IAM (CyberArk) Engineer

Job Description
Are You Ready to Make It Happen at Mondelēz International?
Join our Mission to Lead the Future of Snacking. Make It Uniquely Yours.
You will serve as a Senior Subject Matter Expert (SME) for CyberArk Privileged Access Management, providing technical leadership and end-to-end ownership of the CyberArk platform. Operating within a Product & Platform operating model, you will be responsible for the design, engineering, operational integrity, and continuous evolution of CyberArk as a secure, scalable enterprise platform that enables the business while reducing cyber risk.
How you will contribute
You will help lead the daily operations, maintenance, and strategic growth of our CyberArk platforms. You will collaborate with internal teams and strategic partners to deliver secure, resilient PAM capabilities aligned with Zero Trust principles and enterprise security standards. You will act as the senior escalation point for complex technical issues, drive platform improvements and automation, and ensure CyberArk is delivered as a reliable, productized security platform across global environments.
What you will bring

• Act as the CyberArk PAM Subject Matter Expert and senior escalation point, providing expert guidance on architecture, advanced configuration, operational best practices, and long-term platform strategy.
• Design, implement, and continuously evolve enterprise-scale CyberArk platforms, including CyberArk Vault, Password Vault Web Access (PVWA), Central Policy Manager (CPM), Privileged Session Manager (PSM), and Endpoint Privilege Manager (EPM).
• Own the health, availability, performance, and security posture of the CyberArk platform, ensuring high availability, scalability, disaster recovery readiness, and secure operations across global environments.
• Define, document, and enforce platform standards, architectural patterns, and guardrails for privileged access across on-prem, cloud, hybrid, and SaaS environments, aligned with Zero Trust and enterprise security architecture principles.
• Operate CyberArk as a productized security platform, contributing to roadmap development, lifecycle management, and continuous improvement initiatives focused on reliability, automation, and user experience.
• Partner with IAM, infrastructure, cloud, application, and DevOps teams to embed PAM capabilities by design into enterprise platforms, applications, and CI/CD pipelines.
• Drive automation and self-service enablement to streamline privileged account onboarding, credential rotation, access approvals, and operational workflows, reducing manual effort and improving time-to-value.
• Lead complex CyberArk integrations with operating systems, databases, enterprise applications, cloud platforms, and DevSecOps toolchains.
• Design, develop, and maintain custom CPM plugins and PSM connectors, leveraging Plugin Generator Utility, CLI tools, scripting, and automation to support advanced and non-standard use cases.
• Implement and govern secure credential management, session isolation, session monitoring, and privileged workflow enforcement across the enterprise.
• Provide senior-level troubleshooting for complex production incidents, performing root cause analysis and driving permanent corrective actions.
• Participate in incident, problem, and change management forums, making risk-based decisions and recommending compensating controls when deviations from standards are required.
• Ensure adherence to SLA and OLA commitments, driving accountability with internal teams and external vendors supporting the CyberArk platform.
• Support audit, compliance, and risk management activities, including the creation, tracking, and remediation of PAM-related findings.
• Mentor and coach junior engineers, elevating platform capability, engineering maturity, and operational excellence across the team.
• Develop and maintain technical documentation, architectural artifacts, standards, and operational runbooks.
• Present PAM strategies, risks, and improvement initiatives to both technical and non-technical stakeholders, influencing enterprise security architecture, Zero Trust adoption, and identity governance decisions.

More about this role
What you need to know about this position:
Skills and Qualifications

• 7+ years of hands-on CyberArk engineering experience in large-scale enterprise environments.
• Deep expertise in CyberArk Vault, PVWA, CPM, PSM, and Endpoint Privilege Manager (EPM), including architecture, deployment, upgrades, and troubleshooting.
• Proven experience designing and implementing custom CPM plugins and PSM connectors, using Plugin Generator Utility, CLI tools, and scripting.
• Strong understanding of privileged access risks, credential management, session security, and Zero Trust security principles.
• Experience integrating CyberArk with infrastructure, applications, databases, cloud platforms (Azure, AWS, GCP), and CI/CD pipelines.
• Experience operating platforms within Agile, DevSecOps, and ITIL-aligned environments.
• Strong analytical, organizational, and problem-solving skills in complex, time-critical environments.
• Excellent written and verbal communication skills, with the ability to influence technical and business stakeholders.

Bonus Points

• CISSP
• CyberArk Certifications
• ITIL 4 Foundations Certification

No Relocation support available
Business Unit Summary
At Mondelēz International, our purpose is to empower people to snack right by offering the right snack, for the right moment, made the right way. That means delivering a broad range of delicious, high-quality snacks that nourish life's moments, made with sustainable ingredients and packaging that consumers can feel good about.
We have a rich portfolio of strong brands globally and locally including many household names such as Oreo, belVita and LU biscuits; Cadbury Dairy Milk, Milka and Toblerone chocolate; Sour Patch Kids candy and Trident gum. We are proud to hold the top position globally in biscuits, chocolate and candy and the second top position in gum.
Our 80,000 makers and bakers are located in more than 80 countries and we sell our products in over 150 countries around the world. Our people are energized for growth and critical to us living our purpose and values. We are a diverse community that can make things happen-and happen fast.
Mondelēz International is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sexual orientation or preference, gender identity, national origin, disability status, protected veteran status, or any other characteristic protected by law.
Job Type
Regular
Software & Applications
Technology & Digital