Director, Cyber Defense & Engineering

Aramark

  • Philadelphia, PA
  • Permanent
  • Full-time
  • 9 days ago
Job DescriptionThe Director, Cyber Defense & Engineering postion is Located in Philadelphia, PA, reporting to the CISO.The Director of Cyber Defense & Engineering is accountable for proactive reduction of organizational risk through operational excellence, exposure reduction, and technology alignment. The function the leader oversees manages the threat lifecycle — from detection and analysis through response, tuning, and hardening — while maintaining visibility across internal and external attack surfaces. Additionally, the Director ensures effective partnership and accountability with third-party security providers.This role oversees four critical subfunctions — Attack Surface Management, Threat Intelligence, Incident Response, and SOC Oversight — and ensures they operate as an integrated, risk-aligned defense program.The ideal candidate combines deep technical expertise with proven leadership skills to align operations with business priorities, manage third-party providers, and continuously reduce enterprise exposure.Job ResponsibilitiesStrategic Leadership
  • Translate enterprise cybersecurity strategy into actionable operational defense programs aligned to risk, resilience, and growth.
  • Provide direction and oversight across the four subfunctions, ensuring they operate as an integrated lifecycle (threat detection → analysis → tuning → hardening).
  • Partner with Infrastructure, Identity & Access Management, Risk & Resiliency, Applications, and business stakeholders to drive shared accountability for enterprise risk reduction.
Core Functional LeadershipLead a lean team toward success in the following areas:
  • Attack Surface Management (ASM)
  • Oversee asset discovery, vulnerability coordination, and enterprise exposure monitoring (e.g., Qualys, Wiz, BitSight).
  • Drive remediation playbooks, exception handling, and purple team/pentest follow-through.
  • Threat Intelligence & Incident Response
  • Curate and contextualize threat intelligence; feed insights into engineering and ASM practices.
  • Lead internal coordination of incident response for high-severity events.
  • Detection & Security Engineering
  • Ensure effective tuning and configuration of security tooling (CrowdStrike, BloxOne, Defender, etc.).
  • Ensure maintenance of secure configuration baselines, drive automation adoption, and drive IT teams toward systemic fixes to recurring issues.
  • SOC Oversight
  • Act as primary liaison to third-party SOC/MSSP for escalation quality, SLA management, and continuous improvement.
  • Feed internal context (asset criticality, business logic) into SOC playbooks to reduce noise and improve detection accuracy.
Operational Excellence
  • Build and lead a lean, high-performing team with measurable accountability for outcomes, not just tasks.
  • Champion automation, hygiene, and root cause elimination to scale effectiveness without bloating headcount.
  • Develop metrics and dashboards to demonstrate protection level agreements (PLAs), detection coverage, and enterprise risk reduction.
Qualifications
  • 10+ years of progressive cybersecurity/IT risk experience, including at least 5 years in leadership roles.
  • Proven track record managing SOCs, MSSPs, or threat detection/response functions.
  • Strong expertise in vulnerability management, endpoint detection and response (EDR), SIEM/SOAR, and enterprise security baselining.
  • Deep understanding of frameworks such as NIST CSF, MITRE ATT&CK, and CIS Controls.
  • Experience driving automation and security engineering initiatives in large, complex enterprises.
Success Profile
  • Risk-Aligned: Prioritizes based on business risk and enterprise impact.
  • Proactive: Focuses on automation, hygiene, and reducing noise before it becomes risk.
  • Collaborative: Operates through shared accountability with IT, business units, and vendors.
  • Accountable: Owns measurable risk reduction outcomes.
  • Pragmatic: Makes right-sized decisions aligned with organizational maturity and capacity.
Why JoinThis is a unique opportunity to lead one of the most business-critical cybersecurity defense functions in a global, $20B+ organization. You’ll build and evolve a lean but high-impact team, directly influencing resilience, growth, and trust across all lines of business and international markets.About AramarkOur MissionRooted in service and united by our purpose, we strive to do great things for each other, our partners, our communities, and our planet.At Aramark, we believe that every employee should enjoy equal employment opportunity and be free to participate in all aspects of the company. We do not discriminate on the basis of race, color, religion, national origin, age, sex, gender, pregnancy, disability, sexual orientation, gender identity, genetic information, military status, protected veteran status or other characteristics protected by applicable law.About AramarkThe people of Aramark proudly serve millions of guests every day through food and facilities in 15 countries around the world. Rooted in service and united by our purpose, we strive to do great things for each other, our partners, our communities, and our planet. We believe a career should develop your talents, fuel your passions, and empower your professional growth. So, no matter what you're pursuing - a new challenge, a sense of belonging, or just a great place to work - our focus is helping you reach your full potential. Learn more about working here at or connect with us on , and .

Aramark