Manager, IT – Privileged Access Management
Kraft Heinz
full-time
Posted on:
Location Type: Hybrid
Location: Chicago • Illinois • 🇺🇸 United States
Visit company websiteSalary
💰 $102,100 - $127,600 per year
Job Level
Mid-LevelSenior
Tech Stack
CloudITSMPythonVault
About the role
- Lead the end-to-end management of the enterprise PAM platform (CyberArk, Alero, etc), ensuring secure onboarding, vaulting and lifecycle management of privileged credentials
- Define, implement and continuously refine PAM policies, workflows and controls aligned with enterprise IAM standards and Zero Trust principles
- Conduct regular assessments to identify privileged account risks and misconfigurations and drive remediation through automation or process redesign
- Oversee integration of PAM with Active Directory, Entra ID, SIEM, EDR and ITSM tools to enable end to end visibility and enforcement of least privilege
- Manage PAM health, performance and upgrades, monitoring vault replication, session management, connectors and API integrations to ensure system reliability
- Partner with architecture, sec ops and infrastructure teams to embed PAM controls into DevOps pipelines, server builds and cloud workloads
- Develop and maintain automation scripts (Python, REST API, PowerShell etc.) to streamline onboarding, access review and reporting processes
- Participate in audits, compliance reviews and IR activities related to privileged access, providing detailed technical insights and evidence
- Drive future state PAM roadmap – including passwordless access, JIT privilege elevation and identity threat detection integrations
Requirements
- I have progressive experience in Identity Security or Infrastructure Security with at least 5+ years leading PAM initiatives
- I have deep technical knowledge of CyberArk (Core PAS, CPM, PSM, PTA, CPM plug ins, REST APIs and Alero), with strong understanding of Entra ID and AD integration
- I have proven experience implementing PAM for servers, applications, DevOps pipelines and cloud workloads
- I have a strong understanding of privileged session management, vault architecture, API integrations and connector configurations
- I have proficiency in some scripting and automation using PowerShell, REST API, Python or equivalent
- I have solid knowledge of identity security frameworks, least privilege enforcement and Zero Trust access models
- I have a demonstrated ability to communicate complex technical issues to non-technical stakeholders and drive alignment across teams.
Benefits
- Coverage for employees (and their eligible dependents) through affordable access to healthcare
- protection and saving for the future
- plans tailored to meet you and your family’s needs
- Wellbeing: We offer events, resources, and learning opportunities that inspire a physical, social, emotional, and financial well-being lifestyle for our employees and their families
- You’ll be able to participate in a variety of benefits and wellbeing programs that may vary by role, country, region, union status, and other employment status factors
- Physical - Medical, Prescription Drug, Dental, Vision, Screenings/Assessments
- Social - Paid Time Off, Company Holidays, Leave of Absence, Flexible Work Arrangements, Recognition, Training
- Emotional – Employee Family Assistance Program, Wellbeing Programs, Family Support Programs
- Financial -Savings/Pension, Life, Accidental Death & Dismemberment, Disability, Discounted Perks
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard skills
CyberArkAleroPythonREST APIPowerShellprivileged session managementvault architectureAPI integrationsconnector configurationsautomation
Soft skills
communicationalignmentleadership