IR35 DevOps Auditor Fully Remote

Inside IR35 | Dev Ops Auditor (Audit Phase) Duration:
Initial 7 days (potential extension up to 12 months) Day Rate: £475-£525 (Inside IR35)

Location:

Fully remote (UK-based contractors only) Sector:
Healthcare / Dev Ops & Systems Audit

This engagement is ideal for a hands‑on Dev Ops or platform practitioner with audit, compliance, and regulated environment experience who can quickly assess maturity and advise on next steps toward secure, governed operations.

We're seeking an experienced Dev Ops Auditor to support a UK healthcare client with an audit of their CI/CD, infrastructure, and operational controls. This short engagement (approx. 7 days) will deliver a compliance‑ready assessment, gap analysis, and remediation roadmap, laying the foundation for a potential longer‑term 12‑month engagement to implement improvements.

• Review current‑state AWS Dev Ops practices across CI/CD pipelines, infrastructure‑as‑code (Terraform/Bicep), secrets management, and release/change controls.
• Capture and assess evidence such as pipeline logs, approvals, artefact integrity/signing, access controls, and configuration baselines.
• Validate security posture via SAST/DAST scans, dependency and licence reviews, container/image policies, and supply‑chain controls.
• Evaluate logging, monitoring, and observability practices.
• Map findings to compliance frameworks (e.g., ISO 27001, SOC 2, or NHS DSPT ...