How would you design and implement infrastructure as code (IaC) while adhering to strict security compliance guidelines for Federal Reserve System?