Inside IR35 DevSecOps Contract Jobs
DV Cleared Software Developers
Posted 4 days ago by Flint UK Technology Services
The role of DV Cleared Software Developer involves joining a global technology organization to design, build, and operat...
- Rate £550 per day
- Category Inside
- Work type Undetermined
- Location Manchester or London or Cheltenham , UK
Stay Updated on Contract Jobs
Never miss another opportunity with our email alerts.
Save your searches to be notified as soon as new jobs are added.
Sort By
Saved Searches
No saved searches yet
Filters
IR35 Status
Working Arrangements
Industry
Sector
Posted By
Country
Seniority Level
Date Posted
Contract Rate
About Our Inside IR35 DevSecOps Contract Roles
What does a devsecops contractor do?
DevSecOps contractors embed security practices into the software development and deployment pipeline rather than treating security as a separate, after-the-fact activity. The role bridges three disciplines: development, security, and operations. In practice, this means building automated security scanning into CI/CD pipelines, implementing infrastructure-as-code with security controls baked in, configuring container security policies, managing secrets and key vaults, conducting threat modelling on application architectures, and remediating vulnerabilities identified by SAST and DAST tools. Organisations hire DevSecOps contractors when they want to shift security left in their development lifecycle without slowing down delivery velocity. The role requires a genuine understanding of software engineering practices alongside security expertise, which is a relatively rare combination in the contractor market.
What is the market like for devsecops contractors?
DevSecOps contracting has grown rapidly in the UK as organisations recognise that bolting security onto the end of a development process creates bottlenecks and risk. Regulatory pressure in financial services and government has accelerated adoption, with both sectors now expecting security to be integrated into delivery pipelines rather than handled by a separate team after deployment. The market is supply-constrained: there are more DevSecOps roles than there are contractors with the right blend of development, infrastructure, and security skills. This scarcity keeps rates firm and gives experienced DevSecOps contractors significant choice over which engagements they take. The role is still relatively new as a distinct discipline, which means job titles and expectations vary. Some clients use DevSecOps to mean a DevOps engineer who runs security scans; others expect a security architect who can write pipeline code. Clarifying scope before accepting an engagement is important.
What does Inside IR35 mean?
IR35 is UK tax legislation that determines whether a contractor is genuinely self-employed or working in a manner that resembles employment. When a contract is classified as inside IR35, income tax and National Insurance are deducted at source, typically via an umbrella company or agency PAYE. Headline day rates on inside IR35 engagements are generally higher than equivalent outside IR35 roles to account for the tax and employment cost structure.
Inside IR35 determinations are made where the working arrangements are considered to resemble employment, based on factors including the level of client control, the absence of a genuine right of substitution, and the presence of mutuality of obligation. Since April 2021, the end client is responsible for making this determination for medium and large private sector organisations. Many employers in financial services, government, and professional services assess the majority of their contractor engagements as inside IR35.
On QualityContracts.co.uk, approximately 49% of roles with a stated IR35 status are classified as inside IR35, making it the most common arrangement across the contract market. The proportion varies by sector and role type. Each listing on this page displays its IR35 status where provided by the hiring organisation.
What devsecops roles are usually Inside IR35?
Inside IR35 DevSecOps work is common in regulated sectors where security is embedded into programme-level governance. Banks running large application modernisation programmes, government departments meeting NCSC security standards, and healthcare organisations handling sensitive data all engage DevSecOps contractors inside IR35 as part of broader delivery teams. The contractor works alongside developers and infrastructure engineers on an ongoing basis, which supports an inside IR35 determination. Given the scarcity of genuine DevSecOps skills, inside IR35 rates should reflect a premium over standard DevOps or security engineering roles.
How much do devsecops contractors usually earn when working Inside IR35?
Contract rates for devsecops roles typically range from £550 to £850 per day, depending on the scope of the role, required expertise, and the delivery expectations of the engagement. Inside IR35 rates are typically 15% to 30% higher than equivalent outside IR35 roles to account for tax and national insurance deducted at source by the fee-payer.
How many Inside IR35 devsecops vacancies are there on Quality Contracts?
Over the past twelve months, we have tracked over 150 devsecops contract roles across the site. Around one third of the roles currently listed on the site fall Inside IR35. Data reviewed up to June 2026.