Lead - IAM Platform Architecture & Engineering

Mondelēz International is hiring a Senior Manager – IAM Platform Lead to define and lead the identity security architecture across various identity types. The role involves designing scalable identity trust architectures and access control frameworks to secure enterprise access across multiple environments.

Responsibilities:

• Define and evolve the enterprise identity security architecture and identity trust model
• Design identity architectures supporting workforce, external, privileged, and machine identities across hybrid and cloud environments
• Establish identity trust boundaries, authentication flows, and authorization models across enterprise systems
• Define enterprise identity policy enforcement models supporting Zero Trust access architectures
• Design identity federation architectures using SAML, OAuth2, OpenID Connect, and token-based identity frameworks
• Define identity trust relationships across enterprise identity providers, SaaS platforms, partner ecosystems, and external identity providers
• Establish identity session management, token security, and authentication lifecycle standards
• Define enterprise access control models including RBAC, ABAC, and policy-based authorization
• Design identity policy enforcement patterns using centralized policy engines and identity-aware access controls
• Define access policies supporting risk-based authentication and contextual access controls
• Design security architecture for non-human identities including service accounts, application identities, API credentials, and workload identities
• Define identity models supporting microservices, containers, APIs, and cloud-native workloads
• Reduce enterprise identity attack surface through automated identity lifecycle and least-privilege access controls
• Design identity architectures supporting multi-cloud environments, SaaS ecosystems, and modern application platforms
• Define architecture supporting B2B partner access and B2C external identity models
• Enable identity-driven access control across enterprise applications, APIs, and digital services
• Define architecture supporting identity threat detection and identity risk monitoring
• Integrate identity platforms with security operations monitoring and threat detection frameworks
• Design controls to detect and mitigate credential compromise, privilege escalation, and anomalous authentication activity
• Establish identity telemetry patterns enabling identity-based security analytics
• Define enterprise identity architecture standards, design principles, and technical reference patterns
• Lead architecture governance for IAM integrations across enterprise applications, cloud platforms, and infrastructure services
• Conduct architectural reviews of identity integrations and authentication models for new systems
• Provide technical guidance to engineering teams implementing IAM services and integrations
• Evaluate emerging identity technologies including: passwordless authentication, identity threat detection, decentralized identity, machine identity security
• Guide enterprise adoption of new identity capabilities aligned with security architecture strategy
• Contribute to the evolution of the enterprise identity technology roadmap

Requirements:

• 15+ years of experience in Identity and Access Management architecture, identity security engineering
• Deep expertise in authentication architectures
• Deep expertise in identity federation and trust protocols
• Deep expertise in identity governance frameworks
• Deep expertise in privileged access security
• Deep expertise in machine identity and workload identity models
• Strong experience designing IAM architectures for cloud-native, SaaS, and hybrid enterprise environments
• Deep knowledge of identity protocols including SAML, OAuth2, OpenID Connect, and token-based authentication frameworks
• Experience implementing Zero Trust identity security architectures
• CISSP or equivalent cybersecurity certification
• Microsoft Identity / Azure security certifications
• IAM-specific certifications