採用

Technical Lead - Privileged Access Management

Sysco

Sysco LABS - Sri Lanka

On-site

Full-time

5d ago

JOB DESCRIPTION

Technical Lead

Privileged Access Management

The Big Picture

Sysco LABS is the Global In-House Center of Sysco Corporation (NYSE: SYY), the world’s largest foodservice company. Sysco ranks 56th in the Fortune 500 list and is the global leader in the trillion-dollar foodservice industry.

Sysco employs over 75,000 associates, has 337 smart distribution facilities worldwide and over 14,000 IoT-enabled trucks serving 730,000 customer locations. For fiscal year 2025 that ended June 29, 2025, the company generated sales of more than $81.4 billion.

Sysco LABS Sri Lanka delivers the technology that powers Sysco’s end-to-end operations.

Sysco LABS’ enterprise technology is present in the end-to-end foodservice journey, enabling the sourcing of food products, merchandising, storage and warehouse operations, order placement and pricing algorithms, the delivery of food and supplies to Sysco’s global network and the in-restaurant dining experience of the end-customer.

The Opportunity

Sysco is looking for a skilled, self-motivated enterprising Technical Lead

Privileged Access Management to join our global Cybersecurity Team. In this role, you will be a part of a team of engineers to support Sysco’s enterprise-wide Privileged Access Management (PAM) infrastructure, ensuring secure access for over 80,000 global users. You will implement and manage Privileged Accounts (human and non-human identities) for Privileged users and applications using PAM solutions (Cyber Ark, Hashi Corp) to provide expert guidance on privileged access, key management, digital certificates, and APIs. This role operates as a team player collaborating with other team members to contribute towards building our world-class Cybersecurity Organization.

Sysco invites motivated and forward-thinking candidates to apply for this pivotal role within our organization. Join us in leading the way in identity governance and play a crucial part in the security and efficiency of our operations. This is a highly visible Cybersecurity role where you will be a part of Sysco’s rapid transformation through mergers and acquisitions into a global industry leader. This is an individual contributor role.

This is a hybrid remote and office-based role, aligning with the local job requirement guidelines (Primary shift: 7:30 PM-3:30 AM SLST, 9:00 AM-5:00 PM CDT with flexibility). It may require working in a shift rotation to offer global on-call coverage. Most work is performed Monday to Friday virtually using collaboration tools and video conferencing. You’ll be part of a high-performing, security-driven team that values innovation, delivery excellence, and continuous learning.

Responsibilities:

Planning, Designing and implementing PAM solutions at global enterprise
Providing recommendations for Sysco’s corporate and international infrastructure and security requirements to determine the best approach for PAM implementation and operation
Collaborating with cross-functional teams (e.g. Cyber, networking, Compliance, Audit, End User Technology) across geographic locations to define the scope, timelines, and deliverables of the implementation project
Configuring and customizing PAM components to meet the organization's specific needs and requirements
Conducting testing and troubleshooting to ensure the successful deployment and operation of PAM solutions across Sysco enterprise
Collaborating with application owners and stakeholders to understand their privileged account requirements and onboard applications onto the PAM platform
Defining and enforcing access controls and policies for privileged accounts within the PAM solution
Providing world-class customer service to Sysco’s internal customers responding to incidence management (Service Now) through troubleshooting

Requirements:

A Bachelor’s Degree in Computer Science, Information Systems, Engineering, or a related field; or equivalent work experience
Overall, 5 to 7 years of experience in the IT industry with a minimum of 3-5 years in Privileged Access Management (PAM) with experience in Cyber Ark Tools (Vault, CONJUR, EPM) and Hashi Vault
Extensive Hands-On experience in end-to-end implementation, configuration, and administration of privileged access management (PAM) solutions such as Cyber Ark Vault, Cyber Ark Workforce Password Management (WPM) Cyber Ark End Point Manager (EPM) and/or Hashi Corp Vault
Knowledge of Cybersecurity principles, best practices and NIST standards, with focus on securing privileged access, key management, human and machine identities, Infrastructure as Code (e.g. Terraform)
Strong experience in Incident management using Tools like Service Now
Hands-on experience in integration of privileged management solutions (Cyber Ark Vault) with technologies such as Active Directory, SAML, SMTP and NTP
Familiarity with Sail Point and SIEM Tools (Datadog, MS Sentinel, HP Arc Sight) to support integration with Cyber Ark Vault
Strong understanding of Cloud technologies AWS/Azure/GCP infrastructure
Excellent oral and written communication skills, with the ability to engage with stakeholders across the global workforce
Certifications in Cyber Security
Incident management using Tools like Service Now, monitoring Tools like Datadog and MS Sentinel
Proficiency with authentication and authorization protocols including SAML, OIDC, OAuth2, WS-Fed, Kerberos, and NTLM
PowerShell, Python, REST API for automation in Cyber Ark Vault tasks, reporting etc.
Cyber Ark Vault (On-Prem and SaaS) supporting global enterprises
Cyber Ark Workforce Password Management (WPM) and Cyber Ark End Point Manager (EPM), Cyber Ark CONJUR solutions
Hashi Corp Vault, Terraform, Dev Ops Tools (Kubernetes, Jenkins etc.)
Integration of privileged management solutions (Cyber Ark Vault) with tools such as Active Directory, AWS/Azure/GCP, SAML, SMTP and NTP
Secrets management using Tools like Hashi Corp Vault, AWS Secrets Manager