Director, Secure Architecture & Engineering

Our cybersecurity and information security teams at IDEXX contribute to a more resilient adaptable and security-aware enterprise prepared to navigate todays evolving threat landscape. We have complex multi-dimensional programs across the organization that support all the technology needed to deliver products and solutions to customers - enabling them to focus on delivering high quality patient care.

As the Director of Secure Architecture & Engineering at IDEXX you will define and lead the enterprise-wide security architecture strategy and full-stack engineering programs that safeguard our global technology ecosystem. Reporting directly to the Chief Information Security Officer (CISO) this senior technical and strategic leadership role drives secure-by-design principles multi-cloud security application and product security identity and access management infrastructure protection and security automation. You will ensure resilience and scalability through robust architectures strong governance and continuous integration of security across the technology lifecycle.

In this role you will

• Lead the design and lifecycle management of IDEXXs enterprise security architecture including standards reference architectures design patterns and engineering roadmaps across cloud application product infrastructure identity and data domains.
• Direct full-stack security engineering functions spanning cloud security application security infrastructure identity and access management (IAM/PAM/Zero Trust) product security data protection and security platform technologies.
• Embed secure-by-design principles into engineering practices governing SSDLC integration security review boards and enterprise threat modeling programs.
• Partner with executive leadership and global engineering teams to align security architecture and engineering strategies with business objectives product innovation and technology operations.
• Establish and implement secure multi-cloud architectures (AWS Azure GCP) containerized workloads Kubernetes environments and cloud-native security controls.
• Lead application security engineering including SAST/DAST/IAST dependency scanning API security and CI/CD pipeline security automation.
• Govern enterprise identity and access security driving Zero Trust architecture authentication and authorization strategies and identity lifecycle automation.
• Develop and optimize enterprise security platforms including SOAR SIEM detection engineering telemetry pipelines and EDR/XDR integrations for security observability.
• Advance product and IoT security engineering ensuring embedded systems protection firmware assurance and automated product security testing.
• Provide technical leadership for infrastructure and network security including segmentation secure connectivity endpoint protection and hybrid-cloud security.
• Define and enforce data security standards including encryption tokenization and sensitive-data risk mitigation.
• Lead threat modeling and adversary simulation activities collaborating with red teams architecture groups and privacy/legal stakeholders.
• Foster a high-performing security engineering culture emphasizing innovation accountability and secure-by-default decision-making.
• Ensure operational readiness and continuous improvement using lifecycle assurance processes metrics and KPIs.
• Monitor emerging threats and technologies delivering executive insights and actionable architectural guidance.
• Represent IDEXX in security forums and vendor partnerships influencing technology evaluations and advancing IDEXXs global defensive posture.

What You Will Need to Succeed:

• Demonstrated leadership in enterprise security architecture and engineering with proven ability to lead teams and deliver enterprise-scale outcomes in fast-paced environments.
• Deep expertise across multiple security domains including cloud application identity data infrastructure network detection/platform engineering and product/IoT security.
• Experience driving secure-by-design principles SSDLC integration and developing enterprise security standards threat models and architectural frameworks.
• Strong communication skills to translate complex engineering concepts into actionable business decisions and influence cross-functional leadership.
• Preferred Certifications: CISSP CCSP GIAC (GDSA GCSA GWAPT GCPN etc.) and cloud certifications (AWS Azure GCP).
• Bachelors degree in a technical discipline or equivalent work experience

Location: On-site presence required at IDEXX headquarters in Westbrook Maine.

What you can expect from us:

• Base annual salary target: $(yes we do have flexibility if needed)
• Opportunity for annual cash bonus as well as yearly equity award
• Health / Dental / Vision Benefits Day-One
• 5% matching 401k
• Additional benefits including but not limited to financial support pet insurance mental health resources volunteer paid days off employee stock program foundation donation matching and much more!

Why IDEXX

Were proud of the work we do because our work matters. An innovation leader in every industry we serve we follow our Purpose and Guiding Principles to help pet owners worldwide keep their companion animals healthy and happy to ensure safe drinking water for billions and to help farmers protect livestock and poultry from diseases. We have customers in over 175 countries and a global workforce of over 10000 talented people.

So what does that mean for you We enrich the livelihoods of our employees with a positive and respectful work culture that embraces challenges and encourages learning and discovery. At IDEXX you will be supported by competitive compensation incentives and benefits while enjoying purposeful work that drives improvement.

Lets pursue what matters together.

IDEXX values a diverse workforce and workplace and strongly encourages women people of color LGBTQ individuals people with disabilities members of ethnic minorities foreign-born residents and veterans to apply.

IDEXX is an equal opportunity employer. Applicants will not be discriminated against because of race color creed sex sexual orientation gender identity or expression age religion national origin citizenship status disability ancestry marital status veteran status medical condition or any protected category prohibited by local state or federal laws.