Product Lead - IAM Privileged Access & Non-Human Identity Management

About this Job : Mondelez International is hiring aSenior Manager – IAM Platform Lead (Privileged Access & Non-Human Identity Security)

Locations - Fully remote within the United States

Role Overview:

We are seeking aSenior Manager – IAM Platform Lead (Privileged Access & Non-Human Identity Security)to lead the strategy, engineering, and lifecycle management of enterprise privileged access and machine identity security platforms within our global Identity and Access Management (IAM) organization.

Operating within aproduct operating model, this role owns thePrivileged Access Management (PAM) and Non-Human Identity (NHI) security platforms end-to-end, including strategy, roadmap, architecture, engineering delivery, resilience, governance, and security posture management.

Success in this role requires deepexpertiseinCyberArk platform architecture, privileged identity governance, credential vaulting, session monitoring, secrets management, and modern identity security models such as just-in-time access and automated machine identity governance.

Key Responsibilities

Leadership – IAM Policy, Strategy & Roadmap

• Own the strategic direction and roadmap for enterprisePAM and NHI platforms,aligned with enterprise Zero Trust, identity security, and cyber defense initiatives.

• Drive adoption of PAM and NHI capabilities across infrastructure, applications, cloud platforms, and DevOps environments.

• Manage platform backlog, engineering priorities, and delivery outcomes within the product operating model and agile delivery framework.

Privileged Access Management Platform Engineering Leadership

• Lead engineering and operational oversight of the enterprise CyberArk PAM platform.

• Implement modern privileged access controls including least privilege, just-in-time privilege elevation, and privileged session monitoring.

• Oversee lifecycle management of the PAM platform including platform upgrades, security patching, monitoring, and disaster recovery capabilities.

Privileged Identity Governance & Privilege Definition

• Define enterprise standards for privileged role definitions, privilege boundaries, and administrative access models.

• Eliminateshared credentials, unmanaged administrative accounts,and standingprivileged access.

• Support periodic privileged access reviews and certifications in collaboration with Identity Governance and Internal Audit teams

Non-Human Identity (NHI) Security & Governance

• Establish governance frameworks for non-human identities including service accounts, application identities, API credentials, workload identities, and automation accounts.

• Secure machine identities used in automation frameworks, DevOps pipelines, and application integrations.

• Implement automated credential rotation andsecretsgovernance for non-human identities.

Privileged Access Discovery & Attack Surface Reduction

• Identifyand onboard unmanaged privileged accounts and credentials across infrastructure, applications, and cloud environments.

• Implement automated discovery and onboarding of privileged identities into the CyberArk platform.

• Continuously improve visibility of privileged accounts, service identities, and administrative access pathways.

Cloud Integrations, Hybrid Infrastructure & DevOps Enablement

• Extend privileged and machine identity security across hybrid environments includingon-premiseinfrastructure, cloud platforms, and SaaS services.

• Integrate PAM and NHI capabilities with Microsoft Entra ID(PIM)and cloud identity platforms.

• Implement secrets management capabilitiesand enable secure integration of privileged and machine identity controls within DevOps and automation workflows.

Security Posture Management & Identity Threat Protection

• Partner with the Security Operations Center (SOC) and Cyber Defense teams to detect and respond to identity-based threats.

• Lead investigations related to privileged credential misuse, identity compromise, or unauthorized administrative activity.

Audit, Compliance & Regulatory Alignment

• Partner with Internal Audit, Risk, and Compliance teams to ensure PAM and NHI controls align with enterprise governance frameworks.

• Ensure platform capabilities support SOX compliance and regulatory requirements.

• Maintain auditable privileged access governance and monitoring capabilities.

Automation, Platform Resilience &DevSecOps

• Drive automation initiatives across privileged access workflows, credential lifecycle management, and machine identity governance.

• EnableDevSecOpsteams to securely manage secrets, credentials, and elevated access used in development pipelines.

• Improve platform resilience through proactive monitoring, reliability engineering, and disaster recovery planning.

Cross-Functional IAM Collaboration

• Partner with cybersecurity, infrastructure engineering, cloud platform teams, and enterprise architecture to align privileged and machine identity controls with enterprise security architecture.

• Support integration of PAM and NHI capabilities with identity governance platforms, authentication services, and security monitoring solutions.

Required Qualifications

Education & Experience

• Bachelor’s degree in computer science, Cybersecurity, or related field

• 15+ years of experience in Identity and Access Management.

• 10+ yearsof proven experience implementing and managing enterprise Privileged Access Management platforms such as CyberArk.

• Experience managing non-human identities including service accounts, application identities, and machine credentials.

• Experience securing privileged access across enterprise infrastructure, cloud platforms, and application environments.

• Experience operating identity security platforms in global enterprise environments.

Leadership & Product Experience

• Experienceoperatingwithin a product operating model, including ownership of platform roadmaps and engineering delivery outcomes.

• Ability to lead engineering teams while collaborating effectively with security, infrastructure, andapplicationengineering stakeholders.

• Strong communicationskills with the ability to engage both technical teams and executive leadership.

• Experience mentoring and developing technical teams.

Certifications (Preferred)

• CyberArk certifications (Defender, Sentry, Guardian)

• CISSP, CISM, CCSP, or equivalent cybersecurity certifications

• Microsoft security or identity certifications

Travel: Periodic travel (up to 10%) may be necessary for key meetings, conferences, or team collaboration