Details:
Job Description
Stefanini Group is seeking a skilled
Cybersecurity PAM Engineer to join our Infrastructure Services Division, within the Cybersecurity Services Tower, with direct-colleagues stretching remotely across North America, Europe and Asia, delivering high end security services to global customers.
The Cybersecurity PAM Engineer is responsible for the design, implementation, operation, and continuous improvement of Privileged Access Management (PAM) capabilities, with a strong focus on secure remote access, least privilege enforcement, and zero-trust access models.
This role will act as a technical authority for PAM solutions, with a
high preference for hands-on experience with
Cyolo solution, supporting both IT and hybrid
IT/OT environments. The engineer will also contribute to architecture decisions, and ensure PAM controls align with security, compliance, and operational requirements.
A commitment to being available for
on-call responsibilities is required to ensure timely response and support when needed.
Job Responsibilities:
- Serve as Cyolo and SRA/PAM Security Subject Matter Expert.
- Lead technical design, workshops and engineering reviews.
- Integrating PAM solutions with SIEM Platforms, SOAR, ITSM, Cloud (Azure, AWS or GCP), DevOps tools and CI/CD pipelines.
- Mentor Juniors & Support Security Operations.
- Key technical activities:
- Secure remote access, deployment and configuration.
- Zero Trust design using Cyolo.
- Application-level access control without network exposure.
- Define access policies aligned with least privilege.
- Integration with identity providers (IdPs).
- Support SOC and operations teams with Cyolo-generated telemetry
- Privileged account lifecycle management.
- Just-in-Time (JIT) and Just-Enough-Access (JEA).
- Privileged session management (PSM).
- Credential vaulting and rotation.
- Service accounts and non-human identities.
- Break-glass and emergency access design.
- Segregation of duties (SoD).
Job Requirements
Details:
- 6+ years of experience in cybersecurity or infrastructure security roles with at least 4+ years of hands-on PAM experience in enterprise environments.
- Experience with the Cyolo solution is strongly preferred.
- Proven experience implementing and operating:
- Privileged user access controls
- Secure remote access solutions
- Least privilege and zero trust access models.
- Experience working across:
- On-prem environments
- Cloud and SaaS platforms
- Hybrid or segmented networks (IT / OT is a strong plus).
- Integration & Automation experience:
- Demonstrated expertise in integrating Privileged Access Management (PAM) solutions with SIEM platforms, SOAR, ITSM systems, and cloud environments (Azure, AWS, or GCP), as well as with DevOps tools and CI/CD pipelines.
- PowerShell and/or Python scripting.
- Understanding of REST APIs.
- Experience with automating account onboarding, credential rotation, access reviews and reporting and evidence collection.
Professional Competencies And Necessary Qualifications:
- Analytical mind with evaluative and problem-solving abilities, able to define technical solutions aligned with client's business problems at an architectural and design level of detail.
- Excellent at communicating technical problems and solutions to both technical and non-technical audiences.
- Able to effectively undertake challenges and have experience in leading a project and teams in a complex environment.
- Ability to manage multiple priorities and meet deadlines.
- High degree of initiative, dependability and ability to work with little supervision.
- Excellent written and verbal communication skills in English.
- Availability for on-call.
Preferable Certifications And Experience (not Mandatory):
- Cyolo certifications or formal training.
- Cybersecurity certifications.
- Experience with additional PAM platforms (CyberArk, BeyondTrust, Delinea).
- Cloud security certifications (Azure, AWS, GCP).
- Exposure to OT or regulated environments.
