Enable job alerts via email!
DevOps Auditor
Interact Consulting Ltd
Greater London
Hybrid
GBP 80,000 - 100,000
Full time
Generate a tailored resume in minutes
Land an interview and earn more. Learn more
Job summary
A consulting firm is seeking a DevOps Auditor to conduct audits for a UK healthcare client. The role is fully remote and requires assessing current AWS DevOps practices, compliance mapping to frameworks like ISO 27001, and delivering comprehensive audit reports. The ideal candidate should have hands-on experience with audit and compliance in a regulated environment. This position offers competitive day rates ranging from £475 to £525 and is initially for 7 days with potential extension.
Qualifications
- Hands-on experience in DevOps practices.
- Experience in audit and compliance within regulated environments.
- Ability to assess maturity and advise on improvements.
Responsibilities
- Review AWS DevOps practices across CI/CD pipelines.
- Capture and assess evidence of compliance.
- Validate security posture via scans and reviews.
- Produce a comprehensive gap analysis and risk register.
- Define minimum DevOps guardrails for future delivery.
Skills
Location: London, Remote
Category: Contract Jobs
Salary: 475-525pd + Remote Working
Ref: JT/JC/6004
Contact Name: James Clarke
Telephone: 01908 752385
Inside IR35 | DevOps Auditor (Audit Phase) Duration: Initial 7 days (potential extension up to 12 months) Day Rate: £475-£525 (Inside IR35) Location: Fully remote (UK-based contractors only) Sector: Healthcare / DevOps & Systems Audit
This engagement is ideal for a hands-on DevOps or platform practitioner with audit, compliance, and regulated environment experience who can quickly assess maturity and advise on next steps toward secure, governed operations.
We're seeking an experienced DevOps Auditor to support a UK healthcare client with an audit of their CI/CD, infrastructure, and operational controls. This short engagement (approx. 7 days) will deliver a compliance‑ready assessment, gap analysis, and remediation roadmap, laying the foundation for a potential longer-term 12‑month engagement to implement improvements.
Key Responsibilities
- Review current‑state AWS DevOps practices across CI/CD pipelines, infrastructure‑as‑code (Terraform/Bicep), secrets management, and release/change controls.
- Capture and assess evidence such as pipeline logs, approvals, artefact integrity/signing, access controls, and configuration baselines.
- Validate security posture via SAST/DAST scans, dependency and licence reviews, container/image policies, and supply‑chain controls.
- Evaluate logging, monitoring, and observability practices.
- Map findings to compliance frameworks (e.g., ISO 27001, SOC 2, or NHS DSPT where applicable).
- Produce a comprehensive gap analysis, risk register (with severity and likelihood ratings), and prioritised remediation backlog.
- Define minimum DevOps guardrails for the next delivery phase (e.g., mandatory checks, branch protection, promotion criteria).
Deliverables (by end of audit)
- DevOps Audit Report (executive summary + detailed findings).
- Compliance mapping (ISO 27001 Annex A / SOC 2 trust principles) with gap list.
- Risk register including mitigations, effort, and impact estimates.
- Prioritised remediation backlog and proposed guardrails for Phase 2.
- RACI for change/release management and access review summary.
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
