Engineer - Privileged Access Management
The Big Picture
Sysco LABS is the Global In-House Center of Sysco Corporation (NYSE: SYY), the world’s largest foodservice company. Sysco ranks 56th in the Fortune 500 list and is the global leader in the trillion-dollar foodservice industry.
Sysco employs over 75,000 associates, has 337 smart distribution facilities worldwide and over 14,000 IoT-enabled trucks serving 730,000 customer locations. For fiscal year 2025 that ended June 29, 2025, the company generated sales of more than $81.4 billion.
Sysco LABS Sri Lanka delivers the technology that powers Sysco’s end-to-end operations. Sysco LABS’ enterprise technology is present in the end-to-end foodservice journey, enabling the sourcing of food products, merchandising, storage and warehouse operations, order placement and pricing algorithms, the delivery of food and supplies to Sysco’s global network and the in-restaurant dining experience of the end-customer.
The Opportunity
Sysco is looking for a skilled, self-motivated enterprising Engineer - Privileged Access Management to join our global Cybersecurity Team. In this role, you will be a part of a team of engineers to support Sysco’s enterprise-wide Privileged Access Management (PAM) infrastructure, ensuring secure access for over 80,000 global users. You will implement and manage Privileged Accounts (human and non-human identities) for Privileged users and applications using PAM solutions (CyberArk, HashiCorp) provide professional guidance on privileged access, key management, digital certificates, and API’s. This role operates as a team player collaborating with other team members to contribute towards building our world-class Cybersecurity Organization.
Sysco invites motivated and forward-thinking candidates to apply for this pivotal role within our organization. Join us in leading the way in identity governance and play a crucial part in the security and efficiency of our operations. This is a highly visible Cybersecurity role where you will be a part of Sysco’s rapid transformation through mergers and acquisitions into a global industry leader. This is an individual contributor role.
This is a hybrid remote and office-based role, aligning with the local job requirement guidelines (Primary shift: [7:30 PM-3:30 AM SLST, 9:00 AM-5:00 PM CDT] with flexibility). This role may require working in a shift rotation to offer global on-call coverage. Most work is performed Monday through Friday virtually using collaboration tools and video conferencing. You’ll be part of a high-performing, security-driven team that values innovation, delivery excellence, and continuous learning.
Responsibilities:
Planning, Designing and implementing PAM solutions at global enterprise
Providing recommendations for Sysco’s corporate and international infrastructure and security requirements to determine the best approach for PAM implementation and operation
Collaborating with cross-functional teams (e.g. Cyber, networking, Compliance, Audit, End User Technology) across geographic locations to define the scope, timelines, and deliverables of the implementation project
Configuring and customizing PAM components to meet the organization's specific needs and requirements
Conducting testing and troubleshooting to ensure the successful deployment and operation of PAM solutions across Sysco enterprise
Collaborating with application owners and stakeholders to understand their privileged account requirements and onboard applications onto the PAM platform
Defining and enforcing access controls and policies for privileged accounts within the PAM solution
Providing world-class customer service to Sysco’s internal customers responding to incidence management (ServiceNow) through troubleshooting
Requirements:
A Bachelor’s Degree in Computer Science, Information Systems, Engineering, or a related field; or equivalent work experience
An advanced degree or IAM-related certifications
Overall, 2 to 3+ years of experience in the IT industry with minimum 1-2 years in Privileged Access Management (PAM)
Extensive Hands-On experience in end-to-end implementation, configuration, and administration of privileged access management (PAM) solutions such as CyberArk Vault, CyberArk Workforce Password Management (WPM) CyberArk End Point Manager (EPM) and/or HashiCorp Vault
Knowledge of Cybersecurity principles, best practices and NIST standards, with focus on securing privileged access, key management, human and machine identities, Infrastructure as Code (e.g. Terraform)
Strong experience in Incident management using Tools like ServiceNow
Hands-on experience in integration of privileged management solutions (CyberArk Vault) with technologies such as Active Directory, SAML, SMTP, NTP
Familiarity with SailPoint and SIEM Tools (Datadog, MS Sentinel, HP ArcSight) to support integration with CyberArk Vault
Strong understanding of Cloud technologies AWS/Azure/GCP infrastructure
Excellent oral and written communication skills, with the ability to engage with stakeholders across the global workforce
Overall, 2 to 3+ years of experience in IT industry with minimum 1-2+ years in CyberArk Tools (Vault, CONJUR, EPM) and Hashi Vault
Certifications in Cyber Security
Proficiency with authentication and authorization protocols including SAML, OIDC, OAuth2, WS-Fed, Kerberos, and NTLM
Incident management using Tools like ServiceNow, monitoring Tools like Datadog and MS Sentinel
PowerShell, Python, REST API for automation in CyberArk Vault tasks, reporting etc.
Experience with CyberArk Vault (On-Prem and SaaS) supporting global enterprises
Knowledge of CyberArk Workforce Password Management (WPM) and CyberArk End Point Manager (EPM), CyberArk CONJUR solutions.
Experience using HashiCorp Vault, Terraform and DevOps Tools (Kubernetes, Jenkins etc.).
Experience with integration of privileged management solutions (CyberArk Vault) with tools such as Active Directory, AWS/Azure/GCP, SAML, SMTP, NTP.
Secrets management using Tools like Hashi Corp Vault, AWS Secrets Manager.
Benefits:
US dollar-linked compensation
Performance-based annual bonus
Performance rewards and recognition
Agile Benefits - special allowances for Health, Wellness & Academic purposes
Entertainment allowance
Team engagement allowance
Comprehensive Health & Life Insurance Cover - extendable to parents and in-laws
Overseas travel opportunities and exposure to client environments
Hybrid work arrangement
Sysco LABS is an Equal Opportunity Employer.
Top Skills
What We Do
Sysco focuses on distribution of food products to restaurants, hotels, and other hospitality businesses.
