[Hiring] Cybersecurity Privileged Access Management (PAM) Engineer @Stefanini EMEA

Role Description

The Cybersecurity PAM Engineer is responsible for the design, implementation, operation, and continuous improvement of Privileged Access Management (PAM) capabilities, with a strong focus on secure remote access, least privilege enforcement, and zero-trust access models.

• Serve as Cyolo and SRA/PAM Security Subject Matter Expert.
• Lead technical design, workshops and engineering reviews.
• Integrate PAM solutions with SIEM Platforms, SOAR, ITSM, Cloud (Azure, AWS or GCP), DevOps tools and CI/CD pipelines.
• Mentor Juniors & Support Security Operations.
• Key technical activities include:
• Secure remote access, deployment and configuration.
• Zero Trust design using Cyolo.
• Application-level access control without network exposure.
• Define access policies aligned with least privilege.
• Integration with identity providers (IdPs).
• Support SOC and operations teams with Cyolo-generated telemetry.
• Privileged account lifecycle management.
• Just-in-Time (JIT) and Just-Enough-Access (JEA).
• Privileged session management (PSM).
• Credential vaulting and rotation.
• Service accounts and non-human identities.
• Break-glass and emergency access design.
• Segregation of duties (SoD).

Qualifications

• 6+ years of experience in cybersecurity or infrastructure security roles with at least 4+ years of hands-on PAM experience in enterprise environments.
• Experience with the Cyolo solution is strongly preferred.
• Proven experience implementing and operating:
• Privileged user access controls
• Secure remote access solutions
• Least privilege and zero trust access models.
• Experience working across:
• On-prem environments
• Cloud and SaaS platforms
• Hybrid or segmented networks (IT / OT is a strong plus).
• Integration & Automation experience:
• Demonstrated expertise in integrating PAM solutions with SIEM platforms, SOAR, ITSM systems, and cloud environments (Azure, AWS, or GCP), as well as with DevOps tools and CI/CD pipelines.
• PowerShell and/or Python scripting.
• Understanding of REST APIs.
• Experience with automating account onboarding, credential rotation, access reviews and reporting and evidence collection.

Requirements

• Analytical mind with evaluative and problem-solving abilities, able to define technical solutions aligned with client's business problems at an architectural and design level of detail.
• Excellent at communicating technical problems and solutions to both technical and non-technical audiences.
• Able to effectively undertake challenges and have experience in leading a project and teams in a complex environment.
• Ability to manage multiple priorities and meet deadlines.
• High degree of initiative, dependability and ability to work with little supervision.
• Excellent written and verbal communication skills in English.
• Availability for on-call.

Benefits

• Preferable certifications and experience (not mandatory):
• Cyolo certifications or formal training.
• Cybersecurity certifications.
• Experience with additional PAM platforms (CyberArk, BeyondTrust, Delinea).
• Cloud security certifications (Azure, AWS, GCP).
• Exposure to OT or regulated environments.