Inside IR35 Cloud Security Contract Jobs
Stay Updated on Contract Jobs
Never miss another opportunity with our email alerts.
Save your searches to be notified as soon as new jobs are added.
Systems Engineer (All Levels) – Integration, Verification & Validation
Posted 1 day ago by Leonardo UK Ltd
Leonardo is seeking Systems Engineers at various levels to support the ECRS Mk0 programme, focusing on Integration, Veri...
- Rate £75,000 per year
- Category Inside
- Work type Hybrid
- Location Scotland; Glasgow; Edinburgh; Aberdeen; Perth; Dundee; Paisley; Inverness; Falkirk; Fife; Stirling
Sort By
Saved Searches
No saved searches yet
Filters
IR35 Status
Working Arrangements
Industry
Sector
Posted By
Country
Seniority Level
Date Posted
Contract Rate
About Our Inside IR35 Cloud Security Contract Roles
What does a cloud security contractor do?
Cloud Security contractors are engaged to protect the infrastructure, data, and workloads that organisations run across public cloud platforms including AWS, Azure, and GCP. The work spans a wide range of activities: assessing the security posture of existing cloud environments, designing and implementing security architectures for new cloud deployments, configuring identity and access management controls, implementing threat detection and monitoring capabilities, remediating misconfigurations, and ensuring cloud environments meet regulatory and compliance requirements. Cloud Security contractors are brought in when organisations are migrating to the cloud and need security designed in from the outset, when a security assessment has identified material gaps, or when a dedicated security capability is needed within a platform team.
The core competencies for Cloud Security contracting include are platform-specific and deep. Strong working knowledge of the shared responsibility model and the native security tooling on the relevant platform is expected as a baseline: for AWS this includes AWS Security Hub, GuardDuty, IAM, and AWS Config; for Azure it includes Microsoft Defender for Cloud, Sentinel, Entra ID, and Azure Policy. Experience with infrastructure-as-code security, including scanning Terraform or CloudFormation templates for misconfigurations using tools such as Checkov or tfsec, is increasingly expected. Familiarity with cloud security frameworks including CIS Benchmarks, the Cloud Security Alliance CCM, and regulatory requirements such as PCI DSS or ISO 27001 as they apply to cloud environments is widely valued. Certifications such as AWS Security Specialty, CCSP, or CISSP are well regarded and frequently listed as requirements at senior level.
What is the market like for cloud security contractors?
Cloud Security contracting is one of the fastest-growing segments within the broader cybersecurity contractor market. Demand is being driven by the pace of cloud adoption across UK organisations, combined with the increasingly sophisticated threat landscape targeting cloud-hosted workloads. Regulatory pressure from the FCA, the ICO, and sector-specific bodies is also compelling organisations to invest in cloud security capability they do not hold permanently. Supply of experienced Cloud Security contractors who combine deep platform knowledge with genuine security expertise remains limited relative to demand, supporting rate levels at the top of the cybersecurity contracting market.
What does Inside IR35 mean?
IR35 is UK tax legislation that determines whether a contractor is genuinely self-employed or working in a manner that resembles employment. When a contract is classified as inside IR35, income tax and National Insurance are deducted at source, typically via an umbrella company or agency PAYE. Headline day rates on inside IR35 engagements are generally higher than equivalent outside IR35 roles to account for the tax and employment cost structure.
Inside IR35 determinations are made where the working arrangements are considered to resemble employment, based on factors including the level of client control, the absence of a genuine right of substitution, and the presence of mutuality of obligation. Since April 2021, the end client is responsible for making this determination for medium and large private sector organisations. Many employers in financial services, government, and professional services assess the majority of their contractor engagements as inside IR35.
On QualityContracts.co.uk, approximately 49% of roles with a stated IR35 status are classified as inside IR35, making it the most common arrangement across the contract market. The proportion varies by sector and role type. Each listing on this page displays its IR35 status where provided by the hiring organisation.
What cloud security roles are usually Inside IR35?
Inside IR35 cloud security work is concentrated in financial services and government, where organisations maintain dedicated cloud security teams and need ongoing engineering support. You will be monitoring cloud environments, remediating findings from security tooling, implementing guardrails, and ensuring compliance with internal security policies and external regulations. The embedded, operational nature of this work and the requirement for sustained access to production environments aligns with inside IR35 indicators.
How much do cloud security contractors usually earn when working Inside IR35?
Contract rates for cloud security roles typically range from £600 to £1000 per day, depending on the scope of the role, required expertise, and the delivery expectations of the engagement. Inside IR35 rates are typically 15% to 30% higher than equivalent outside IR35 roles to account for tax and national insurance deducted at source by the fee-payer.
How many Inside IR35 cloud security vacancies are there on Quality Contracts?
Over the past twelve months, we have tracked over 150 cloud security contract roles across the site. Around one third of the roles currently listed on the site fall Inside IR35. Data reviewed up to June 2026.