Product Owner & Head of IAM Privileged Access Management Services

Job Description
Are You Ready to Make It Happen at Mondelēz International?
Join our Mission to Lead the Future of Snacking. Make It Uniquely Yours.
About this Job: Mondelez International is hiring a Product Owner & Head of IAM Privileged Access Management Services
Locations - Fully remote within the United States
Role Overview:
We are seeking a Product Owner & Head of IAM Privileged Access Management Services to lead the strategy, engineering, and lifecycle management of enterprise privileged access and machine identity security platforms within our global Identity and Access Management (IAM) organization.
Operating within a product operating model, this role owns the Privileged Access Management (PAM) and Non-Human Identity (NHI) security platforms end-to-end, including strategy, roadmap, architecture, engineering delivery, resilience, governance, and security posture management.
Success in this role requires deep expertise in CyberArk platform architecture, privileged identity governance, credential vaulting, session monitoring, secrets management, and modern identity security models such as just-in-time access and automated machine identity governance.
Key Responsibilities
Leadership - IAM Policy, Strategy & Roadmap

• Own the strategic direction and roadmap for enterprise PAM and NHI platforms, aligned with enterprise Zero Trust, identity security, and cyber defense initiatives.

• Drive adoption of PAM and NHI capabilities across infrastructure, applications, cloud platforms, and DevOps environments.

• Manage platform backlog, engineering priorities, and delivery outcomes within the product operating model and agile delivery framework.

Privileged Access Management Platform Engineering Leadership

• Lead engineering and operational oversight of the enterprise CyberArk PAM platform.

• Implement modern privileged access controls including least privilege, just-in-time privilege elevation, and privileged session monitoring.

• Oversee lifecycle management of the PAM platform including platform upgrades, security patching, monitoring, and disaster recovery capabilities.

Privileged Identity Governance & Privilege Definition

• Define enterprise standards for privileged role definitions, privilege boundaries, and administrative access models.

• Eliminate shared credentials, unmanaged administrative accounts, and standing privileged access.

• Support periodic privileged access reviews and certifications in collaboration with Identity Governance and Internal Audit teams

Non-Human Identity (NHI) Security & Governance

• Establish governance frameworks for non-human identities including service accounts, application identities, API credentials, workload identities, and automation accounts.

• Secure machine identities used in automation frameworks, DevOps pipelines, and application integrations.

• Implement automated credential rotation and secrets governance for non-human identities.

Privileged Access Discovery & Attack Surface Reduction

• Identify and onboard unmanaged privileged accounts and credentials across infrastructure, applications, and cloud environments.

• Implement automated discovery and onboarding of privileged identities into the CyberArk platform.

• Continuously improve visibility of privileged accounts, service identities, and administrative access pathways.

Cloud Integrations, Hybrid Infrastructure & DevOps Enablement

• Extend privileged and machine identity security across hybrid environments including on-premise infrastructure, cloud platforms, and SaaS services.

• Integrate PAM and NHI capabilities with Microsoft Entra ID (PIM) and cloud identity platforms.

• Implement secrets management capabilities and enable secure integration of privileged and machine identity controls within DevOps and automation workflows.

Security Posture Management & Identity Threat Protection

• Partner with the Security Operations Center (SOC) and Cyber Defense teams to detect and respond to identity-based threats.

• Lead investigations related to privileged credential misuse, identity compromise, or unauthorized administrative activity.

Audit, Compliance & Regulatory Alignment

• Partner with Internal Audit, Risk, and Compliance teams to ensure PAM and NHI controls align with enterprise governance frameworks.

• Ensure platform capabilities support SOX compliance and regulatory requirements.

• Maintain auditable privileged access governance and monitoring capabilities.

Automation, Platform Resilience & DevSecOps

• Drive automation initiatives across privileged access workflows, credential lifecycle management, and machine identity governance.

• Enable DevSecOps teams to securely manage secrets, credentials, and elevated access used in development pipelines.

• Improve platform resilience through proactive monitoring, reliability engineering, and disaster recovery planning.

Cross-Functional IAM Collaboration

• Partner with cybersecurity, infrastructure engineering, cloud platform teams, and enterprise architecture to align privileged and machine identity controls with enterprise security architecture.

• Support integration of PAM and NHI capabilities with identity governance platforms, authentication services, and security monitoring solutions.

Required Qualifications
Education & Experience

• Bachelor's degree in computer science, Cybersecurity, or related field

• 15+ years of experience in Identity and Access Management.

• 10+ years of proven experience implementing and managing enterprise Privileged Access Management platforms such as CyberArk.

• Experience managing non-human identities including service accounts, application identities, and machine credentials.

• Experience securing privileged access across enterprise infrastructure, cloud platforms, and application environments.

• Experience operating identity security platforms in global enterprise environments.

Leadership & Product Experience

• Experience operating within a product operating model, including ownership of platform roadmaps and engineering delivery outcomes.

• Ability to lead engineering teams while collaborating effectively with security, infrastructure, and application engineering stakeholders.

• Strong communication skills with the ability to engage both technical teams and executive leadership.

• Experience mentoring and developing technical teams.

Certifications (Preferred)

• CyberArk certifications (Defender, Sentry, Guardian)

• CISSP, CISM, CCSP, or equivalent cybersecurity certifications

• Microsoft security or identity certifications

Travel: Periodic travel (up to 10%) may be necessary for key meetings, conferences, or team collaboration
Salary and Benefits:
The base salary range for this position is $140,300 to $192,940; the exact salary depends on several factors such as experience, skills, education and location. In addition to base salary, this position is eligible for participation in a highly competitive bonus program with possibility for overachievement based on performance and company results. In addition, Mondelez International offers the following benefits: health insurance, wellness and family support programs, life and disability insurance, retirement savings plans, paid leave programs, education related programs, paid holidays and vacation time. Some of these benefits have eligibility requirements. Many of these benefits are subsidized or fully paid for by the company.
No Relocation support available
Business Unit Summary
The United States is the largest market in the Mondelēz International family with a significant employee and manufacturing footprint. Here, weproduce our well-loved household favorites to provide our consumers with the right snack, at the right moment, made the right way. We have corporate offices, sales, manufacturing and distribution locations throughout the U.S. to ensure our iconic brands-including Oreo and Chips Ahoy! cookies, Ritz, Wheat Thins and Triscuit crackers, and Swedish Fish and Sour Patch Kids confectionery products -are close at hand for our consumers across the country.
Mondelēz Global LLC is an Equal Opportunity Employer/Protected Veterans/Persons with Disabilities. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, protected Veteran status, sexual orientation, gender identity, gender expression, genetic information, or any other characteristic protected by law. Applicants who require accommodation to participate in the job application process may contact 847-943-5460 for assistance.
For more information about your Federal rights, please see eeopost.pdf; EEO is the Law Poster Supplement; Pay Transparency Nondiscrimination Provision; Know Your Rights: Workplace Discrimination is Illegal
Job Type
Regular
Information Security
Technology & Digital