Product Lead - IAM Directory Services & Certificate Management
Mondelēz International
13d•Remote
About The Position
Mondelez International is hiring a Senior Manager – IAM Product Lead (Directory Services & Certificate Lifecycle Management) Locations - Remote in the United States Role Overview: We are seeking a Senior Manager – IAM Product Lead (Directory Services & Certificate Lifecycle Management) to lead the strategy, engineering, and lifecycle management of enterprise directory and machine identity platforms within our global Identity and Access Management (IAM) organization. Operating within a product operating model, this role owns the Directory Services and Certificate Lifecycle Management platforms end-to-end, including strategy, roadmap, architecture, engineering delivery, resilience, and governance. The role leads the operation and modernization of a global multi-domain, multi-forest identity environment spanning Active Directory, Microsoft Entra ID, and cloud identity integrations, while overseeing the enterprise certificate lifecycle management program. This position plays a critical role in strengthening the organization’s identity security posture by reducing the technical attack surface, securing hybrid identity platforms across on-premise and cloud environments, and advancing automation through scripting and modern DevSecOps practices. Success in this role requires deep expertise in identity security architecture, Infrastructure as Code (IaC), and end-to-end certificate lifecycle management.
Requirements
- Bachelor’s degree in Computer Science, Cybersecurity, or a related field
- 15+ years of experience in Identity and Access Management, Directory Services, Identity Infrastructure
- 10+ years of experience leading engineering teams or platform ownership roles in IAM or identity infrastructure domains.
- Proven experience operating and modernizing large-scale Active Directory environments, including multi-domain and multi-forest architectures.
- Experience managing hybrid identity platforms integrating Active Directory and Microsoft Entra ID.
- Hands-on experience implementing Certificate Lifecycle Management (CLM) or PKI platforms, such as Venafi or equivalent solutions.
- Experience supporting identity platforms in global enterprise environments.
- Experience operating within a product operating model, including ownership of platform roadmaps and delivery outcomes.
- Ability to lead engineering teams while collaborating effectively with security, infrastructure, and application engineering stakeholders.
- Ability to communicate effectively with both technical teams and senior leadership.
- Ability to drive complex identity transformations in large enterprise environments.
- Passionate about automation, security, and operational excellence.
- Self-driven, organized, and comfortable operating in a hybrid, fast-paced environment.
Nice To Haves
- Microsoft Identity and Azure certifications
- CISSP, CISM, CCSP, or equivalent security certifications
- PKI or certificate management related certifications (Venafi preferred)
Responsibilities
- Own the strategic direction and roadmap for enterprise Directory Services and Certificate Lifecycle Management platforms within the IAM product portfolio.
- Define and drive multi-year platform strategy aligned with enterprise Zero Trust, identity security, and hybrid cloud transformation initiatives.
- Translate enterprise IAM policies and security standards into directory, machine identity, and certificate governance frameworks.
- Lead platform lifecycle management, including modernization initiatives such as directory consolidation, hybrid identity adoption, and machine identity governance improvements.
- Manage platform backlog, priorities, and engineering delivery in alignment with the product operating model and agile delivery practices.
- Partner with IAM leadership to ensure directory and certificate platforms support broader identity governance, authentication, and privileged access strategies.
- Lead engineering and operational oversight of the enterprise directory services infrastructure, including Active Directory multi-domain and multi-forest environments.
- Ensure reliability, scalability, and security of enterprise directory infrastructure including domain controllers, replication topology, DNS integration, and group policy architecture.
- Establish engineering standards for directory architecture, operational stability, and platform resilience.
- Oversee platform lifecycle management including patching, upgrades, monitoring, and disaster recovery planning.
- Manage the enterprise PKI ecosystem, ensuring secure certificate issuance, validation, renewal, and revocation processes.
- Lead hybrid identity architecture integrating Active Directory with Microsoft Entra ID and cloud identity services.
- Oversee identity synchronization, federation, and identity lifecycle processes across on-premise and cloud environments.
- Partner with cloud engineering teams to enable secure identity integration for enterprise applications, SaaS platforms, and cloud infrastructure.
- Enable application and DevOps teams with secure identity and certificate services required for modern development pipelines.
- Lead the enterprise machine identity and certificate lifecycle management program, including governance of Venafi or equivalent CLM platforms.
- Maintain centralized governance and inventory of machine identities and certificates across infrastructure, applications, APIs, and network devices.
- Reduce operational and security risks related to certificate expiration, unmanaged certificates, and machine identity sprawl.
- Integrate certificate lifecycle management capabilities into enterprise infrastructure and DevOps pipelines.
- Oversee integration and secure operation of Hardware Security Modules (HSMs) used for certificate authority and cryptographic key protection.
- Strengthen the security posture of identity infrastructure platforms, including Active Directory, Entra ID, and PKI services.
- Partner with the Security Operations Center (SOC) and cyber defense teams to monitor and respond to identity-related threats and anomalies.
- Establish monitoring and alerting for identity infrastructure anomalies, suspicious authentication activity, and potential directory compromise scenarios.
- Respond to and lead investigations involving identity compromise, privilege escalation, and misconfiguration.
- Drive automation initiatives across directory services, identity infrastructure, and certificate lifecycle management platforms.
- Implement Infrastructure as Code (IaC), scripting frameworks, and API-driven automation for identity infrastructure provisioning and management.
- Lead the adoption of DevSecOps practices to improve operational efficiency and platform security.
- Improve platform resilience through proactive monitoring, reliability engineering, and disaster recovery planning.
- Partner with enterprise architecture, cybersecurity, infrastructure, and cloud engineering teams to align identity services with enterprise technology strategy.
- Support integration of directory and certificate services with enterprise IAM platforms and identity governance solutions.
- Provide subject matter expertise to application teams on identity infrastructure, certificate management, and secure authentication integrations.
- Represent directory services and machine identity platforms in enterprise security reviews, architecture boards, and transformation initiatives.
Benefits
- health insurance
- wellness and family support programs
- life and disability insurance
- retirement savings plans
- paid leave programs
- education related programs
- paid holidays and vacation time
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
Upload and Match Resume
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Job Search Resources
Similar Product Lead - IAM Directory Services & Certificate Management job opportunities
Explore More Jobs
