דרושים Architect - Directory Pki Services ב-Applied Materials ב-United States, Austin

Key Responsibilities

• Design and implement scalable, secure AD and LDAP directory services for global enterprise environments.

• Integrate AD/LDAP and PKI with cloud identity platforms such as Azure AD, AWS IAM, and MFA solutions(e.g security key, passkey etc.).

• Perform regular maintenance, health checks, and performance tuning of AD, LDAP, and PKI systems.

• Ensure high availability and disaster recovery readiness for identity infrastructure.

• Troubleshoot complex issues including replication, authentication failures, and certificate errors.

• Architect and manage internal PKI infrastructure including CA, RA, CRL, OCSP, and HSM integrations.

• Define trust strategies and governance models for Certification Authorities (CAs).

• Develop and maintain Certificate Policy and Certificate Practice Statements (CP/CPS).

• Deploy and operate enterprise-grade PKI solutions including Microsoft ADCS and third-party platforms (e.g., DigiCert, Keyfactor, Venafi).

• Implement certificate lifecycle management (CLM) processes including issuance, renewal, revocation, and automation.

• Support application integrations for TLS/SSL, S/MIME, 802.1x, Smartcards, and Code Signing.

• Ensure secure key creation, storage, and usage aligned with cryptographic standards and compliance requirements.

• Develop automation scripts using PowerShell, Python, or Ansible for identity and certificate operations.

• Integrate PKI and credential management into CI/CD pipelines and DevSecOps workflows.

• Understanding of IAM solutions including SSO, MFA, and role-based access control.

• Work with federation protocols (SAML, OAuth, OpenID Connect) and tools like ADFS, Keycloak, PingFederate.

• Align identity and certificate services with ISO 27001, SOC 2, NIST, and GDPR frameworks.

• Support internal and external audits with documentation, logs, and remediation plans.

• Track and report service metrics, SLAs, KPIs, and KRIs for operational excellence.

• Collaborate with global teams including IAM, Infrastructure, Security, and Application owners.

• Provide excellent customer service to users and internal stakeholders.

• Contribute to change management and documentation using ITSM tools.

• Mentor team members and lead cross-functional technical initiatives.

Required Skills & Experience

• 5-7 years of experience in enterprise IT infrastructure with specialization in AD, LDAP, and PKI.

• Strong understanding of AD core concepts: FSMO roles, OU structure, GPOs, replication, RODCs, schema, and security.

• Hands-on experience with Microsoft ADCS and PKI components: Root CA, Issuing CA, OCSP, CRLs, SCEP/NDES.

• Experience with LDAP directories (OpenLDAP, Oracle Directory Services) and integration with enterprise systems.

• Proficiency in scripting (PowerShell, Python) and automation tools (Ansible, Terraform).

• Familiarity with certificate deployment across platforms: Windows, Linux/Unix, Apache, Tomcat, Java Keystore, F5, Azure Key Vault.

• Working knowledge of ITIL framework (Incident, Change, Problem Management).

• Prior experience with service management tools (e.g., ServiceNow, Remedy).

• Strong analytical and problem-solving skills with ability to resolve high-impact production incidents.

• Experience working with global teams and customers.

Additional Skills(Nice to have)

• Microsoft certifications (e.g., Azure cloud and security certifications).

• Experience with cloud-native identity platforms (HYPR, Azure AD, AWS IAM).

• Familiarity with PAM tools.

• Experience with containerized environments and Kubernetes certificate management.

• Understanding of cryptographic algorithms(symmetric/asymmetric),digital signatures, and key management.

• Interprets internal/external business challenges and recommends best practices to improve products, processes or services
  Has a good understanding of industry standard frameworks (NIST, CIS etc.)

Leadership

• May lead functional teams or projects with moderate resource requirements, risk, and/or complexity

• Identify and create use cases to further mature existing user entity behavior analytics (UEBA) solution. Primary focus is to identify IOCs leading up to data exfiltration scenarios and map existing or new log sources to specific IOC’s
• Monitor, detect, analyze, respond to Insider Threat alerts, and perform investigations as appropriate in accordance with incident response processes
• Identify, analyze, and make recommendations to address security gaps
• Enforce data loss prevention policies with preventive controls and tools
• Identify recurring incidents within the organization and determine the need to address security control gaps
• Analyze and make recommendations for enhancing AI security governance & controls
• Define, develop, and review performance indicators; analyze trends identified through reporting, and propose changes to Cybersecurity policies and procedures
• Participate in various Insider Threat assessments, drills, campaigns, and other processes
• Working knowledge in technical domains such as: DLP, networking, firewalls, change management, systems administration, cloud computing, and information security best practices
• Management and administration of Insider Threat tools
• Strong documentation skills with the ability to produce/maintain supporting procedures and processes
• Ability to work independently and collaboratively in a global environment
• Excellent written and verbal communication skills to communicate security and business risk to a broad range of technical and non-technical audiences

7+ years of insider risk experience

• Deploy, configure and lead operations multiple insider-threat technologies and appliances.
  Act as primary escalation support and consultancy for information security issues.
• Work across teams to develop and define project/program information security metrics & dashboards.
• Develop and maintain information security standards, procedures & guidelines and review/approve exceptions.
• Refine, configure and implement application roles, review and monitor access controls and process routine & emergency system access requests.
• Monitor events, collate and analyze data to assess the environment for information security risk, policy violations, & unusual activity and perform root cause analysis.
• Architect and implement new or updates to security solutions. Provide technical advice to clients and teams on design, installation and maintenance of information security.
• Evaluate on-premise & Cloud services to ensure information and personal information security. Work with the end users and project teams to design, implement and support information security best practices.
• Lead internal and external assessments and audits. Remediate identified issues and implement compensating controls. Assist with information security administration processes and practices violation investigations.
• Monitors and directs contingent workers in the delivery of project and support services. Evaluates contingent worker KPI's and provides timely updates to management. Responsible for approving contingent worker timesheets. Adheres to compliance processes and procedures

• Interprets internal/external business challenges and recommends best practices to improve products, processes or services
  Has a good understanding of industry standard frameworks (NIST, CIS etc.)

Leadership

• May lead functional teams or projects with moderate resource requirements, risk, and/or complexity

Problem Solving

• Leads others to solve complex problems; uses sophisticated analytical thought to exercise judgment and identify innovative solutions

Impact

• Impacts the achievement of customer, operational, project or service objectives; work is guided by functional policies

interpersonal Skills

• Communicates difficult concepts and negotiates with others to adopt a different point of view
  When required, act as a good mentor and train junior engineers appropriately

Key Responsibilities:

• Requires specialized depth and/or breadth of expertise in the Quality Domain , with demonstrated solution leadership experience in this area. Candidate should be highly skilled in SAP, with hands-on experience in S/4HANAimplementations

• Works independently, with guidance in only the most complex situations. May lead functional teams or projects.

• Serve as an interface with multiple sub-groups within a business unit or functional area such as Sales, Operations, Engineering, Service, and Finance for the purpose of business technology alignment, solution discovery, service management, project portfolio management, and relationship management.

• Architect and design complex business process/business application solutions to address cross-functional needs, and convert design to functional and technical specifications. Oversee software application configuration, prepare and execute testing (unit, integration, performance, acceptance), and data conversions. Identify and recommend industry best-known methods (BKMs) for integrated solution design and standards.

• Provide and/or oversee business application functional support services to meet customer performance, availability, service level agreements, and customer satisfaction targets. Oversee monitoring of specific IT systems or set of systems and tuning of such systems for availability and performance. Drive completion of root cause analysis and resolution of outages or incident trends, coordinating with infrastructure and technical teams, support providers, and application vendors. Drive implementation of corrective and preventative actions. Evaluate, recommend, and plan life cycle for patches, point releases, and major upgrades.

• Deliver project and support services within area of responsibility within allocated budget. Develop project budgets. Understand cost models and cost drivers for service(s) and recommend service area budgets and cost optimization activities. May be responsible for timely renewal of maintenance and subscription contracts.

• Ensure adherence to GIS project management, software application development, testing, service management, change management, RCA, and other relevant processes, standards, governance, and controls. May manage execution of SOX controls and testing, and support internal and external audits.

• Plan and manage medium to large-scale cross-functional projects to ensure effective and efficient execution in line with guardrails of scope, timeline, budget, and quality.

• Oversee/manage contingent workers performing services across multiple projects or service areas. Responsible for the selection, onboarding, and offboarding of contingent workers in a timely manner. Manage contingent worker project/task assignments and ensure work product quality. Approve contingent worker timesheets/costs.

Functional Knowledge:

• Demonstrates depth and/or breadth of expertise in own specialized discipline or field, particularly in SAP S/4HANA and Quality domain solution architecture .

Business Expertise:

• Interprets internal/external business challenges and recommends best practices to improve products, processes, or services.

Leadership:

• May lead functional teams or projects with moderate resource requirements, risk, and/or complexity.

Problem Solving:

• Leads others to solve complex problems; uses sophisticated analytical thought to exercise judgment and identify innovative solutions.

Impact:

• Impacts the achievement of customer, operational, project, or service objectives; work is guided by functional policies.

Interpersonal Skills:

• Communicates difficult concepts and negotiates with others to adopt a different point of view.

What We Offer

Job Summary

Key Responsibilities

• Design and maintain a robust, secure, and scalable data architecture aligned with enterprise and digital transformation strategies.

• Define conceptual, logical and physical data models for structured and unstructured data from enterprise systems to support research, metrology, labs, ERP, MES, finance, corporate, PLM, and IoT systems.

• Architect, and identify data and process standardization opportunities with data across labs, research, design tools, manufacturing facilities, supply chain systems, finance systems, manufacturing systems, ERP, PLM, home grown applications and external partners.

• Enable data governance practices for critical business data to ensure metadata management, master data consistency, lineage tracking, and compliance with SEMI and industry regulations.

• Partner with application and enterprise architecture teams with the adoption of modern cloud-based data platforms (e.g., Databricks, Azure) and big data technologies to support analytics, AI/ML use cases.

• Collaborate with data engineers, business analysts, data scientists, enterprise architects, domain SMEs, and operational teams to understand requirements and translate them into data architecture strategies.

• Establish data architecture frameworks, standards, and policies tailored to the semiconductor domain’s complexities and scale.

Qualifications

Education:

• Bachelor’s or Master’s degree in computer science, Information systems, or a related field.

Experience:

• 8–12 years of experience in enterprise data architecture, preferably within semiconductor, electronics, or manufacturing domains.

• Preferred experience with Semi industry-specific systems

• Knowledge of semiconductor processes, manufacturing, supply chain, and data-intensive engineering environments.

Technical Skills:

• Must have string expertise in data architecture and modeling (relational, NoSQL)

• Must be proficient in big data and modern data platforms: Databricks, Hadoop

• Understanding with ETL/ELT tools like Informatica or DataStage

• Experience with enterprise reporting tools, Tableau, PowerBI.

• Familiarity with SAP systems and integration strategies.

• Hands-on experience with data governance tools and frameworks. Ex: Informatica, Collibra, Alation

• Familiarity with cloud services (Azure, AWS, or GCP).

• Understanding of AI/ML data workflows

Soft Skills:

• Strong communication and stakeholder management across technical, business and project management teams

• Strategic thinker with hands-on technical execution ability.

• Strong analytical and problem-solving skills.

Preferred Qualifications

• TOGAF, DAMA, or other architecture/data management certifications.

• Certification in data governance, Informatica, Cloud, AI/ML or SAP data tools preferred.

Principle Responsibilities:

Technical Analysis, Design and Development: Analyze requirements and generate solutions to achieve objectives. Lead analysis to identify the best possible solution. Code maintainable, readable, extensible solutions and remediate identified securityvulnerabilities.

Technical Support: Identify and remediate the root causes of problems and incidents. Ensure support staff understand how software works so they can troubleshoot, test, document and train system changes.

Manage Business Relationships:Build working relationships with business owners sufficient to understand their vision, purposes and processes. Collaborate as needed to understand functional and non-functional requirements and priorities.

Qualifications/SkillsRequired:

• 10+ years of overall IT experience in software architecture, design, development, deployment and operations with 4 years of progressive and recent experience in SAP CPQ development, configuration, and integration.
• Hands-on experience in designing and developing IronPython scripts to customize and enhance standard SAP CPQ functionality.
• Hands-on experience with KnockoutJS to customize/build CPQ UI for tailored user experience
• Proficient in SAP CPQ configuration, workflows, APIs to integrate with SAP ECC/S4 and non-SAP systems & data platforms for analytics
• Experience with BTP CPS service for VC and pricing integration with SAP ECC/S4, developing pricing routines in Kyma
• Experience providing technical leadership for software development projects to plan and schedule larger efforts and provide work direction and guidance to others.
• Excellent communication skills to partner with Business & IT stakeholders on business needs and functional requirements, describe the value of proposed solutions to business owners, and keep stakeholders informed about development efforts and solutions being implemented.

• Relational database experience sufficient to write complex queries and scripts.
• Software testing skills sufficient to assure that products meet business needs before promotion to the test environment.
• Experience working in an agile, CI/CD environment with a geographically dispersed team.
• Bachelor’s/Master's degree in computer science or related field

OtherQualifications/Skills:

• SAP CPQ Implementation Certification (available pre-2023)
• Exposure to SAP CX suite of products will be an added advantage

Key strengths of this organization are people with rich industrial experience working with internal customers (business organization) to support IT requirements from requirements to the day-to-day support of Applied Materials engineering business groups globally.

Key roles and responsibilities

• Understanding the customer: This involves conducting continuous research to understand the customer's needs, preferences, and behaviors. This understanding can then be used to shape the business's solution offerings, strategic roadmap and development, and operations strategies.

• Soliciting and acting on customer feedback: This involves regularly gathering feedback from customers and using this feedback to improve the product and the overall customer experience.

• Customer Engagement Management: Negotiate with customers to design solutions to address complex cross functional needs. Identifies BKM’s for integrated solution design and standards; Keeps abreast of technologies in the market and preform technology evaluations, as required. Works with multiple vendors for high quality resources andcompetitiveness

• Define and Execute DevSecOps Strategy & Roadmap Lead the design, implementation, and maintenance of secure infrastructure, ensuring compliance with industry standards and regulations.

• Continuous Improvement: Stay up to date with the latest industry trends and advancements in DevSecOps technology. identify opportunities for optimization and enhancement. Collaborate with vendors, partners, and internal stakeholders to evaluate and implement new features, upgrades, and integrations.

• Plan and manage projects to ensure effective and efficient execution in line with established processes and guidelines and guardrails of scope, timeline, budget, and quality.

Additional Job Details

• Develop a continuous integration and continuous delivery pipeline.

• Continue to evaluate new technologies and update/develop standard practices.

• Design, lead and build an automated deployment toolset and infrastructure including environments, code management, CI and CD process.

• Help define and set best practices for code management, build, deploy and release across multiple teams/products in CI /CD model.

• Work closely with the software development team and other functional groups to develop and provide a robust, flexible, and scalable platform.

• Build, maintain, and scale infrastructure for Production, QA, and Dev environments, Write and maintain infrastructure documentation.

• Support the team in best practices for new service design and development.

• Develop automation to deploy instances quickly and rapidly from hardened images.

• Using monitoring tools to find problems, resolve and/or escalate to development and ensure that we exceed our SLAs.

• Build and manage development and testing environments, assisting developers in debugging application issues using tools.

• Participate in the building of tools and processes to support the infrastructure.

• Operate the platform within our security and privacy guidelines.

• Establish standards, solution, and security frameworks.

• Ability to conduct technical feasibility, design technical solution independently, recommend or suggest preferred technical solution.

• The holistic understanding of DevSecOps Principle and Practices Analyzing, executing, streamlining, and architecting overall, comprehensive, and efficient DevSecOps practices.

• Good understanding on Cloud native offerings and services Security aspects of application and infrastructure

Ideal Candidate

• As a strategic leader, you'll excel in making critical technical decisions, crafting roadmaps and vision that drive the success of ground-breaking projects in application to Software Projects

• Strong understanding of DevSecOps concepts, processes, and best practices.

• Excellent customer engagement and relationship management skills.

• Strong leadership and team management abilities.

• Solid troubleshooting and problem-solving skills.

• Strong communication and presentation skills.

• Ability to work collaboratively with cross-functional teams.

• Proactive and self-motivated with the ability to work independently.

Qualifications

• Proven experience at guiding teams through the orchestration of large, high-impact projects, building large scale distributed systems.

• Proven experience in guiding Software organizations with most significant technical and product challenges.

• Bachelor’s +15 years or master’s +10 years or PhD +10 years or equivalent experience.

• 5-10 years of industrial experience

• 5-10 years of leadership roles related experience