Inside IR35 SIEM Contract Jobs

Filter Your Search

Filters

Search
Updating results… 41 Contract jobs sorted by:
Date Posted
Date Posted
Rate
Updating results… 41 Contract jobs

Senior Microsoft 365 Security Engineer

Posted 3 days ago by Hays Specialist Recruitment Limited


The Senior Microsoft 365 Security Engineer will lead the security of a sophisticated Microsoft 365 estate within a prest...

  • Rate Negotiable
  • Category Inside
  • Work type Hybrid
  • Location Didcot, Oxfordshire, UK

Siemens Teamcenter PLM Engineer (DV Cleared)

Posted 4 days ago by Sanderson Government & Defence


The Siemens Teamcenter PLM Engineer role involves supporting a secure government environment as a Subject Matter Expert...

  • Rate £500 per day
  • Category Inside
  • Work type Onsite
  • Location Reading, Berkshire, UK

Information & Cyber Security Manager (SC)

Posted 4 days ago by Synergize Consulting Ltd


The Information & Cyber Security Manager (SC) role is a contract position based in London, focusing on the security of a...

  • Rate Negotiable
  • Category Inside
  • Work type Hybrid
  • Location Hybrid working/London, UK

Principal Infrastructure Engineer

Posted 4 days ago by CBS Butler


The role of Principal Platform Engineer focuses on delivering secure, mission-critical platforms for defence and nationa...

  • Rate £713 per day
  • Category Inside
  • Work type Onsite
  • Location Yeovil, UK

Data Security Engineer

Posted 4 days ago by Whitehall Resources


The Data Security Engineer role at Whitehall Resources is a hybrid position based in Warwickshire, focused on designing...

  • Rate Negotiable
  • Category Inside
  • Work type Hybrid
  • Location Warwickshire

Stay Updated on Contract Jobs

Never miss another opportunity with our email alerts.

Save your searches to be notified as soon as new jobs are added.

Get Job Alerts

SC Cleared Senior Security Architect - Cloud Azure & Data Fabric

Posted 4 days ago by fortice


The Senior Security Architect for Cloud Azure & Data Fabric is tasked with designing, implementing, and governing secure...

  • Rate £500 per day
  • Category Inside
  • Work type Remote
  • Location Remote , UK

Data Security Engineer - CyberArk

Posted 4 days ago by fortice


The Data Security Engineer role focuses on the design, implementation, and support of CyberArk Privileged Access Managem...

  • Rate £430 per day
  • Category Inside
  • Work type Hybrid
  • Location Hybrid - Warwick, UK

Principal Platform Engineer - 1733

Posted 5 days ago by Matchtech


The Principal Platform Engineer role at Leonardo involves leading the design, integration, and delivery of secure platfo...

  • Rate Negotiable
  • Category Inside
  • Work type Onsite
  • Location Yeovil, Somerset, UK

Senior Microsoft 365 Security Engineer

Posted 5 days ago by Hays


The Senior Microsoft 365 Security Engineer will lead the security and management of a sophisticated Microsoft 365 enviro...

  • Rate £500 per day
  • Category Inside
  • Work type Hybrid
  • Location Harwell, Didcot (OX11), OX11 0FA

Cyber Security Architect

Posted 5 days ago by BAE Systems


The Cyber Security Architect role focuses on securing operational technology and critical national infrastructure within...

  • Rate £90 per hour
  • Category Inside
  • Work type Onsite
  • Location Lancashire, England, United Kingdom

Cybersecurity Engineer – AI & Automation

Posted 5 days ago by PRACYVA


The Cybersecurity Engineer – AI & Automation role focuses on implementing and validating AI-enabled detection and respon...

  • Rate Negotiable
  • Category Inside
  • Work type Undetermined
  • Location Brighton, England, United Kingdom

Principal Platform Engineer - 1733

Posted 7 days ago by Jobserve


The Principal Platform Engineer role at Leonardo involves leading the design, integration, and delivery of secure platfo...

  • Rate Negotiable
  • Category Inside
  • Work type Onsite
  • Location Yeovil, Somerset

Enterprise Security Architect

Posted 7 days ago by Eames Consulting


The role of Enterprise Security Architect focuses on delivering secure telecommunications infrastructure within a regula...

  • Rate £90 per hour
  • Category Inside
  • Work type Hybrid
  • Location London Area, United Kingdom

Cloud Security Engineer

Posted 7 days ago by Whitehall Resources


The Cloud Security Engineer role involves enhancing cloud infrastructure security in alignment with business strategies...

  • Rate Negotiable
  • Category Inside
  • Work type Hybrid
  • Location Cheshire

Cloud Security Engineer

Posted 7 days ago by eTeam Workforce Limited


The Cloud Security Engineer role involves designing, implementing, and securing multi-cloud infrastructures while drivin...

  • Rate £613 per day
  • Category Inside
  • Work type Hybrid
  • Location Knutsford, Cheshire, UK

Zscaler/Network consultant

Posted 7 days ago by Access Computer Consulting Plc


The role of Zscaler/Network Consultant involves working with a large banking client to implement and support Zscaler sol...

  • Rate Negotiable
  • Category Inside
  • Work type Hybrid
  • Location London, UK

Senior SOC Analyst (SIEM Focus)

Posted 1 week ago by Infosec


The role of Senior SOC Analyst (DV Cleared) involves supporting a critical cyber security programme within the defence a...

  • Rate Negotiable
  • Category Inside
  • Work type Onsite
  • Location Corsham, Wiltshire, UK

Senior SOC Analyst (SIEM Focus)

Posted 1 week ago by Infosec


The role of Senior SOC Analyst (DV Cleared) involves supporting a critical cyber security programme within the defence a...

  • Rate Negotiable
  • Category Inside
  • Work type Onsite
  • Location Corsham, Wiltshire

Cloud Security Engineer

Posted 1 week ago by Experis


We are looking for a Cloud Security Engineer to design, implement, and secure multi-cloud infrastructures, focusing on A...

  • Rate Negotiable
  • Category Inside
  • Work type Hybrid
  • Location Knutsford

Lead DecSecOps Engineer

Posted 1 week ago by Inara


The Lead DevSecOps Engineer role involves hands-on engineering within a tech consultancy, focusing on platform security...

  • Rate £800 per day
  • Category Inside
  • Work type Hybrid
  • Location London Area, United Kingdom

About Our Inside IR35 SIEM Contract Roles

What does a siem contractor do?

As a contract SIEM, you are hired to implement, configure, optimise, and operate SIEM platforms that collect, correlate, and analyse security log and event data from across an organisation's technology estate to detect threats, investigate incidents, and support compliance reporting. SIEM is a foundational component of a security operations centre, providing the visibility and detection capability that enables security analysts to identify potential security incidents from the enormous volume of security events generated by modern enterprise environments. Contractors are brought in to implement a new SIEM platform, to migrate from one SIEM to another, to build and tune detection rules that improve the signal-to-noise ratio of SIEM alerts, to develop SIEM content for specific threat use cases, or to provide specialist SIEM expertise within a security operations team.

SIEM contractors are expected to have deep, hands-on experience with the specific SIEM platform relevant to the engagement. Microsoft Sentinel is the most commonly specified SIEM platform in UK enterprise environments, and experience creating Sentinel analytics rules using KQL (Kusto Query Language), building SOAR playbooks in Logic Apps, managing Sentinel workspaces and data connectors, and optimising ingestion costs is a common requirement. Splunk contractors need proficiency in SPL (Splunk Processing Language) for search and analytics alongside knowledge of Splunk Enterprise Security for SIEM use cases and SOAR for automation. IBM QRadar, Elastic SIEM, and LogRhythm are among the other platforms that generate regular UK contract demand. The ability to develop detection rules that accurately identify threat behaviours while minimising false positives, to perform log source onboarding and normalisation, and to conduct SIEM health checks that ensure coverage quality is consistently expected at senior SIEM contractor level.

What is the market like for siem contractors?

The SIEM contract market is a steadily active specialist within the cybersecurity contractor market, driven by the structural need for threat detection and monitoring capability across financial services, critical national infrastructure, healthcare, and large corporate organisations. Microsoft Sentinel has grown rapidly to become the dominant SIEM platform for new implementations in the UK, creating a large and growing Sentinel contractor market with strong demand for KQL-proficient security engineers. The migration of organisations from legacy SIEM platforms to Sentinel or Splunk continues to generate significant project-based SIEM contractor demand. Rates reflect the specialist platform knowledge and security domain expertise required, sitting at the premium end of the security operations contracting market.

What does Inside IR35 mean?

IR35 is UK tax legislation that determines whether a contractor is genuinely self-employed or working in a manner that resembles employment. When a contract is classified as inside IR35, income tax and National Insurance are deducted at source, typically via an umbrella company or agency PAYE. Headline day rates on inside IR35 engagements are generally higher than equivalent outside IR35 roles to account for the tax and employment cost structure.

Inside IR35 determinations are made where the working arrangements are considered to resemble employment, based on factors including the level of client control, the absence of a genuine right of substitution, and the presence of mutuality of obligation. Since April 2021, the end client is responsible for making this determination for medium and large private sector organisations. Many employers in financial services, government, and professional services assess the majority of their contractor engagements as inside IR35.

On QualityContracts.co.uk, approximately 49% of roles with a stated IR35 status are classified as inside IR35, making it the most common arrangement across the contract market. The proportion varies by sector and role type. Each listing on this page displays its IR35 status where provided by the hiring organisation.

What siem roles are usually Inside IR35?

The inside IR35 portion of the SIEM market involves ongoing platform operation: managing and tuning detection rules, investigating alerts, maintaining integrations with log sources, and supporting the SOC team. Financial services firms, government departments, and large enterprises with 24/7 security monitoring operations embed SIEM engineers in their security operations teams. The work follows the client's incident response procedures and requires sustained familiarity with their environment.

How much do siem contractors usually earn when working Inside IR35?

Contract rates for siem roles typically range from £500 to £900 per day, depending on the scope of the role, required expertise, and the delivery expectations of the engagement. Inside IR35 rates are typically 15% to 30% higher than equivalent outside IR35 roles to account for tax and national insurance deducted at source by the fee-payer.

How many Inside IR35 siem vacancies are there on Quality Contracts?

Over the past twelve months, we have tracked over 100 siem contract roles across the site. Around one third of the roles currently listed on the site fall Inside IR35. Data reviewed up to June 2026.