Principal Platform Engineer (DevOps)

IDEXX DevOps contributes to the success of IDEXX employees and customers by providing scalable innovative solutions and technical leadership. Our PAWS (Productivity Automation Workflow Solutions) team builds and operates the internal developer platforms that IDEXX software teams rely on every day so that engineers across the company can ship faster safer and with confidence.

As a Principal Platform Engineer (DevOps) you bring deep technical ownership to IDEXXs internal developer platforms shaping the direction of our AWS GitHub Enterprise Terraform Cloud and JFrog Artifactory environments alongside a close-knit agile team. You lead from within the team: writing production Python mentoring engineers driving technical decisions and solving the most complex cross-team platform challenges. You are the go-to person for the hardest problems the most ambiguous requirements and the broadest platform questions and you make the engineers around you better in the process.

In this role

You will be responsible for Platform Development & Technical Leadership:

• Own the design and architecture of platform capabilities across AWS Organizations GitHub Enterprise Terraform Cloud and JFrog Artifactory balancing developer experience with security and compliance requirements.
• Architect and implement complex AWS Organizations structures: multi-account governance secure account configuration SCP strategy permission boundaries and account vending pipelines that scale with IDEXXs growth.
• Lead the design of GitHub Enterprise configurations policies and automation ensuring the platform is both highly usable for developers and meets InfoSec and Compliance standards.
• Define Terraform Cloud platform standards: workspace architecture Sentinel policy frameworks module registry strategy and state management patterns.
• Support engineering teams in adopting secure artifact and dependency hosting within JFrog Artifactory
• Write and review production-quality Python setting the standard for code quality testing practices and maintainability on the team.
• Lead and participate in pair programming and code review; your engagement elevates the quality and design thinking of the whole team.
• Identify platform gaps and technical debt and drive initiatives to address them through the backlog and sprint process.

You will be a mentor fostering Team Growth:

• Mentor and coach Senior and mid-level Platform Engineers providing technical guidance code feedback and career development support.
• Model collaborative engineering practices: pairing documentation incremental delivery and open communication.
• Help onboard new team members and accelerate their ramp-up on platform tooling codebases and team norms.

You will have Agile Team Participation:

• Partner closely with the Platform Lead Engineer and Platform Agile Practitioner to shape backlog refinement define acceptance criteria for complex work and ensure technical clarity before work enters a sprint.
• Collaborate with the Platform Engineering Manager and Platform Product Owner to influence prioritization of technically complex or high-impact work.
• Drive architectural discussions and lightweight design reviews within the team sprint cycle keeping the team moving without creating heavyweight process.
• Break down ambiguous cross-team platform problems into well-scoped deliverables.

You will engage with Internal Customer Partnerships:

• Engage with senior engineers and technical leads across IDEXXs software and DevOps teams to understand complex cross-cutting platform requirements.
• Navigate competing customer needs and make principled trade-offs between developer experience security posture and platform complexity.
• Act as a trusted technical advisor to internal teams on platform capabilities patterns and best practices.

What You Need to Succeed

• 8 years of experience in platform engineering DevOps or infrastructure software engineering with demonstrated growth in scope and ownership over time.
• Subject matter expertise in CloudFormation and Terraform
• Fluency in Python you write it fluently review it critically and set the standard for quality and design on the team.
• Deep expertise with AWS Organizations: SCP strategy account governance landing zone design (Control Tower or equivalent) and multi-account security architecture.
• Advanced GitHub Enterprise administration experience: organization-wide policy design GitHub Actions at scale security configuration and API-driven automation.
• Strong Terraform Cloud expertise: workspace and state architecture Sentinel policy framework design module publishing and governance patterns.
• A track record of mentoring or growing other engineers technically and professionally.
• Proven ability to handle ambiguous cross-team problems independently and drive them to clear well-implemented solutions.
• Strong agile collaboration skills: you know how to work within a sprint team shape a backlog and deliver iteratively without losing sight of long-term platform health.
• Excellent communication skills you can engage confidently with engineers managers InfoSec and Compliance teams alike.
• A collaborative mindset by default you dont go it alone and you dont let others go it alone either.

Nice to Have

• Experience with native AWS management tools such as AWS Control Tower AWS Config or AWS Security Hub at an organizational scale.
• Experience using CloudFormation StackSets to distribute standardized resource configurations
• Experience designing policy-as-code frameworks using Sentinel or OPA/Rego.
• Experience with identity federation principals in enterprise environments to support single sign-on access including working knowledge of Entra ID (formerly Azure AD)
• Experience with developer portal or internal tooling frameworks (e.g. Backstage AWS Service Catalog).
• AWS professional or specialty certification.
• Background working in regulated industries (SOC 2 ISO 27001 HIPAA FedRAMP or similar).
• Experience contributing to or influencing engineering standards across a broader organization.

Technologies Youll Work With

Amazon Web Services and AWS Organizations (SCPs IAM Control Tower) GitHub Enterprise Terraform Cloud JFrog Artifactory Python CloudFormation Git

Location: We prefer you to be driving distance to our Westbrook Maine Headquarters where we require a flexible hybrid 8 days per month on-site. Alternatively we are also open to those in NH or MA who can visit the HQ less frequently.

What you can expect from us:
Base annual salary target: $120000 - $140000 (yes we do have flexibility if needed)
Opportunity for annual cash bonus
Health / Dental / Vision Benefits Day-One
5% matching 401k
Additional benefits including but not limited to financial support pet insurance mental health resources volunteer paid days off employee stock program foundation donation matching and much more!

Why IDEXX

Were proud of the work we do because our work matters. An innovation leader in every industry we serve we follow our Purpose and Guiding Principles to help pet owners worldwide keep their companion animals healthy and happy to ensure safe drinking water for billions and to help farmers protect livestock and poultry from diseases. We have customers in over 175 countries and a global workforce of over 10000 talented people.

So what does that mean for you We enrich the livelihoods of our employees with a positive and respectful work culture that embraces challenges and encourages learning and discovery. At IDEXX you will be supported by competitive compensation incentives and benefits while enjoying purposeful work that drives improvement.

Lets pursue what matters together.

IDEXX values a diverse workforce and workplace and strongly encourages women people of color LGBTQ individuals people with disabilities members of ethnic minorities foreign-born residents and veterans to apply.

IDEXX is an equal opportunity employer. Applicants will not be discriminated against because of race color creed sex sexual orientation gender identity or expression age religion national origin citizenship status disability ancestry marital status veteran status medical condition or any protected category prohibited by local state or federal laws.

#LI-EV1