Lead - IAM Platform Architecture & Engineering

Job Description
Are You Ready to Make It Happen at Mondelēz International?
Join our Mission to Lead the Future of Snacking. Make It Uniquely Yours.
About this Job
Mondelez International is hiring a Senior Manager - IAM Platform Lead (Privileged Access & Non-Human Identity Security)
Location: Fully remote within the United States
Role Overview
We are seeking a Senior Manager - Lead IAM Architecture & Engineering to define and lead the identity security architecture across workforce, partner, application, and machine identities. This role establishes the technical foundations for identity trust, authentication, authorization, and access governance across enterprise systems, cloud platforms, SaaS services, and operational technology environments.
The Principal IAM Architect will design scalable identity trust architectures and access control frameworks that secure enterprise access to applications, infrastructure, APIs, and digital platforms. This role defines identity standards, architecture patterns, and integration frameworks enabling secure access while aligning with Zero Trust security architecture and enterprise cybersecurity strategy.
The architect partners with IAM platform engineering teams to ensure that authentication services, identity governance, privileged access, and machine identity systems operate as a cohesive identity security fabric across the enterprise.
Key Responsibilities
Identity Security Architecture & Trust Frameworks

• Define and evolve the enterprise identity security architecture and identity trust model.

• Design identity architectures supporting workforce, external, privileged, and machine identities across hybrid and cloud environments.

• Establish identity trust boundaries, authentication flows, and authorization models across enterprise systems.

• Define enterprise identity policy enforcement models supporting Zero Trust access architectures.

• Design identity federation architectures using SAML, OAuth2, OpenID Connect, and token-based identity frameworks.

• Define identity trust relationships across enterprise identity providers, SaaS platforms, partner ecosystems, and external identity providers.

• Establish identity session management, token security, and authentication lifecycle standards.

• Define enterprise access control models including RBAC, ABAC, and policy-based authorization.

• Design identity policy enforcement patterns using centralized policy engines and identity-aware access controls.

• Define access policies supporting risk-based authentication and contextual access controls.

• Design security architecture for non-human identities including service accounts, application identities, API credentials, and workload identities.

• Define identity models supporting microservices, containers, APIs, and cloud-native workloads.

• Reduce enterprise identity attack surface through automated identity lifecycle and least-privilege access controls.

• Design identity architectures supporting multi-cloud environments, SaaS ecosystems, and modern application platforms.

• Define architecture supporting B2B partner access and B2C external identity models.

• Enable identity-driven access control across enterprise applications, APIs, and digital services.

• Define architecture supporting identity threat detection and identity risk monitoring.

• Integrate identity platforms with security operations monitoring and threat detection frameworks.

• Design controls to detect and mitigate credential compromise, privilege escalation, and anomalous authentication activity.

• Establish identity telemetry patterns enabling identity-based security analytics.

• Define enterprise identity architecture standards, design principles, and technical reference patterns.

• Lead architecture governance for IAM integrations across enterprise applications, cloud platforms, and infrastructure services.

• Conduct architectural reviews of identity integrations and authentication models for new systems.

• Provide technical guidance to engineering teams implementing IAM services and integrations.

Identity Innovation & Technology Strategy

• Evaluate emerging identity technologies including:

• passwordless authentication

• identity threat detection

• decentralized identity

• machine identity security

• Guide enterprise adoption of new identity capabilities aligned with security architecture strategy.

• Contribute to the evolution of the enterprise identity technology roadmap.

More about this role
Required Qualifications

• 15+ years of experience in Identity and Access Management architecture, identity security engineering.

• Deep expertise in:

• authentication architectures

• identity federation and trust protocols

• identity governance frameworks

• privileged access security

• machine identity and workload identity models

• Strong experience designing IAM architectures for cloud-native, SaaS, and hybrid enterprise environments.

• Deep knowledge of identity protocols including SAML, OAuth2, OpenID Connect, and token-based authentication frameworks.

• Experience implementing Zero Trust identity security architectures.

Preferred Certifications

• CISSP or equivalent cybersecurity certification

• Microsoft Identity / Azure security certifications

• IAM-specific certifications

Travel: Periodic travel (up to 10%) may be necessary for key meetings, conferences, or team collaboration
Salary and Benefits:
The base salary range for this position is $140,300 to $192,940; the exact salary depends on several factors such as experience, skills, education and location. In addition to base salary, this position is eligible for participation in a highly competitive bonus program with possibility for overachievement based on performance and company results. In addition, Mondelez International offers the following benefits: health insurance, wellness and family support programs, life and disability insurance, retirement savings plans, paid leave programs, education related programs, paid holidays and vacation time. Some of these benefits have eligibility requirements. Many of these benefits are subsidized or fully paid for by the company.
No Relocation support available
Business Unit Summary
The United States is the largest market in the Mondelēz International family with a significant employee and manufacturing footprint. Here, weproduce our well-loved household favorites to provide our consumers with the right snack, at the right moment, made the right way. We have corporate offices, sales, manufacturing and distribution locations throughout the U.S. to ensure our iconic brands-including Oreo and Chips Ahoy! cookies, Ritz, Wheat Thins and Triscuit crackers, and Swedish Fish and Sour Patch Kids confectionery products -are close at hand for our consumers across the country.
Mondelēz Global LLC is an Equal Opportunity Employer/Protected Veterans/Persons with Disabilities. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, protected Veteran status, sexual orientation, gender identity, gender expression, genetic information, or any other characteristic protected by law. Applicants who require accommodation to participate in the job application process may contact 847-943-5460 for assistance.
For more information about your Federal rights, please see eeopost.pdf; EEO is the Law Poster Supplement; Pay Transparency Nondiscrimination Provision; Know Your Rights: Workplace Discrimination is Illegal
Job Type
Regular
Information Security
Technology & Digital