Cybersecurity PAM Engineer (Cyolo)

Job Description

Stefanini Group is seeking a skilled Cybersecurity PAM Engineer to join our Infrastructure Services Division, within the Cybersecurity Services Tower, with direct-colleagues stretching remotely across North America, Europe and Asia, delivering high end security services to global customers.

The Cybersecurity PAM Engineer is responsible for the design, implementation, operation, and continuous improvement of Privileged Access Management (PAM) capabilities, with a strong focus on secure remote access, least privilege enforcement, and zero-trust access models.

This role will act as a technical authority for PAM solutions, with a high preference for hands-on experience with Cyolo solution, supporting both IT and hybrid IT/OT environments. The engineer will also contribute to architecture decisions, and ensure PAM controls align with security, compliance, and operational requirements.

A commitment to being available for on-call responsibilities is required to ensure timely response and support when needed.

Job Responsibilities:

• Serve as Cyolo and SRA/PAM Security Subject Matter Expert.
• Lead technical design, workshops and engineering reviews.
• Integrating PAM solutions with SIEM Platforms, SOAR, ITSM, Cloud (Azure, AWS or GCP), DevOps tools and CI/CD pipelines.
• Mentor Juniors & Support Security Operations.
• Key technical activities:
• Secure remote access, deployment and configuration.
• Zero Trust design using Cyolo.
• Application-level access control without network exposure.
• Define access policies aligned with least privilege.
• Integration with identity providers (IdPs).
• Support SOC and operations teams with Cyolo-generated telemetry
• Privileged account lifecycle management.
• Just-in-Time (JIT) and Just-Enough-Access (JEA).
• Privileged session management (PSM).
• Credential vaulting and rotation.
• Service accounts and non-human identities.
• Break-glass and emergency access design.
• Segregation of duties (SoD).
  

Job Requirements

Required Experience:

• 6+ years of experience in cybersecurity or infrastructure security roles with at least 4+ years of hands-on PAM experience in enterprise environments.
• Experience with the Cyolo solution is strongly preferred.
• Proven experience implementing and operating:
• Privileged user access controls
• Secure remote access solutions
• Least privilege and zero trust access models.
• Experience working across:
• On-prem environments
• Cloud and SaaS platforms
• Hybrid or segmented networks (IT / OT is a strong plus).
• Integration & Automation experience:
• Demonstrated expertise in integrating Privileged Access Management (PAM) solutions with SIEM platforms, SOAR, ITSM systems, and cloud environments (Azure, AWS, or GCP), as well as with DevOps tools and CI/CD pipelines.
• PowerShell and/or Python scripting.
• Understanding of REST APIs.
• Experience with automating account onboarding, credential rotation, access reviews and reporting and evidence collection.
  
  

Professional competencies and necessary qualifications:

• Analytical mind with evaluative and problem-solving abilities, able to define technical solutions aligned with client's business problems at an architectural and design level of detail.
• Excellent at communicating technical problems and solutions to both technical and non-technical audiences.
• Able to effectively undertake challenges and have experience in leading a project and teams in a complex environment.
• Ability to manage multiple priorities and meet deadlines.
• High degree of initiative, dependability and ability to work with little supervision.
• Excellent written and verbal communication skills in English.
• Availability for on-call.
  
  

Preferable certifications and experience (not mandatory):

• Cyolo certifications or formal training.
• Cybersecurity certifications.
• Experience with additional PAM platforms (CyberArk, BeyondTrust, Delinea).
• Cloud security certifications (Azure, AWS, GCP).
• Exposure to OT or regulated environments.
  
  

What's next:

It's best to apply today, because job postings can be taken down and we wouldn't want you to miss this opportunity. In case you need further information, just send us a message at [email protected] and we'll be happy to assist!

The preceding job description had been designed to indicate the general nature and level of work performed by employees within this classification. It is not designed to contain or be interpreted as a comprehensive inventory of all duties and responsibilities required of employees assigned to this job.

Diversity & Inclusion

Here at the Stefanini Group, we value plurality and equity, regardless of race, sexual orientation, disability, age, ancestry, religion, gender, and nationality. We understand and encourage the importance of being you!

About Us

We are the Stefanini group, a global tech consulting company of Brazilian origin that believes in the power of people to transform businesses through technology.

We are present in over 40 countries and operate with the purpose of co-creating solutions TOGETHER WITH OUR CLIENTS that accelerate results and improve the experience of people and organizations.

Here, we like to say that technology is not the end, but the means: what really matters are the people who drive it all.

Our mindset is AI First, meaning we invest in cutting-edge technology in everything we do, focusing on results for our clients.

We are a company, A GROUP, that breathes collaboration and offers a dynamic environment where you will learn by doing, grow alongside the team, and have space to contribute with ideas and projects.

More than just talking about digital transformation, we believe in real transformation that starts with people and impacts real businesses.

If you are looking for a place to develop, innovate, and be part of something bigger, the Stefanini Group is your place.

We want to inform you that there are currently scams targeting job seekers by falsely using our company's name, Stefanini. We sincerely apologize for any confusion or inconvenience this may have caused.

Please remember that legitimate job offers from Stefanini will always come through official channels, including direct communication with our trained recruiters. If you receive any unsolicited messages requesting payment or personal information, please disregard them.

If you suspect you've been targeted, please contact us immediately at [email protected] for verification.

Key Points to Remember:

• Legitimate job offers only follow interviews conducted with our hiring managers or clients.
• We will never ask for payment at any stage of the recruitment process.
  
  

Stay vigilant and feel free to reach out for verification. Your safety and security are our top priorities. Thank you for your understanding and cooperation.