diff --git a/.github/actions/orchestrator-cache/action.yml b/.github/actions/orchestrator-cache/action.yml
new file mode 100644
index 00000000000..a104d7cc0f3
--- /dev/null
+++ b/.github/actions/orchestrator-cache/action.yml
@@ -0,0 +1,32 @@
+name: Setup Orchestrator Cache
+description: Sets up orchestrator cache
+
+inputs:
+  sq-version:
+    description: 'SonarQube version. If DEV, cache will be disabled.'
+    required: true
+
+runs:
+  using: composite
+  steps:
+    - name: Set Orchestrator Cache Variables
+      shell: bash
+      run: |
+        # year-week
+        CACHE_KEY=$(date +'%Y-%U')
+        echo "ORCHESTRATOR_CACHE_KEY=$CACHE_KEY" >> $GITHUB_ENV
+        echo "ORCHESTRATOR_HOME=${{ github.workspace }}/orchestrator" >> $GITHUB_ENV
+
+    - name: Cache Orchestrator
+      if: inputs.sq-version != 'DEV'
+      uses: SonarSource/gh-action_cache@v1
+      with:
+        path: ${{ env.ORCHESTRATOR_HOME }}
+        key: orchestrator-${{ inputs.sq-version }}-${{ env.ORCHESTRATOR_CACHE_KEY }}-${{ github.run_id }}
+        restore-keys: orchestrator-${{ inputs.sq-version }}-${{ env.ORCHESTRATOR_CACHE_KEY }}-
+
+    - name: Setup Orchestrator Home Directory
+      shell: bash
+      run: |
+        mkdir -p "$ORCHESTRATOR_HOME"
+        ls -lRh "$ORCHESTRATOR_HOME"
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index 5cc722b6507..08b48e4c704 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -56,10 +56,10 @@ jobs:
       fail-fast: false
       matrix:
         item:
-          - { runner: github-ubuntu-latest-m, profile: without-sonarqube-project }
-          - { runner: github-ubuntu-latest-m, profile: only-sonarqube-project }
-          - { runner: github-windows-latest-m, profile: without-sonarqube-project }
-          - { runner: github-windows-latest-m, profile: only-sonarqube-project }
+          - { runner: github-ubuntu-latest-m, profile: without-sonarqube-project, sq_version: LATEST_RELEASE }
+          - { runner: github-ubuntu-latest-m, profile: only-sonarqube-project, sq_version: LATEST_RELEASE }
+          - { runner: github-windows-latest-m, profile: without-sonarqube-project, sq_version: LATEST_RELEASE }
+          - { runner: github-windows-latest-m, profile: only-sonarqube-project, sq_version: LATEST_RELEASE }
     name: Ruling QA
     needs:
       - build
@@ -91,6 +91,10 @@ jobs:
         with:
           secrets: |
             development/github/token/licenses-ro token | GITHUB_TOKEN;
+      - name: Orchestrator Cache
+        uses: ./.github/actions/orchestrator-cache
+        with:
+          sq-version: ${{ matrix.item.sq_version }}
       - name: Run ruling tests
         shell: bash # Set explicitly so Bash is used on Windows runners too.
         env:
@@ -98,7 +102,7 @@ jobs:
           GITHUB_TOKEN: ${{ fromJSON(steps.secrets.outputs.vault).GITHUB_TOKEN }}
         run: |
           cd its/ruling
-          mvn package ${MAVEN_OUTPUT_ARGS} "-Pit-ruling,${{ matrix.item.profile }}" -Dsonar.runtimeVersion=LATEST_RELEASE -Dmaven.test.redirectTestOutputToFile=false -Dparallel=methods -DuseUnlimitedThreads=true
+          mvn package ${MAVEN_OUTPUT_ARGS} "-Pit-ruling,${{ matrix.item.profile }}" -Dsonar.runtimeVersion=${{ matrix.item.sq_version }} -Dmaven.test.redirectTestOutputToFile=false -Dparallel=methods -DuseUnlimitedThreads=true
       - name: Upload Actual Results On Failure
         if: failure()
         uses: ./.github/actions/upload-actual
@@ -148,6 +152,10 @@ jobs:
         with:
           secrets: |
             development/github/token/licenses-ro token | GITHUB_TOKEN;
+      - name: Orchestrator Cache
+        uses: ./.github/actions/orchestrator-cache
+        with:
+          sq-version: ${{ matrix.item.sq_version }}
       - name: Plugin QA
         env:
           GITHUB_TOKEN: ${{ fromJSON(steps.secrets.outputs.vault).GITHUB_TOKEN }}
diff --git a/.github/workflows/cleanup-cache.yml b/.github/workflows/cleanup-cache.yml
new file mode 100644
index 00000000000..977172bc054
--- /dev/null
+++ b/.github/workflows/cleanup-cache.yml
@@ -0,0 +1,33 @@
+name: Cleanup S3 Cache
+
+on:
+  workflow_dispatch:
+    inputs:
+      branch:
+        description: "Branch name (e.g., 'feature/my-branch'). Leave empty to list all entries."
+        required: false
+        type: string
+        default: ""
+      key:
+        description: "Cache key prefix (e.g., 'sccache-Linux-')"
+        required: false
+        type: string
+        default: ""
+      dry-run:
+        description: "Preview deletions without executing them"
+        required: false
+        type: boolean
+        default: true
+
+jobs:
+  cleanup:
+    runs-on: github-ubuntu-latest-s
+    permissions:
+      id-token: write
+      contents: read
+    steps:
+      - uses: SonarSource/gh-action_cache/cleanup@v1
+        with:
+          branch: ${{ inputs.branch }}
+          key: ${{ inputs.key }}
+          dry-run: ${{ inputs.dry-run }}