you get?

• £55k - £70k  per annum depending on experience
• 4 day working week (please note that this role may require out of hours working from time to time for which you will receive time off in lieu)
• 23 days holiday + 2 weeks off over Christmas and New Year
• 10% employer pension contribution on Qualifying Earnings
• 12 weeks maternity or paternity leave at full pay
• Bupa private medical and dental insurance
• Income protection insurance, death in service insurance, and critical illness insurance

‍

About the job

Work Days: This role is 28 hours a week over 4 days (day off to be decided with line manager), 9am - 5pm

Location: Edinburgh - 37a Castle Terrace 

Start Date: January 2026

Contract: Permanent

‍

How do you apply?

We strongly believe that diversity is a tremendous asset in every part of life and that no one should be held back by their background or culture. It is our responsibility to ensure that our team and our community reflects this by being diverse, inclusive, equal and fair. If this resonates with you, then we want to hear from you.

‍

The Process

We hire by posting a job description on our website and other online job boards, asking applicants to complete an application form with specific role related questions and to submit a tailored CV.  When we shortlist we give people a chance and overlook less than perfect academic performance or gaps on CVs as we know that structural inequalities, mental health challenges and family considerations can be unfairly held against people. We conduct a panel interview as part of our interview process. We then start a 3–6 month probationary period where we encourage open communication to ensure that we do everything we can to set you up to succeed in the role.

‍

Key Dates and Links

The closing date for this role is Monday 8th December at 9am with interviews scheduled for 11th or 15th December. To apply for the role please download and complete the application form and return to jobs@thisiscodebase.com along with a CV. You can also optionally complete the Equal Opportunity and Diversity Monitoring Form via the link below. If you would like to submit your application in an alternative format please get in touch by emailing jobs@thisiscodebase.com.

‍

Download the Application Form 

Please select your preferred format. Please don't include any identifying information (name, photos, links) anywhere in your application form.

Google

.docx

.PDF

‍

Equal Opportunity and Diversity Monitoring Form - Google Form