Senior Technical Lead - Privileged Access Management

Senior Technical Lead - Privileged Access ManagementThe Big PictureSysco LABS is the Global In-House Center of Sysco Corporation (NYSE: SYY), the world’s largest foodservice company. Sysco ranks 56th in the Fortune 500 list and is the global leader in the trillion-dollar foodservice industry.Sysco employs over 75,000 associates, has 337 smart distribution facilities worldwide and over 14,000 IoT-enabled trucks serving 730,000 customer locations. For fiscal year 2025 that ended June 29, 2025, the company generated sales of more than $81.4 billion.Sysco LABS Sri Lanka delivers the technology that powers Sysco’s end-to-end operations. Sysco LABS’ enterprise technology is present in the end-to-end foodservice journey, enabling the sourcing of food products, merchandising, storage and warehouse operations, order placement and pricing algorithms, the delivery of food and supplies to Sysco’s global network and the in-restaurant dining experience of the end-customer.The OpportunitySysco is looking for a highly skilled, self-motivated enterprising Senior Technical Lead - Privileged Access Management to join our global Cybersecurity Team. In this role, you will lead a team of engineers to support Sysco’s enterprise-wide Privileged Access Management (PAM) infrastructure, ensuring secure access for over 80,000 global users. You will plan, architect, implement, and manage Privileged Accounts (human and non-human identities) for Privileged users and applications using PAM solutions (CyberArk, HashiCorp) provide expert guidance on privileged access, key management, digital certificates, and APIs This role operates as a team player collaborating with other team members to contribute towards building our world-class Cybersecurity Organization.Sysco invites motivated and forward-thinking candidates to apply for this pivotal role within our organization. Join us in leading the way in identity governance and play a crucial part in the security and efficiency of our operations. This is a highly visible Cybersecurity role where you will be a part of Sysco’s rapid transformation through mergers and acquisitions into a global industry leader. This is an individual contributor role.This is a hybrid remote and office-based role, aligning with the local job requirement guidelines (Primary shift: [2:00 PM-10:00 PM SLST, 3:30 AM-11:30 AM CDT] with flexibility). This role may require a shift rotation to offer global on-call coverage. Most work is performed Monday through Friday virtually using collaboration tools and video conferencing. You’ll be part of a high-performing, security-driven team that values innovation, delivery excellence, and continuous learning.Responsibilities:Planning, Designing and implementing PAM solutions at global enterpriseProviding recommendations for Sysco’s corporate and international infrastructure and security requirements to determine the best approach for PAM implementation and operationCollaborating with cross-functional teams (e.g. Cyber, networking, Compliance, Audit, End User Technology) across geographic locations to define the scope, timelines, and deliverables of the implementation projectConfiguring and customizing PAM components to meet the organization's specific needs and requirementsLeading the architecture design for privileged access management (PAM) solution for customersReviewing functional and non-functional requirements, applying architecture acceptance criteria, and producing artifacts describing the logical and physical design of solutions scaled for the enterpriseActing as a technical leader of the PAM team, mentor and coach team members, fostering a culture of continuous learningProviding world-class customer service to Sysco’s internal customers responding to incidence management (Service Now) through troubleshootingRequirements: A Bachelor’s Degree in Computer Science, Information Systems, Engineering, or a related field; or equivalent work experienceA Master’s Degree in Information Technology, Cybersecurity, or a related disciplineOverall 8 to 10+ years of experience in the IT industry with a minimum of 5 to 6 years in Privileged Access Management (PAM)Extensive experience in end-to-end implementation, configuration, and administration of privileged access management (PAM) solutions such as CyberArk Vault, CyberArk Workforce Password Management (WPM) CyberArk End Point Manager (EPM) and HashiCorp VaultStrong Knowledge of Cybersecurity principles, best practices and NIST standards, with focus on securing privileged access, key management, human and machine identities, Infrastructure as Code (e.g. Terraform)Expert level knowledge of privileged access management concepts, best practices and Zero Trust principlesFamiliarity with SailPoint to implement and support CyberArk-SailPoint Integration using SCIM (System for cross-domain Identity Management) protocolThe person should have exposure knowledge of CyberArk integration with SIEM Tools (Datadog, MS Sentinel, HP ArcSight)Excellent oral and written communication skills, with the ability to engage with stakeholders across a global workforceCertifications in Cyber Security, CyberArk Vault and CISSPIncident Management experience using tools like Service Now, monitoring Tools like Datadog and MS SentinelProficiency with authentication and authorization protocols including SAML, OIDC, OAuth2, WS-Fed, Kerberos, and NTLMPowerShell, Python, REST API for automation in CyberArk Vault tasks, reporting etc.Knowledge of CyberArk Vault (On-Prem and SaaS) supporting global enterprisesKnowledge of CyberArk Workforce Password Management (WPM) and CyberArk End Point Manager (EPM), CyberArk CONJUR solutionsExperience with HashiCorp Vault, Terraform and DevOps Tools (Kubernetes, Jenkins etc.)Experience with the integration of privileged management solutions (CyberArk Vault) with tools such as Active Directory, AWS/Azure/GCP, SAML, SMTP and NTPSecrets management using Tools like Hashi Corp Vault, AWS Secrets ManagerBenefits:US dollar-linked compensationPerformance-based annual bonusPerformance rewards and recognitionAgile Benefits - special allowances for Health, Wellness & Academic purposesEntertainment allowanceTeam engagement allowanceComprehensive Health & Life Insurance Cover - extendable to parents and in-lawsOverseas travel opportunities and exposure to client environmentsHybrid work arrangementSysco LABS is an Equal Opportunity Employer.