Technical Lead - Privileged Access Management

Job Description

Technical Lead - Privileged Access Management 

The Big Picture

Sysco LABS is the Global In-House Center of Sysco Corporation (NYSE: SYY), the world’s largest foodservice company. Sysco ranks 56th in the Fortune 500 list and is the global leader in the trillion-dollar foodservice industry.  

Sysco employs over 75,000 associates, has 337 smart distribution facilities worldwide and over 14,000 IoT-enabled trucks serving 730,000 customer locations. For fiscal year 2025 that ended June 29, 2025, the company generated sales of more than $81.4 billion.   

Sysco LABS Sri Lanka delivers the technology that powers Sysco’s end-to-end operations.     

Sysco LABS’ enterprise technology is present in the end-to-end foodservice journey, enabling the sourcing of food products, merchandising, storage and warehouse operations, order placement and pricing algorithms, the delivery of food and supplies to Sysco’s global network and the in-restaurant dining experience of the end-customer. 

The Opportunity

​​​Sysco is looking for a skilled, self-motivated enterprising Technical Lead - Privileged Access Management to join our global Cybersecurity Team. In this role, you will be a part of a team of engineers to support Sysco’s enterprise-wide Privileged Access Management (PAM) infrastructure, ensuring secure access for over 80,000 global users. You will implement and manage Privileged Accounts (human and non-human identities) for Privileged users and applications using PAM solutions (CyberArk, HashiCorp) to provide expert guidance on privileged access, key management, digital certificates, and APIs. This role operates as a team player collaborating with other team members to contribute towards building our world-class Cybersecurity Organization.   

​Sysco invites motivated and forward-thinking candidates to apply for this pivotal role within our organization. Join us in leading the way in identity governance and play a crucial part in the security and efficiency of our operations. This is a highly visible Cybersecurity role where you will be a part of Sysco’s rapid transformation through mergers and acquisitions into a global industry leader.​ ​This is an ​​individual contributor​ role. 

​​This is a hybrid remote and office-based role, aligning with the local job requirement guidelines (Primary shift: [7:30 PM-3:30 AM SLST, 9:00 AM-5:00 PM CDT] with flexibility). ​It may require working in a shift rotation to offer global on-call coverage. Most work is performed Monday to Friday virtually using collaboration tools and video conferencing. You’ll be part of a high-performing, security-driven team that values innovation, delivery excellence, and continuous learning. ​ ​ ​ 

Responsibilities:

• ​​Planning, Designing and implementing PAM solutions at global enterprise​ 
• ​​Providing recommendations for Sysco’s corporate and international infrastructure and security requirements to determine the best approach for PAM implementation and operation 
• ​​Collaborating with cross-functional teams (e.g. Cyber, networking, Compliance, Audit, End User Technology) across geographic locations to define the scope, timelines, and deliverables of the implementation project 
• ​​Configuring and customizing PAM components to meet the organization's specific needs and requirements 
• ​​Conducting testing and troubleshooting to ensure the successful deployment and operation of PAM solutions across Sysco enterprise​ 
• ​​Collaborating with application owners and stakeholders to understand their privileged account requirements and onboard applications onto the PAM platform 
• ​​Defining and enforcing access controls and policies for privileged accounts within the PAM solution 
• ​​Providing world-class customer service to Sysco’s internal customers responding to incidence management (ServiceNow) through troubleshooting​ 

Requirements:

• ​A ​​​Bachelor’s Degree in Computer Science, Information Systems, Engineering, or a related field; or equivalent work experience 
• ​​​Overall, 5 to 7 years of experience in the IT industry with a minimum of 3-5 years in Privileged Access Management (PAM) with experience in CyberArk Tools (Vault, CONJUR, EPM) and Hashi Vault​ 
• ​Extensive Hands-On experience in end-to-end implementation, configuration, and administration of privileged access management (PAM) solutions such as CyberArk Vault, CyberArk Workforce Password Management (WPM) CyberArk End Point Manager (EPM) and/or HashiCorp Vault 
• ​Knowledge of Cybersecurity principles, best practices and NIST standards, with focus on securing privileged access, key management, human and machine identities, Infrastructure as Code (e.g. Terraform) 
• ​Strong experience in Incident management using Tools like ServiceNow 
• ​Hands-on experience in integration of privileged management solutions (CyberArk Vault) with technologies such as Active Directory, SAML, SMTP and NTP 
• ​Familiarity with SailPoint and SIEM Tools (Datadog, MS Sentinel, HP ArcSight) to support integration with CyberArk Vault 
• ​Strong understanding of Cloud technologies AWS/Azure/GCP infrastructure 
• ​Excellent oral and written communication skills, with the ability to engage with stakeholders across the global workforce 
• ​​Certifications in Cyber Security​ 
• ​Incident management using Tools like ServiceNow, monitoring Tools like Datadog and MS Sentinel 
• ​Proficiency with authentication and authorization protocols including SAML, OIDC, OAuth2, WS-Fed, Kerberos, and NTLM 
• ​PowerShell, Python, REST API for automation in CyberArk Vault tasks, reporting etc.  
• ​CyberArk Vault (On-Prem and SaaS) supporting global enterprises 
• ​CyberArk Workforce Password Management (WPM) and CyberArk End Point Manager (EPM), CyberArk CONJUR solutions 
• ​HashiCorp Vault, Terraform, Dev Ops Tools (Kubernetes, Jenkins etc.) 
• ​Integration of privileged management solutions (CyberArk Vault) with tools such as Active Directory, AWS/Azure/GCP, SAML, SMTP and NTP 
• ​Secrets management using Tools like Hashi Corp Vault, AWS Secrets Manager 
• Performance rewards and recognition 
• Agile Benefits - special allowances for Health, Wellness & Academic purposes 
• Comprehensive Health & Life Insurance Cover - extendable to parents and in-laws 
• Overseas travel opportunities and exposure to client environments 
• Sysco LABS is an Equal Opportunity Employer. 
• ​Secrets management using Tools like Hashi Corp Vault, AWS Secrets Manager 
• Performance rewards and recognition 
• Agile Benefits - special allowances for Health, Wellness & Academic purposes 
• Comprehensive Health & Life Insurance Cover - extendable to parents and in-laws 
• Overseas travel opportunities and exposure to client environments 
• Sysco LABS is an Equal Opportunity Employer. 

Benefits:

• Us Dollar-Linked Compensation

• Performance-Based Annual Bonus

• Entertainment Allowance

• Team Engagement Allowance

• Hybrid Work Arrangement