Associate Manager, IT - Privileged Access Management
About The Position
Here at Kraft Heinz, we grow our people to grow our business, because we believe that great people make great companies. When you join our table, you can expect access to an array of holistic wellness benefits and perks, DCPP, VRSP, and TFSA, Business Resource Groups (BRGs) to help foster diversity, inclusion and belonging for all employees and an industry-leading total rewards package that emphasizes a high discretionary bonus. Benefits begin immediately upon hire. Get a peek into life here at Kraft Heinz through our Instagram and TikTok channels! Associate Manager, IT - Privileged Access Management at a glance... You will be a key technical lead responsible for the operations and assisting with modernization of the enterprise PAM ecosystem. You will blend strategic oversight with technical execution – driving continuous improvement, automation and integration across CyberArk, Active Directory, Entra ID and related identity security platforms. You will collaborate with internal teams and external partners to strengthen privileged account governance, enforce least privilege models and ensure operational excellence across hybrid and cloud environments.
Requirements
- Years of progressive experience in Identity Security inclusive of leading PAM initiatives
- Technical knowledge of CyberArk (Core PAS, CPM, PSM, PTA, CPM plug ins, REST APIs and Alero), with a good understanding of Entra ID and AD integration
- Experience implementing PAM for servers, applications, DevOps pipelines and cloud workloads.
- An understanding of privileged session management, vault architecture, API integrations and connector configurations.
- Proficient in some scripting and automation using PowerShell, REST API, Python or equivalent.
- Solid knowledge of identity security frameworks, least privilege enforcement and Zero Trust access models.
- Demonstrated ability to communicate complex technical issues to non-technical stakeholders and drive alignment across teams.
Responsibilities
- Assist with the end to end management of the enterprise PAM platform (CyberArk, Alero, etc), ensuring secure onboarding, vaulting and lifecycle management of privileged credentials.
- Define, implement and continuously refine PAM policies, workflows and controls aligned with enterprise IAM standards and Zero Trust principles.
- In conjunction with other stakeholders, conduct assessments to identify privileged account risks and misconfigurations and drive remediation through automation or process redesign.
- Oversee integration of PAM with Active Directory, Entra ID, SIEM, EDR and ITSM tools to enable end to end visibility and enforcement of least privilege.
- Manage PAM health, performance and upgrades, monitoring vault replication, session management, connectors and API integrations to ensure system reliability.
- Partner with architecture, sec ops and infrastructure teams to embed PAM controls into DevOps pipelines, server builds and cloud workloads.
- Develop and maintain automation scripts (Python, REST API, PowerShell etc.) to streamline onboarding, access review and reporting processes.
Benefits
- DCPP
- VRSP
- TFSA
- Business Resource Groups (BRGs)
- Industry-leading total rewards package
- High discretionary bonus
- Holistic wellness benefits and perks
- Affordable access to healthcare, protection, and saving for the future
- Medical
- Prescription Drug
- Dental
- Vision
- Screenings/Assessments
- Paid Time Off
- Company Holidays
- Leave of Absence
- Flexible Work Arrangements
- Recognition
- Training
- Employee Family Assistance Program
- Wellbeing Programs
- Family Support Programs
- Savings/Pension
- Life
- Accidental Death & Dismemberment
- Disability
- Discounted Perks
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Manager
Education Level
No Education Listed
