Sr. Identity Architect

KLA•Milpitas, CA

20h

About The Position

KLA is a global leader in diversified electronics for the semiconductor manufacturing ecosystem. Virtually every electronic device in the world is produced using our technologies. No laptop, smartphone, wearable device, voice-controlled gadget, flexible screen, VR device or smart car would have made it into your hands without us. KLA invents systems and solutions for the manufacturing of wafers and reticles, integrated circuits, packaging, printed circuit boards and flat panel displays. The innovative ideas and devices that are advancing humanity all begin with inspiration, research and development. KLA focuses more than average on innovation and we invest 15% of sales back into R&D. Our expert teams of physicists, engineers, data scientists and problem-solvers work together with the world’s leading technology providers to accelerate the delivery of tomorrow’s electronic devices. Life here is exciting and our teams thrive on tackling really hard problems. There is never a dull moment with us. The Information Technology (IT) group at KLA is involved in every aspect of the global business. IT’s mission is to enable business growth and productivity by connecting people, process, and technology. It focuses not only on enhancing the technology that enables our business to thrive but also on how employees use and are empowered by technology. This integrated approach to customer service, creativity and technological excellence enables employee productivity, business analytics, and process excellence. We are seeking a highly experienced Senior Identity Architect to lead the design and modernization of enterprise identity security across on‑prem and cloud environments. This role provides deep technical expertise and strategic direction across Identity & Access Management (IAM), Identity Governance & Administration (IGA), Privileged Identity Management (PIM), Single Sign-On (SSO), Cloud Identity, Active Directory, and Entra ID (Azure AD). As a senior architect, you will define enterprise identity architecture, drive Zero Trust initiatives, and collaborate with cross‑functional teams to implement scalable, secure, and compliant identity solutions.

Requirements

Minimum eight (8) years of proven experience in large enterprise companies.
Minimum five (5) years of proven experience architecting and designing enterprise grade solutions.
Hands on experience in IAM systems like Ping or Okta or Azure EntraID.
Experience working with IGA tools like Sailpiont, Savyint etc., and PIM tools like CyberArc or BeyondTrust etc.,
Experience with multi‑cloud identity (AWS, GCP).
Experience driving large-scale identity modernization or cloud transformation programs.
Knowledge of regulatory frameworks like SOX, HIPAA, PCI, ISO 27001, or NIST.

Nice To Haves

Certifications in Identity and Security areas a huge plus.

Responsibilities

Develop and maintain the enterprise identity architecture blueprint across IAM, IGA, SSO, PIM, and cloud identity services.
Establish identity standards, patterns, and reference architectures for on-premises and cloud environments.
Define and drive Zero Trust identity strategy, modern authentication roadmap, and identity lifecycle transformation.
Assess identity risk posture and recommend controls aligned with business and compliance requirements.
Architect and implement identity lifecycle and governance solutions including role modeling, access certification, and automated provisioning/deprovisioning.
Integrate IGA platforms with HR systems, AD/Entra ID, cloud applications, and SaaS platforms.
Define RBAC/ABAC frameworks and enforce least privilege across the enterprise.
Design and oversee PIM and privileged access architectures including just‑in-time access, privileged session management, and secure admin tiering.
Align privileged access models across AD, Entra ID, cloud workloads, servers, databases, and network systems.
Provide architectural oversight for privileged access tools and secure credential management.
Architect SSO integrations using SAML, OAuth, OIDC, WS‑Fed, and modern authentication protocols.
Define centralized authentication patterns for cloud and on‑prem applications.
Implement effective MFA, Conditional Access, and continuous authentication strategies.
Provide architecture direction for Active Directory tiers, domain services, Group Policy structure, and identity security hardening.
Lead hybrid identity design involving Entra ID, AAD Connect, federation, and modern authentication migration.
Optimize identity infrastructure for scalability, resilience, and security.
Architect cloud identity solutions across Azure, multicloud, and SaaS platforms.
Guide modern identity adoption including passwordless, FIDO2, device identity, workload identity, and identity segmentation.
Integrate cloud identity controls into enterprise identity governance and access workflows.
Act as the senior subject matter expert (SME) for identity architecture across security, cloud, application, and infrastructure teams.
Lead evaluation and adoption of new IAM, IGA, SSO, and PIM technologies.
Provide architecture governance, design reviews, and mentorship to engineering teams.
Partner with compliance and risk teams to support audits, certification processes, and regulatory reporting.

Benefits

KLA’s total rewards package for employees may also include participation in performance incentive programs and eligibility for additional benefits including but not limited to: medical, dental, vision, life, and other voluntary benefits, 401(K) including company matching, employee stock purchase program (ESPP), student debt assistance, tuition reimbursement program, development and career growth opportunities and programs, financial planning benefits, wellness benefits including an employee assistance program (EAP), paid time off and paid company holidays, and family care and bonding leave.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume