Senior Technical Lead - Identity and Access Management

Senior Technical Lead - Identity and Access Management The Big Picture Sysco LABS is the Global In-House Center of Sysco Corporation (NYSE: SYY), the world’s largest foodservice company. Sysco ranks 56th in the Fortune 500 list and is the global leader in the trillion-dollar foodservice industry. Sysco employs over 75,000 associates, has 337 smart distribution facilities worldwide and over 14,000 IoT-enabled trucks serving 730,000 customer locations. For fiscal year 2025 that ended June 29, 2025, the company generated sales of more than $81.4 billion. Sysco LABS Sri Lanka delivers the technology that powers Sysco’s end-to-end operations. Sysco LABS’ enterprise technology is present in the end-to-end foodservice journey, enabling the sourcing of food products, merchandising, storage and warehouse operations, order placement and pricing algorithms, the delivery of food and supplies to Sysco’s global network and the in-restaurant dining experience of the end-customer. The Opportunity The Senior Technical Lead - Identity and Access Management is responsible for designing, implementing, and managing advanced identity protection capabilities within Microsoft Entra to strengthen Sysco’s enterprise security posture. This role provides technical leadership in authentication, access management, and incident resolution for hybrid identity environments. The position collaborates with enterprise architecture, cybersecurity, and business teams to deliver scalable, secure, and user-friendly solutions while mentoring junior team members. This role may occasionally require working outside regular shift hours to support critical incidents, escalations, or global coverage needs. This is an individual contributor role. This is a hybrid remote and office-based role in Sri Lanka, aligning with the local job requirement guidelines (Primary shift: [2:00 PM-10:00 PM SLST, 3:30 AM-11:30 AM CDT] with flexibility). Most work is performed Monday through Friday virtually, using collaboration tools and video conferencing. Our team has occasional on-call support. You’ll be part of a high-performing, security-driven team that values innovation, delivery excellence, and continuous learning. Responsibilities: Engineering, deploying, and managing identity protection controls in Microsoft Entra and Okta Troubleshooting complex authentication and hybrid identity issues (SAML, OIDC, OAuth2, WS-Fed, Kerberos, NTLM) Developing and maintaining security policies, processes, and monitoring frameworks aligned with Sysco standards Partnering with enterprise and cyber architecture teams to guide M&A onboarding and secure application integrations Automating identity lifecycle operations using PowerShell and Microsoft Graph API Leading proof-of-concept initiatives and pilots to evaluate emerging technologies for large-scale adoption Building and delivering dashboards and metrics on MFA adoption, device compliance, SSPR registration, and risky sign-ins Mentoring and coaching junior engineers to build operational readiness Requirements: A Bachelor's Degree in Computer Science, Information Systems, or a related field; or equivalent practical experience Advanced degree or IAM-related certifications Excellent troubleshooting and problem-solving skills in enterprise-scale identity environments 8+ years in IAM or cybersecurity with expertise in Microsoft Entra ID Strong PowerShell and Microsoft Graph API scripting for automation Expertise with YubiKey for phishing-resistant MFA and certificate-based authentication Familiarity with Okta and cross-platform identity integrations Experience in large enterprises (100k+ users) Certifications such as Microsoft SC-300, SC-100, or CISSP Excellent oral and written communication skills with the ability to engage senior stakeholders across the enterprise Familiarity with endpoint management (Intune, Workspace One) Benefits: US dollar-linked compensation Performance-based annual bonus Performance rewards and recognition Agile Benefits - special allowances for Health, Wellness & Academic purposes Entertainment allowance Team engagement allowance Comprehensive Health & Life Insurance Cover - extendable to parents and in-laws Overseas travel opportunities and exposure to client environments Hybrid work arrangement Sysco LABS is an Equal Opportunity Employer.