This description is a summary of our understanding of the job description. Click on 'Apply' button to find out more.

Role Description

We are seeking a Senior Manager – Lead IAM Architecture & Engineering to define and lead the identity security architecture across workforce, partner, application, and machine identities. This role establishes the technical foundations for identity trust, authentication, authorization, and access governance across enterprise systems, cloud platforms, SaaS services, and operational technology environments.

The Principal IAM Architect will design scalable identity trust architectures and access control frameworks that secure enterprise access to applications, infrastructure, APIs, and digital platforms. This role defines identity standards, architecture patterns, and integration frameworks enabling secure access while aligning with Zero Trust security architecture and enterprise cybersecurity strategy.

The architect partners with IAM platform engineering teams to ensure that authentication services, identity governance, privileged access, and machine identity systems operate as a cohesive identity security fabric across the enterprise.

Key Responsibilities

• Define and evolve the enterprise identity security architecture and identity trust model.
• Design identity architectures supporting workforce, external, privileged, and machine identities across hybrid and cloud environments.
• Establish identity trust boundaries, authentication flows, and authorization models across enterprise systems.
• Define enterprise identity policy enforcement models supporting Zero Trust access architectures.
• Design identity federation architectures using SAML, OAuth2, OpenID Connect, and token-based identity frameworks.
• Define identity trust relationships across enterprise identity providers, SaaS platforms, partner ecosystems, and external identity providers.
• Establish identity session management, token security, and authentication lifecycle standards.
• Define enterprise access control models including RBAC, ABAC, and policy-based authorization.
• Design identity policy enforcement patterns using centralized policy engines and identity-aware access controls.
• Define access policies supporting risk-based authentication and contextual access controls.
• Design security architecture for non-human identities including service accounts, application identities, API credentials, and workload identities.
• Define identity models supporting microservices, containers, APIs, and cloud-native workloads.
• Reduce enterprise identity attack surface through automated identity lifecycle and least-privilege access controls.
• Design identity architectures supporting multi-cloud environments, SaaS ecosystems, and modern application platforms.
• Define architecture supporting B2B partner access and B2C external identity models.
• Enable identity-driven access control across enterprise applications, APIs, and digital services.
• Define architecture supporting identity threat detection and identity risk monitoring.
• Integrate identity platforms with security operations monitoring and threat detection frameworks.
• Design controls to detect and mitigate credential compromise, privilege escalation, and anomalous authentication activity.
• Establish identity telemetry patterns enabling identity-based security analytics.
• Define enterprise identity architecture standards, design principles, and technical reference patterns.
• Lead architecture governance for IAM integrations across enterprise applications, cloud platforms, and infrastructure services.
• Conduct architectural reviews of identity integrations and authentication models for new systems.
• Provide technical guidance to engineering teams implementing IAM services and integrations.

Qualifications

• 15+ years of experience in Identity and Access Management architecture, identity security engineering.
• Deep expertise in authentication architectures, identity federation and trust protocols, identity governance frameworks, privileged access security, and machine identity and workload identity models.
• Strong experience designing IAM architectures for cloud-native, SaaS, and hybrid enterprise environments.
• Deep knowledge of identity protocols including SAML, OAuth2, OpenID Connect, and token-based authentication frameworks.
• Experience implementing Zero Trust identity security architectures.

Preferred Certifications

• CISSP or equivalent cybersecurity certification
• Microsoft Identity / Azure security certifications
• IAM-specific certifications

Travel

• Periodic travel (up to 10%) may be necessary for key meetings, conferences, or team collaboration.

Salary and Benefits

• The base salary range for this position is $140,300 to $192,940; the exact salary depends on several factors such as experience, skills, education, and location.
• This position is eligible for participation in a highly competitive bonus program with the possibility for overachievement based on performance and company results.
• Mondelez International offers the following benefits: health insurance, wellness and family support programs, life and disability insurance, retirement savings plans, paid leave programs, education-related programs, paid holidays, and vacation time.
• Some of these benefits have eligibility requirements. Many of these benefits are subsidized or fully paid for by the company.

Company Description

The United States is the largest market in the Mondelēz International family with a significant employee and manufacturing footprint. Here, we produce our well-loved household favorites to provide our consumers with the right snack, at the right moment, made the right way.

We have corporate offices, sales, manufacturing, and distribution locations throughout the U.S. to ensure our iconic brands—including Oreo and Chips Ahoy! cookies, Ritz, Wheat Thins and Triscuit crackers, and Swedish Fish and Sour Patch Kids confectionery products —are close at hand for our consumers across the country.

Mondelēz Global LLC is an Equal Opportunity Employer/Protected Veterans/Persons with Disabilities. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, protected Veteran status, sexual orientation, gender identity, gender expression, genetic information, or any other characteristic protected by law.

Applicants who require accommodation to participate in the job application process may contact 847-943-5460 for assistance.