Lead IT Security Architect-Office 365

Company Overview

KLA is a global leader in diversified electronics for the semiconductor manufacturing ecosystem. Virtually every electronic device in the world is produced using our technologies. No laptop smartphone wearable device voice-controlled gadget flexible screen VR device or smart car would have made it into your hands without us. KLA invents systems and solutions for the manufacturing of wafers and reticles integrated circuits packaging printed circuit boards and flat panel displays. The innovative ideas and devices that are advancing humanity all begin with inspiration research and development. KLA focuses more than average on innovation and we invest 15% of sales back into R&D. Our expert teams of physicists engineers data scientists and problem-solvers work together with the worlds leading technology providers to accelerate the delivery of tomorrows electronic devices. Life here is exciting and our teams thrive on tackling really hard problems. There is never a dull moment with us.

Group/Division

The Information Technology (IT) group at KLA is involved in every aspect of the global business. ITs mission is to enable business growth and productivity by connecting people process and technology. It focuses not only on enhancing the technology that enables our business to thrive but also on how employees use and are empowered by technology. This integrated approach to customer service creativity and technological excellence enables employee productivity business analytics and process excellence.

Job Description/Preferred Qualifications

We are seeking a hands-on Microsoft Office 365 Security Lead who will act as both the strategic owner and technical subject matter expert (SME) for Microsoft 365 security. This role is responsible for partnering and executing the security roadmap driving operational efficiencies and configuring and optimizing security controls across the Microsoft 365 ecosystem.
The ideal candidate is equally comfortable setting the operational strategy translating cybersecurity requirements into real enforceable Microsoft 365 configurations and serving as the go-to authority for Office 365 security across the enterprise.

Microsoft 365 Security Ownership & SME Role

• Serve as the primary SME and architect for Microsoft Office 365 security across the enterprise

• Drive the operational excellence for Microsoft 365 security platform including managing prioritizations collaborating on design decisions and phased execution

• Stay hands-on with tenant configuration policy tuning feature rollouts and troubleshooting

• Act as the escalation point for complex Microsoft 365 security issues and design decisions

Infrastructure Operation Security

• Design implement and maintain security controls across: Exchange Online (email and messaging security) Intune OneDrive and Teams

• Configure and optimize: Conditional Access policies Identity Protection Tenant restrictions External collaboration controls

• Partner with key stakeholders to drive the implementation of Zero Trust principles across identity devices applications endpoints and data.

• Continuously evaluate and improve security based on threats telemetry and Microsoft best practices.

• Knowledge of Microsoft Purview Data Loss Prevention (DLP) Sensitivity labels and encryption Digital Rights Management (DRM) Active Directory Rights Management Services (ADRMS)

• Evaluate emerging Microsoft security features and technologies integrating them into the roadmap where appropriate

• Understand and apply AI security fundamentals data protection and access controls across the enterprise.

• Drive improvements in Email and phishing protection Threat detection and investigation Automated and manual response workflows

Cross-Functional Leadership & Influence

• Serve as the Microsoft 365 security partner to the Cybersecurity organization

• Lead and influence cross-functional dotted-line teams across infrastructure identity applications and compliance

• Work effectively in a multinational environment across multiple time zones and cultures

• Communicate security decisions risks and trade-offs clearly to technical and non-technical stakeholders

• Partners with Cybersecurity Legal Privacy and Compliance teams to translate policy into enforceable technical controls

Minimum Qualifications

Doctorate (Academic) Degree and related work experience of 3 years; Masters Level Degree and related work experience of 6 years; Bachelors Level Degree and related work experience of 8 years.

Core Technical Expertise

• Experience working in large multinational enterprises of 10000 users

• Deep hands-on experience with the Microsoft 365 security ecosystem

• Strong expertise in: Microsoft Defender Microsoft Purview. eMail Data Loss Prevention (DLP) Microsoft sensitive data protection Conditional Access DRM and ADRMS

• Strong understanding of: Zero Trust security architecture Messaging and email security Threat response and incident handling and Data governance frameworks

• Proven experience as a hands-on architect who can drive roadmaps and operational efficiencies

• Strong collaboration skills across infrastructure application and cybersecurity teams

• Demonstrated ability to lead without direct authority (dotted-line teams)

• Excellent communication and stakeholder management skills

Preferred Qualifications

• Microsoft Security certifications (SC-100 SC-200 SC-300 SC-400)

• Experience with M&A integrations from a Microsoft 365 security perspective

• Experience aligning Microsoft 365 security to enterprise compliance frameworks (NIST ISO SOC GDPR)

• Managerial experience in leading Microsoft 365 and collaboration teams.

• Experience securing multi-cloud environments (Azure AWS GCP etc.)

Base Pay Range: $111100.00 - $188900.00 Annually

Primary Location: USA-MI-Ann Arbor-KLA

KLAs total rewards package for employees may also include participation in performance incentive programs and eligibility for additional benefits including but not limited to: medical dental vision life and other voluntary benefits 401(K) including company matching employee stock purchase program (ESPP) student debt assistance tuition reimbursement program development and career growth opportunities and programs financial planning benefits wellness benefits including an employee assistance program (EAP) paid time off and paid company holidays and family care and bonding leave.

Interns are eligible for some of the benefits listed. Our pay ranges are determined by role level and location. The range displayed reflects the pay for this position in the primary location identified in this posting. Actual pay depends on several factors including state minimum pay wage rates location job-related skills experience and relevant education level or training. We are committed to complying with all applicable federal and state minimum wage requirements where applicable. If applicable your recruiter can share more about the specific pay range for your preferred location during the hiring process.

KLA is proud to be an Equal Opportunity Employer. We will ensure that qualified individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process to perform essential job functions and to receive other benefits and privileges of employment. Please contact us at or at 1- to request accommodation.

Be aware of potentially fraudulent job postings or suspicious recruiting activity by persons that are currently posing as KLA employees. KLA never asks for any financial compensation to be considered for an interview to become an employee or for equipment. Further KLA does not work with any recruiters or third parties who charge such fees either directly or on behalf of KLA. Please ensure that you have searched KLAs Careers website for legitimate job postings. KLA follows a recruiting process that involves multiple interviews in person or on video conferencing with our hiring managers. If you are concerned that a communication an interview an offer of employment or that an employee is not legitimate please send an email to to confirm the person you are communicating with is an employee. We take your privacy very seriously and confidentially handle your information.