City : Sant Just Desvern
State : Barcelona (ES-B)
Country : Spain (ES)
Requisition Number : 45017
Overview:
The PAM Specialist is part of the broader Bunge Global Identity and Access Management (IAM) team. You will play a central role in supporting and evolving our Privileged Access Management (PAM) platform, a critical component of our cybersecurity posture. This position is primarily focused on ensuring the stability, security, and integration of privileged access services across a complex, global environment.
You will work closely with directory and authentication platforms such as Active Directory and Entra ID, ensuring seamless integration between PAM and core identity services. In this role, you will directly contribute to strengthening privileged access controls and advancing identity foundations within a hybrid enterprise landscape.
This position offers a unique opportunity to work on privileged access at a global scale, where PAM is a critical control for cybersecurity and compliance. You will play a direct role in strengthening the organization’s security posture while contributing to broader identity modernization initiatives.
You will operate in a highly complex international environment, collaborating with global teams and contributing to initiatives with direct visibility within cybersecurity leadership.
Main Responsibilities
Support and operate global Privileged Access Management (PAM) services, ensuring high availability, security, and performance
Manage and maintain directory services including Active Directory and Microsoft Entra ID, with a focus on enabling secure privileged access
Integrate PAM solutions with core identity services to ensure consistent and controlled management of privileged accounts across on-premises and cloud environments
Manage privileged account onboarding, access provisioning, session management, and credential lifecycle processes
Design and implement automation use cases for PAM operations, such as, Automated onboarding and offboarding of privileged accounts, Credential rotation and password vault synchronization, Just-in-time (JIT) privileged access provisioning Session initiation, monitoring and termination workflows
Integration with ticketing systems (e.g., ServiceNow) for access requests and approvals
Oversee and optimize domain services such as authentication, replication, and domain trust relationships, in support of privileged access use cases
Support identity capabilities including Single Sign-On (SSO), Multi-Factor Authentication (MFA), and enterprise application integrations where they intersect with privileged access
Troubleshoot and resolve complex issues related to PAM, directory services, and authentication mechanisms
Collaborate with cybersecurity and infrastructure teams to enforce privileged access controls, audit requirements, and security best practices
Contribute to ongoing PAM enhancements, automation initiatives, and operational efficiency improvements
Explore opportunities for using Artificial Intelligence (AI) within the scope of IAM.
Education & Experience
Typically a Bachelor's degree in Computer Science, Information Technology, or a related technical field. A Master's degree is a plus
5+ years of progressively responsible experience in PAM and Directory Services within a large, global enterprise environment
Working knowledge of PAM platforms (e.g., CyberArk, Okta, Segura)
Strong understanding of PAM concepts including privileged account lifecycle, vaulting, session management, credential rotation, and least privilege enforcement
Experience building or supporting automation within PAM environments, preferably using scripting (e.g., PowerShell) or API integrations
Experience integrating PAM solutions with Active Directory, Entra ID, and enterprise applications
Knowledge of privileged access controls, audit logging, and compliance requirements (e.g., SOX, internal audit)
Relevant industry certifications such as MCSE: Core Infrastructure, Azure Administrator Associate, CISSP, ITIL Foundation, or equivalent are highly desirable
Solid understanding of DNS, DHCP, Group Policy, LDAP, and Kerberos protocols
Strong proficiency in scripting languages (e.g., PowerShell) for automation, administration, and reporting
In-depth knowledge of Identity and Access Management (IAM) principles and best practices, particularly related to privileged access, MFA, and authentication
Languages
- English (professional) required
- Other languages (e.g., Spanish) are a plus
#LI-MŚ1
At Bunge (NYSE: BG), our purpose is to connect farmers to consumers to deliver essential food, feed and fuel to the world. As a premier agribusiness solutions provider, our team of ~37,000 dedicated employees partner with farmers across the globe to move agricultural commodities from where they’re grown to where they’re needed—in faster, smarter, and more efficient ways. We are a world leader in grain origination, storage, distribution, oilseed processing and refining, offering a broad portfolio of plant-based oils, fats, and proteins. We work alongside our customers at both ends of the value chain to deliver quality products and develop tailored, innovative solutions that address evolving consumer needs. With 200+ years of experience and presence in over 50 countries, we are committed to strengthening global food security, advancing sustainability, and helping communities prosper where we operate. Bunge has its registered office in Geneva, Switzerland and its corporate headquarters in St. Louis, Missouri. Learn more at Bunge.com.
Every day our people exemplify these values, which represent Bunge at its core:
- We Are One Team – Collaborative, Respectful, Inclusive
- We Lead The Way – Agile, Empowered, Innovative
- We Do What’s Right – Safety, Sustainability, With Integrity
If this sounds like you, join us! We value and invest in people who believe in our purpose and are excited to live it every day – people who are #ProudtoBeBunge
Job Segment: Agricultural, Computer Science, ERP, Internal Audit, Cyber Security, Agriculture, Finance, Technology, Security
