Logo
LiveMindz

Sr. AWS Cloud Security Architect Only W2 required

LiveMindz, Dallas, Texas, United States, 75215

Job DescriptionAWS Control Tower- Provision the AWS Control Tower service.- Configure the landing zone, including creating and managing organizational units (OUs), accounts, and guardrails.- Set up identity management with AWS IAM or integrate with external identity providers (such as AWS SSO or Active Directory).- Manage cross-account roles and permissions for centralized logging and auditing.- Oversee the lifecycle of Control Tower components (guardrails, blueprints, etc.).AWS Organization and Landing Zone Architect- Enable AWS Org to organize accounts into Organizational Units (OUs) and apply policies.- Manage organization structure to separate workloads (e.g., production vs. development).- Centralized billing and account management.- Define and configure the landing zone architecture.- Ensure proper integration with foundational AWS services (VPC, subnets, and security configurations).- Establish guardrails, controls, and best practices across accounts.- Manage lifecycle policies for organizational accounts and workload-specific accounts.AWS Network and Security- Design and implement VPC, subnet structures, and routing between accounts.- Configure AWS Transit Gateway for multi-account, multi-VPC connectivity.- Ensure security groups, NACLs, and firewall policies align with organizational requirements.- Set up interconnectivity to on-premises environments (Direct Connect, VPN).- Implement AWS Security Hub, AWS Guard Duty, and other security services for continuous monitoring.- Configure identity and access management policies for least-privilege access.- Oversee centralized logging and auditing with services like AWS CloudTrail and AWS Config.AWS Compliance- Define compliance guardrails and enable the appropriate AWS services (AWS Config, AWS CloudTrail).- Monitor compliance with regional or industry-specific regulations (e.g., GDPR, HIPAA).- Implement continuous compliance checks using AWS Audit Manager or custom solutions.- Review AWS Control Tower logs for adherence to policies.AWS Self Services- Provide Self Service for resource provisioning