CES has 26+ years of experience in delivering Software Product Development, Quality Engineering, and Digital Transformation Consulting Services to Global SMEs & Large Enterprises. CES has been delivering services to some of the leading Fortune 500 Companies including Automotive, AgTech, Bio Science, EdTech, FinTech, Manufacturing, Online Retailers, and Investment Banks. These are long-term relationships of more than 10 years and are nurtured by not only our commitment to timely delivery of quality services but also due to our investments and innovations in their technology roadmap. As an organization, we are in an exponential growth phase with a consistent focus on continuous improvement, process-oriented culture, and a true partnership mindset with our customers. We are looking for the right qualified and committed individuals to play an exceptional role as well as to support our accelerated growth.
You can learn more about us at: http://www.cesltd.com/
Role Summary:
We are looking for a Associate Technical Architect - Cloud Devops.
Roles & Responsibilities:
The goal of this project is to automate account provisioning through AWS Control Tower, while ensuring existing accounts can be safely transitioned under Control Tower management. The implementation will focus on establishing security baselines and maintaining business continuity.
Engagement Objectives:
Build a Control Tower Landing Zone using an existing or a new AWS Organization, with emphasis on following:
• Deploy AWS Control Tower with automated account provisioning capabilities
• Implement security baseline and governance controls across organization
• Move existing accounts under Control Tower management
Engagement Deliverables
A well-architected multi-account environment Landing Zone environment with:
• Standardized and secure account provisioning process within AWS Control Tower
• Centralized governance and security controls across all AWS accounts
• Streamlined account management through automated Account Factory customizations
Account Provisioning :
• Automated account creation through Account Factory
• Consistent security and compliance baselines
• Standardized account configuration through CfCT Networking
• Fully functional LZ network setup with routes defined for AWS Cross-Account and Cross-Region connectivity integrated with existing VPN connections
• DNS name resolution integration including resolving Internet, Internal, and Cloud hosted DNS Zones
• Integration of the current AWS account into the new Control Tower managed environment
Security:
• Centralized security monitoring and logging across all accounts
• Automated security service enablement (GuardDuty, SecurityHub, CloudTrail)
• Standardized IAM baseline and password policies
• Cross-account access controls and role management Governance
• Implemented preventive and detective guardrails
• Enable customer for monitoring and governing organizational Security and compliance controls
• Standardized resource configuration policies
• Enable cost governance for sandbox accounts
• Centralized logging of CloudTrail and VPC Flow Logs
• Documented design, architecture diagrams, run books and CloudFormation template
Activities to perform:
- Conduct detailed landing zone assessment and gap analysis
- Design Control Tower architecture and customization plan
Implement Control Tower in existing or new AWS organization
- Configure and customize Account Factory for automated provisioning
- Develop and deploy security baseline using Customizations for Control Tower
- Create migration strategy for existing AWS accounts
- Execute phased migration of accounts to Control Tower management
- Perform testing and validation of Control Tower environment
- Provide knowledge transfer and operational guidance to operations team.
Why CES :
Flexible working hours to create a work-life balance.
Opportunity to work on advanced tools and technologies.
Global exposure to not only collaborate with the team, but also to connect with the client portfolio and build professional relationships.
Highly encouraged for any innovative ideas & thoughts and we support in executing the same.
Periodical and on-spot rewards and recognitions on your performance.
Provides a better platform for enhancing skills via many different L&D programs.
Enabling and empowering atmosphere to work along.