Artech LLC

Compensation

Full Description

Role : Senior AWS Cloud Security Solution Architect – IAM, SCP Governance & Terraform Automation Location : Alpharetta ,GA (Onsite) Duration: 6 Months ROLE_DESCRIPTION : • Must have 7+ years of Experience in Amazon Web Service(AWS) Cloud Computing. • Must have 7+ years of Experience in Cloud Computing (General). • Must have Experience in SAP Cloud Architecture. • Assessment Roadmap Development Lead discovery and assessment of current AWS accounts, IAM roles, SCPs, and Terraform modules. • Identify security gaps and develop a phased implementation roadmap in collaboration with stakeholders. • Security Policy Control Design Design and validate Service Control Policies (SCPs) to enforce least privilege, root user lockdown, and IP whitelisting. • Ensure policies are tested in non-production environments before rollout. • IAM Role Management Audit and refactor IAM roles to eliminate over-permissioning, deprecate shared roles, and implement least-privilege, function-specific access with clear permission boundaries. • Break-Glass Access Develop and document secure, auditable break-glass access procedures, including MFA enforcement, time-bound access, and approval workflows. • Infrastructure as Code (IaC) Review and update Terraform modules to ensure secure-by-default configurations, including encryption, tagging, and logging. • Oversee peer reviews and validation in staging environments. • Testing Validation Lead functional and negative testing of IAM and SCP changes, ensuring compliance with security benchmarks and operational requirements. • Production Rollout Documentation Oversee deployment of validated controls and modules to production, monitor for anomalies, and ensure comprehensive documentation and knowledge transfer. Overview • The Solution Architect is responsible for designing, implementing, and overseeing cloud security and compliance solutions for AWS environments supporting E-Trade operations. This role ensures alignment with Brokerage’s security policies, industry standards, and regulatory requirements, while driving technical excellence and operational efficiency. Key Responsibilities: • Assessment & Roadmap Development: Lead discovery and assessment of current AWS accounts, IAM roles, SCPs, and Terraform modules. Identify security gaps and develop a phased implementation roadmap in collaboration with stakeholders. • Security Policy & Control Design: Design and validate Service Control Policies (SCPs) to enforce least privilege, root user lockdown, and IP whitelisting. Ensure policies are tested in non-production environments before rollout. • IAM Role Management: Audit and refactor IAM roles to eliminate over-permissioning, deprecate shared roles, and implement least-privilege, function-specific access with clear permission boundaries. • Break-Glass Access: Develop and document secure, auditable break-glass access procedures, including MFA enforcement, time-bound access, and approval workflows. • Infrastructure as Code (IaC): Review and update Terraform modules to ensure secure-by-default configurations, including encryption, tagging, and logging. Oversee peer reviews and validation in staging environments. • Testing & Validation: Lead functional and negative testing of IAM and SCP changes, ensuring compliance with security benchmarks and operational requirements. • Production Rollout & Documentation: Oversee deployment of validated controls and modules to production, monitor for anomalies, and ensure comprehensive documentation and knowledge transfer. Required Skills & Experience: Cloud Security & Compliance: • Deep expertise in AWS security controls, IAM, SCPs, and compliance frameworks relevant to financial services. Solution Design: • Proven ability to design scalable, secure architectures and translate business requirements into technical solutions. Technical Leadership: • Experience leading cross-functional teams, conducting stakeholder workshops, and presenting architectural decisions to both technical and non-technical audiences. DevOps & Automation: • Hands-on experience with Terraform, CI/CD pipelines, and automation of cloud infrastructure. Communication: • Strong documentation, presentation, and stakeholder management skills. Qualifications • Bachelor’s or Master’s degree in Computer Science, Engineering, or related field. • Relevant certifications (e.g., AWS Certified Solutions Architect, TOGAF, CISSP) are highly desirable. • 10+ years of experience in IT, with at least 5 years in cloud architecture and security roles. • Applicants must be able to work directly for Artech on W2. For immediate consideration please click APPLY to begin the screening process with Alex. About the Company: Artech LLC