Product Owner & Head of IAM Privileged Access Management Services

About this Job: Mondelez International is hiring a Product Owner & Head of IAM Privileged Access Management Services

Locations - Fully remote within the United States

Role Overview:

We are seeking a Product Owner & Head of IAM Privileged Access Management Services to lead the strategy, engineering, and lifecycle management of enterprise privileged access and machine identity security platforms within our global Identity and Access Management (IAM) organization. 

Operating within a product operating model, this role owns the Privileged Access Management (PAM) and Non-Human Identity (NHI) security platforms end-to-end, including strategy, roadmap, architecture, engineering delivery, resilience, governance, and security posture management.  

Success in this role requires deep expertise in CyberArk platform architecture, privileged identity governance, credential vaulting, session monitoring, secrets management, and modern identity security models such as just-in-time access and automated machine identity governance. 

Key Responsibilities 

Leadership – IAM Policy, Strategy & Roadmap 

• Own the strategic direction and roadmap for enterprise PAM and NHI platforms, aligned with enterprise Zero Trust, identity security, and cyber defense initiatives. 

• Drive adoption of PAM and NHI capabilities across infrastructure, applications, cloud platforms, and DevOps environments. 

• Manage platform backlog, engineering priorities, and delivery outcomes within the product operating model and agile delivery framework. 

Privileged Access Management Platform Engineering Leadership 

• Lead engineering and operational oversight of the enterprise CyberArk PAM platform. 

• Implement modern privileged access controls including least privilege, just-in-time privilege elevation, and privileged session monitoring. 

• Oversee lifecycle management of the PAM platform including platform upgrades, security patching, monitoring, and disaster recovery capabilities. 

Privileged Identity Governance & Privilege Definition 

• Define enterprise standards for privileged role definitions, privilege boundaries, and administrative access models. 

• Eliminate shared credentials, unmanaged administrative accounts, and standing privileged access. 

• Support periodic privileged access reviews and certifications in collaboration with Identity Governance and Internal Audit teams  

Non-Human Identity (NHI) Security & Governance 

• Establish governance frameworks for non-human identities including service accounts, application identities, API credentials, workload identities, and automation accounts. 

• Secure machine identities used in automation frameworks, DevOps pipelines, and application integrations. 

• Implement automated credential rotation and secrets governance for non-human identities. 

Privileged Access Discovery & Attack Surface Reduction 

• Identify and onboard unmanaged privileged accounts and credentials across infrastructure, applications, and cloud environments. 

• Implement automated discovery and onboarding of privileged identities into the CyberArk platform. 

• Continuously improve visibility of privileged accounts, service identities, and administrative access pathways. 

Cloud Integrations, Hybrid Infrastructure & DevOps Enablement 

• Extend privileged and machine identity security across hybrid environments including on-premise infrastructure, cloud platforms, and SaaS services. 

• Integrate PAM and NHI capabilities with Microsoft Entra ID (PIM) and cloud identity platforms. 

• Implement secrets management capabilities and enable secure integration of privileged and machine identity controls within DevOps and automation workflows. 

Security Posture Management & Identity Threat Protection 

• Partner with the Security Operations Center (SOC) and Cyber Defense teams to detect and respond to identity-based threats. 

• Lead investigations related to privileged credential misuse, identity compromise, or unauthorized administrative activity. 

Audit, Compliance & Regulatory Alignment 

• Partner with Internal Audit, Risk, and Compliance teams to ensure PAM and NHI controls align with enterprise governance frameworks. 

• Ensure platform capabilities support SOX compliance and regulatory requirements. 

• Maintain auditable privileged access governance and monitoring capabilities. 

Automation, Platform Resilience & DevSecOps 

• Drive automation initiatives across privileged access workflows, credential lifecycle management, and machine identity governance. 

• Enable DevSecOps teams to securely manage secrets, credentials, and elevated access used in development pipelines. 

• Improve platform resilience through proactive monitoring, reliability engineering, and disaster recovery planning. 

Cross-Functional IAM Collaboration 

• Partner with cybersecurity, infrastructure engineering, cloud platform teams, and enterprise architecture to align privileged and machine identity controls with enterprise security architecture. 

• Support integration of PAM and NHI capabilities with identity governance platforms, authentication services, and security monitoring solutions. 

Required Qualifications 

Education & Experience 

• Bachelor’s degree in computer science, Cybersecurity, or related field 

• 15+ years of experience in Identity and Access Management. 

• 10+ years of proven experience implementing and managing enterprise Privileged Access Management platforms such as CyberArk. 

• Experience managing non-human identities including service accounts, application identities, and machine credentials. 

• Experience securing privileged access across enterprise infrastructure, cloud platforms, and application environments. 

• Experience operating identity security platforms in global enterprise environments. 

Leadership & Product Experience 

• Experience operating within a product operating model, including ownership of platform roadmaps and engineering delivery outcomes. 

• Ability to lead engineering teams while collaborating effectively with security, infrastructure, and application engineering stakeholders. 

• Strong communication skills with the ability to engage both technical teams and executive leadership. 

• Experience mentoring and developing technical teams. 

Certifications (Preferred) 

• CyberArk certifications (Defender, Sentry, Guardian) 

• CISSP, CISM, CCSP, or equivalent cybersecurity certifications 

• Microsoft security or identity certifications 

Travel: Periodic travel (up to 10%) may be necessary for key meetings, conferences, or team collaboration