Manager, IT - Privileged Access Management

Job Description
Here at Kraft Heinz, we grow our people to grow our business, because we believe that great people make great companies. When you join our table, you can expect access to an array of holistic wellness benefits* and perks, DCPP, VRSP, and TFSA, Business Resource Groups (BRGs) to help foster diversity, inclusion and belonging for all employees and an industry-leading total rewards package that emphasizes a high discretionary bonus.
*Benefits begin immediately upon hire.
Get a peek into life here at Kraft Heinz through our Instagram and TikTok channels!
Manager, IT - Privileged Access Management at a glance...
You will be a key technical leader responsible for the overall design, operations and modernization of the enterprise PAM ecosystem. You will blend strategic oversight with deep technical execution - driving continuous improvement, automation and integration across CyberArk, Active Directory, Entra ID and related identity security platforms. You will collaborate with internal teams and external partners to strengthen privileged account governance, enforce least privilege models and ensure operational excellence across hybrid and cloud environments.
What's on the menu?

• Lead the end-to-end management of the enterprise PAM platform (CyberArk, Alero, etc), ensuring secure onboarding, vaulting and lifecycle management of privileged credentials.
• Define, implement and continuously refine PAM policies, workflows and controls aligned with enterprise IAM standards and Zero Trust principles.
• Conduct regular assessments to identify privileged account risks and misconfigurations and drive remediation through automation or process redesign.
• Oversee integration of PAM with Active Directory, Entra ID, SIEM, EDR and ITSM tools to enable end to end visibility and enforcement of least privilege.
• Manage PAM health, performance and upgrades, monitoring vault replication, session management, connectors and API integrations to ensure system reliability.
• Partner with architecture, sec ops and infrastructure teams to embed PAM controls into DevOps pipelines, server builds and cloud workloads.
• Develop and maintain automation scripts (Python, REST API, PowerShell etc.) to streamline onboarding, access review and reporting processes.
• Participate in audits, compliance reviews and IR activities related to privileged access, providing detailed technical insights and evidence.
• Drive future state PAM roadmap - including passwordless access, JIT privilege elevation and identity threat detection integrations.

Recipe for Success - apply now if this sounds like you!

• I have progressive experience in Identity Security or Infrastructure Security with at least 5+ years leading PAM initiatives
• I have deep technical knowledge of CyberArk (Core PAS, CPM, PSM, PTA, CPM plug ins, REST APIs and Alero), with strong understanding of Entra ID and AD integration
• I have proven experience implementing PAM for servers, applications, DevOps pipelines and clod workloads.
• I have a strong understanding of privileged session management, vault architecture, API integrations and connector configurations.
• I have proficiency in some scripting and automation using PowerShell, REST API, Python or equivalent.
• I have solid knowledge of identity security frameworks, least privilege enforcement and Zero Trust access models.
• I have a demonstrated ability to communicate complex technical issues to non-technical stakeholders and drive alignment across teams.

Our Total Rewards philosophy is to provide a meaningful and flexible spectrum of programs that equitably support our diverse workforce and their families and complement Kraft Heinz' strategy and values.
New Hire Base Salary Range:
$102,100.00 - $127,600.00
Bonus: This position is eligible for a performance-based bonus as provided by the plan terms and governing documents.
The compensation offered will take into account internal equity and may vary depending on the candidate's geographic region, job-related knowledge, skills, and experience among other factors
Benefits: Coverage for employees (and their eligible dependents) through affordable access to healthcare, protection, and saving for the future, we offer plans tailored to meet you and your family's needs. Coverage for benefits will be in accordance with the terms and conditions of the applicable plans and associated governing plan documents.
Wellbeing: We offer events, resources, and learning opportunities that inspire a physical, social, emotional, and financial well-being lifestyle for our employees and their families.
You'll be able to participate in a variety of benefits and wellbeing programs that may vary by role, country, region, union status, and other employment status factors, for example:

• Physical - Medical, Prescription Drug, Dental, Vision, Screenings/Assessments
• Social - Paid Time Off, Company Holidays, Leave of Absence, Flexible Work Arrangements, Recognition, Training
• Emotional - Employee Family Assistance Program, Wellbeing Programs, Family Support Programs
• Financial -Savings/Pension, Life, Accidental Death & Dismemberment, Disability, Discounted Perks

Location(s)
Chicago/Aon Center, Toronto - Queen's Quay - Headquarters
Kraft Heinz is an Equal Opportunity Employer - Underrepresented Ethnic Minority Groups/Women/Veterans/Individuals with Disabilities/Sexual Orientation/Gender Identity and other protected classes. In order to ensure reasonable accommodation for protected individuals, applicants that require accommodation in the job application process may contact [email protected] for assistance.