Job Description

Are You Ready to Make It Happen at Mondelēz International?

Join our Mission to Lead the Future of Snacking. Make It Uniquely Yours.

You will serve as a senior technical expert for Mondelēz International’s Ping Identity Access Platform, acting as a hands-on subject matter expert across PingFederate, PingID MFA, and Ping Directory. In this role, you will design, operate, and evolve a secure, scalable authentication and federation platform that enables seamless access across the enterprise. Operating within a Product & Platform operating model, you will balance day-to-day operational excellence with long-term platform health, resiliency, and modernization. You will lead complex integrations and legacy migrations, provide technical leadership during major incidents, and continuously enhance the platform to align with Zero Trust principles, security best practices, and business needs.

How you will contribute

You will collaborate closely with Engineering, architecture, security, and application teams to deliver a reliable and resilient identity platform at global scale. Your work will focus on platform stability, secure-by-design integrations, continuous improvement, and automation, while ensuring the Ping platform evolves as a strategic enterprise capability rather than a collection of point solutions. You will take ownership of platform enhancements, global changes, and operational outcomes, ensuring the Ping ecosystem consistently meets performance, availability, and security expectations.

What you will bring

• Act as subject matter expert (SME) for PingFederate, PingID MFA, and Ping Directory, providing hands-on technical leadership for complex integrations, legacy migrations, and platform enhancements.
• Perform day-to-day technical operations and execution for PingFederate, PingID MFA, and Ping Directory services.
• Design, implement, and maintain SAML, OAuth 2.0, and OpenID Connect (OIDC) integrations to enable secure Single Sign-On (SSO) across enterprise applications.
• Support new application onboarding, including:
  • Configuration and maintenance of SP/IdP connections and authentication adapters (HTML Form, LDAP, MFA, Kerberos, custom adapters).
  • Authentication policy design, selectors, contract mappings, and claim transformations.
  • Certificate lifecycle management (signing and encryption certificates, trust stores).
  • Validation of user attributes and claims.
• Serve as a senior escalation point for critical, high-severity authentication and SSO incidents, ensuring rapid stabilization and clear root-cause resolution.
• Monitor, analyze, and troubleshoot Ping platform health, availability, and performance, including:
  • Deep troubleshooting of SAML, OAuth 2.0, OIDC, and WS-Fed flows.
  • JVM analysis (thread dumps, heap dumps, memory utilization, performance bottlenecks).
  • Log and metric analysis across PingFederate, PingID, and Ping Directory.
  • Coordination with Ping Identity support for complex defects and product issues.
• Collaborate with application and IT teams to integrate secure, user-friendly SSO and MFA into core enterprise platforms.
• Provide operational support for SSO, MFA, and directory services, including:
  • Monitoring service availability and performance.
  • Supporting HA/DR architectures, clustering, and load balancing.
  • Executing approved configuration changes and service restarts.
  • Supporting upgrades, hotfixes, and emergency patches with pre- and post-deployment validation.
• Design and implement advanced OAuth capabilities, including token exchange, fine-grained scopes, and JWT customization.
• Drive continuous improvement through automation of recurring operational tasks and enhancement of platform reliability and scalability.
• Mentor and coach junior team members, sharing knowledge and strengthening overall team capability.
• Present identity and security concepts, platform roadmaps, and improvement initiatives to technical and non-technical audiences.
• Partner with stakeholders to define security requirements based on risk analysis, architectural standards, and industry best practices.
• Support compliance activities, including audit evidence collection, access reviews, and remediation of IAM-related findings.
• Prioritize and balance workload based on severity, risk, and delivery timelines.
• Make informed, risk-based recommendations when deviations from standards are required, including defining compensating controls.
• Participate actively in problem, change, and release management forums, including:
  • Root cause analysis (RCA) of recurring issues.
  • Definition of permanent fixes and preventive controls.
  • Creation and maintenance of knowledge base articles, SOPs, and runbooks.
  • Investigation of security incidents and anomalous authentication behavior.
• Drive vendor accountability and ensure SLA/OLA adherence for contracted support services.
• Define and maintain monitoring, alerting, and observability standards for the Ping platform.
• Maintain high-quality technical documentation, including:
  • Architecture and integration diagrams
  • Platform standards and design patterns
  • Operational runbooks and support procedures

More about this role

What you need to know about this position:

 

Skills and Qualifications

• 7+ years of hands-on experience implementing and operating PingFederate, PingID MFA, and Ping Directory.
• Strong technical leadership with deep, hands-on expertise in PingFederate and PingID MFA.
• Experience with Active Directory and/or Microsoft Entra ID (Azure AD) preferred.
• Strong understanding of authentication, federation, MFA, and directory services.
• Solid knowledge of certificate lifecycle management, SSL/TLS, and cryptographic fundamentals.
• Expertise in IAM protocols and standards: SAML, OAuth 2.0, OpenID Connect, SCIM.
• Proficiency in scripting or programming for automation and integrations (e.g., PowerShell, Java, C#).
• Experience with cloud IAM platforms (Azure, AWS, Google Cloud).
• Familiarity with Agile, DevSecOps, and ITIL practices.
• Excellent written and verbal communication skills, with the ability to influence diverse stakeholders.
• Strong interpersonal skills with a customer-centric mindset.
• Proven ability to perform in high-pressure, time-critical situations.
• Strong analytical, organizational, and problem-solving skills.
• Ability to thrive in a fast-paced environment with shifting priorities.
• Commitment to continuous learning and professional development.

Bonus Points

• ISC2 certifications like CISSP, CCSP
• Ping Certifications
• ITIL 4 Foundations Certification
• Other IAM products certifications

No Relocation support available

Business Unit Summary

At Mondelēz International, our purpose is to empower people to snack right by offering the right snack, for the right moment, made the right way. That means delivering a broad range of delicious, high-quality snacks that nourish life's moments, made with sustainable ingredients and packaging that consumers can feel good about.

We have a rich portfolio of strong brands globally and locally including many household names such as Oreo, belVita and LU biscuits; Cadbury Dairy Milk, Milka and Toblerone chocolate; Sour Patch Kids candy and Trident gum. We are proud to hold the top position globally in biscuits, chocolate and candy and the second top position in gum.

Our 80,000 makers and bakers are located in more than 80 countries and we sell our products in over 150 countries around the world. Our people are energized for growth and critical to us living our purpose and values. We are a diverse community that can make things happen—and happen fast.

Mondelēz International is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sexual orientation or preference, gender identity, national origin, disability status, protected veteran status, or any other characteristic protected by law.

Job Type

Regular

Information Security

Technology & Digital