Menu

Risk & Controls Manager, Technology Controls Business Partner

Job details
Posting date: 06 January 2026
Hours: Full time
Closing date: 05 February 2026
Location: Edinburgh, EH12 1HQ
Company: NatWest Group
Job type: Permanent
Job reference: R-00268819

Apply for this job

Summary

Join us as a Risk & Controls Manager, Technology Controls Business Partner

  • If you are a subject matter expert in managing the technology risk and control environment, then join our team in helping to anticipate and assess the potential impacts of risk across the bankWe’ll look to you to proactively lead and embed best practices across the Enterprise-Wide Risk Management Framework (EWRMF), Risk and Control Self-Assessments (RCSAs), and broader risk and control management activities
  • In this highly collaborative role, you’ll have an ideal platform for building your network and advancing your career, while helping to create a safer environment for the bank
  • You’ll be pivotal in ensuring that technology and digital transformation initiatives are delivered with robust risk oversight and operational resilience

What you'll do

You’ll have the responsibility of supporting management in their identification and assessment of material risks, and in determining their position relative to agreed appetites. Working with senior stakeholders across the bank, you’ll look to drive forward the development and delivery of remedial action plans where identified risks are considered out of appetite.

On top of this, you’ll be supporting a creating a culture of continuous improvement, increasing efficiency and productivity through great people leadership, coaching, engagement and development of skills.

You’ll also be:

  • Analysing risk reporting and metrics used to inform decision making
  • Ensuring impacts of strategic technology initiatives on the operational risk and control profile are evaluated, managed and mitigated
  • Lead informed discussions of technology and digital related risk for relevant business areas and products
  • Educating teams on the operational risk framework and our conduct risk obligations, supporting the business in operating and embedding them
  • Supporting and regularly engaging with specialist technology stakeholders including second and third lines of defence and functional risk teams

The skills you'll need

We’re looking for a highly skilled IT risk management, technology control testing and issue management leader with experience of applying risk and control management in a technical, operational and strategic context. You’ll need experience in cyber & information security oversight and governance and compliance such as ISO 27001, NIST 800-53, GDPR and PCI-DSS.

In addition, you’ll need experience of managing internal audit, third-party IT risk management and vendor due diligence lifecycle.

You’ll also bring:

  • Strong knowledge of risk assessment and scenario analysis methodologies
  • CyberSec risk assessment experience in Cloud, SDLC, End Point, IAM and Application Security
  • Technology risk advisory experience
  • Technology Incident Management, Problem Management, Cybersecurity services, RCA and Remediation experience
  • Experience of AI governance
  • Strong business or operational experience
  • Excellent communication and collaboration skills

Apply for this job