Develop and maintain the enterprise identity architecture blueprint across IAM, IGA, SSO, PIM, and cloud identity services.
Establish identity standards, patterns, and reference architectures for on-premises and cloud environments.
Define and drive Zero Trust identity strategy, modern authentication roadmap, and identity lifecycle transformation.
Assess identity risk posture and recommend controls aligned with business and compliance requirements.
Architect and implement identity lifecycle and governance solutions including role modeling, access certification, and automated provisioning/deprovisioning.
Integrate IGA platforms with HR systems, AD/Entra ID, cloud applications, and SaaS platforms.
Define RBAC/ABAC frameworks and enforce least privilege across the enterprise.
Design and oversee PIM and privileged access architectures including just‑in‑time access, privileged session management, and secure admin tiering.
Align privileged access models across AD, Entra ID, cloud workloads, servers, databases, and network systems.
Provide architectural oversight for privileged access tools and secure credential management.Architect SSO integrations using SAML, OAuth, OIDC, WS‑Fed, and modern authentication protocols.
Define centralized authentication patterns for cloud and on‑prem applications.
Implement effective MFA, Conditional Access, and continuous authentication strategies.
Provide architecture direction for Active Directory tiers, domain services, Group Policy structure, and identity security hardening.
Lead hybrid identity design involving Entra ID, AAD Connect, federation, and modern authentication migration.
Optimize identity infrastructure for scalability, resilience, and security.
Architect cloud identity solutions across Azure, multicloud, and SaaS platforms.
Guide modern identity adoption including passwordless, FIDO2, device identity, workload identity, and identity segmentation.
Integrate cloud identity controls into enterprise identity governance and access workflows.
Act as the senior subject matter expert (SME) for identity architecture across security, cloud, application, and infrastructure teams.
Lead evaluation and adoption of new IAM, IGA, SSO, and PIM technologies.
Provide architecture governance, design reviews, and mentorship to engineering teams.
Partner with compliance and risk teams to support audits, certification processes, and regulatory reporting.
Requirements
Minimum eight (8) years of proven experience in large enterprise companies.
Minimum five (5) years of proven experience architecting and designing enterprise grade solutions.
Hands on experience in IAM systems like Ping or Okta or Azure EntraID.
Benefits
Vision insurancePaid time offFlexible schedule
Additional Information
Company Overview
KLA is a global leader in diversified electronics for the semiconductor manufacturing ecosystem. Virtually every electronic device in the world is produced using our technologies. No laptop, smartphone, wearable device, voice-controlled gadget, flexible screen, VR device or smart car would have made it into your hands without us. KLA invents systems and solutions for the manufacturing of wafers and reticles, integrated circuits, packaging, printed circuit boards and flat panel displays. The innovative ideas and devices that are advancing humanity all begin with inspiration, research and development. KLA focuses more than average on innovation and we invest 15% of sales back into R&D. Our expert teams of physicists, engineers, data scientists and problem-solvers work together with the world's leading technology providers to accelerate the delivery of tomorrow's electronic devices. Life here is exciting and our teams thrive on tackling really hard problems. There is never a dull moment with us.
Group/Division
The Information Technology (IT) group at KLA is involved in every aspect of the global business. IT's mission is to enable business growth and productivity by connecting people, process, and technology. It focuses not only on enhancing the technology that enables our business to thrive but also on how employees use and are empowered by technology. This integrated approach to customer service, creativity and technological excellence enables employee productivity, business analytics, and process excellence.
Job Description/Preferred Qualifications
We are seeking a highly experienced Sr. Enterprise Identity Architect to lead the design and modernization of enterprise identity security across on‑prem and cloud environments. This role provides deep technical expertise and strategic direction across Identity & Access Management (IAM), Identity Governance & Administration (IGA), Privileged Identity Management (PIM), Single Sign-On (SSO), Cloud Identity, Active Directory, and Entra ID (Azure AD).
As a senior architect, you will define enterprise identity architecture, drive Zero Trust initiatives, and collaborate with cross‑functional teams to implement scalable, secure, and compliant identity solutions.
Kla · Milpitas, CA