Our cybersecurity and information security teams at IDEXX contribute to a more resilient, adaptable, and security-aware enterprise prepared to navigate today’s evolving threat landscape. We have complex, multi-dimensional programs across the organization that support all the technology needed to deliver products and solutions to customers - enabling them to focus on delivering high quality patient care.
As the Director of Secure Architecture & Engineering at IDEXX, you will define and lead the enterprise-wide security architecture strategy and full-stack engineering programs that safeguard our global technology ecosystem. Reporting directly to the Chief Information Security Officer (CISO), this senior technical and strategic leadership role drives secure-by-design principles, multi-cloud security, application and product security, identity and access management, infrastructure protection, and security automation. You will ensure resilience and scalability through robust architectures, strong governance, and continuous integration of security across the technology lifecycle.
In this role, you will…
- Lead the design and lifecycle management of IDEXX’s enterprise security architecture, including standards, reference architectures, design patterns, and engineering roadmaps across cloud, application, product, infrastructure, identity, and data domains.
- Direct full-stack security engineering functions, spanning cloud security, application security, infrastructure, identity and access management (IAM/PAM/Zero Trust), product security, data protection, and security platform technologies.
- Embed secure-by-design principles into engineering practices, governing SSDLC integration, security review boards, and enterprise threat modeling programs.
- Partner with executive leadership and global engineering teams to align security architecture and engineering strategies with business objectives, product innovation, and technology operations.
- Establish and implement secure multi-cloud architectures (AWS, Azure, GCP), containerized workloads, Kubernetes environments, and cloud-native security controls.
- Lead application security engineering, including SAST/DAST/IAST, dependency scanning, API security, and CI/CD pipeline security automation.
- Govern enterprise identity and access security, driving Zero Trust architecture, authentication and authorization strategies, and identity lifecycle automation.
- Develop and optimize enterprise security platforms, including SOAR, SIEM, detection engineering, telemetry pipelines, and EDR/XDR integrations for security observability.
- Advance product and IoT security engineering, ensuring embedded systems protection, firmware assurance, and automated product security testing.
- Provide technical leadership for infrastructure and network security, including segmentation, secure connectivity, endpoint protection, and hybrid-cloud security.
- Define and enforce data security standards, including encryption, tokenization, and sensitive-data risk mitigation.
- Lead threat modeling and adversary simulation activities, collaborating with red teams, architecture groups, and privacy/legal stakeholders.
- Foster a high-performing security engineering culture, emphasizing innovation, accountability, and secure-by-default decision-making.
- Ensure operational readiness and continuous improvement, using lifecycle assurance processes, metrics, and KPIs.
- Monitor emerging threats and technologies, delivering executive insights and actionable architectural guidance.
- Represent IDEXX in security forums and vendor partnerships, influencing technology evaluations and advancing IDEXX’s global defensive posture.
What You Will Need to Succeed:
- Demonstrated leadership in enterprise security architecture and engineering, with proven ability to lead teams and deliver enterprise-scale outcomes in fast-paced environments.
- Deep expertise across multiple security domains, including cloud, application, identity, data, infrastructure, network, detection/platform engineering, and product/IoT security.
- Experience driving secure-by-design principles, SSDLC integration, and developing enterprise security standards, threat models, and architectural frameworks.
- Strong communication skills to translate complex engineering concepts into actionable business decisions and influence cross-functional leadership.
- Preferred Certifications: CISSP, CCSP, GIAC (GDSA, GCSA, GWAPT, GCPN, etc.), and cloud certifications (AWS, Azure, GCP).
- Bachelor’s degree in a technical discipline or equivalent work experience
Location: On-site presence required at IDEXX headquarters in Westbrook, Maine.
What you can expect from us:
- Base annual salary target: $180000 – 210000 (yes, we do have flexibility if needed)
- Opportunity for annual cash bonus as well as yearly equity award
- Health / Dental / Vision Benefits Day-One
- 5% matching 401k
- Additional benefits including but not limited to financial support, pet insurance, mental health resources, volunteer paid days off, employee stock program, foundation donation matching, and much more!
Why IDEXX?
We’re proud of the work we do, because our work matters. An innovation leader in every industry we serve, we follow our Purpose and Guiding Principles to help pet owners worldwide keep their companion animals healthy and happy, to ensure safe drinking water for billions, and to help farmers protect livestock and poultry from diseases. We have customers in over 175 countries and a global workforce of over 10,000 talented people.
So, what does that mean for you? We enrich the livelihoods of our employees with a positive and respectful work culture that embraces challenges and encourages learning and discovery. At IDEXX, you will be supported by competitive compensation, incentives, and benefits while enjoying purposeful work that drives improvement.
Let’s pursue what matters together.
IDEXX values a diverse workforce and workplace and strongly encourages women, people of color, LGBTQ+ individuals, people with disabilities, members of ethnic minorities, foreign-born residents, and veterans to apply.
IDEXX is an equal opportunity employer. Applicants will not be discriminated against because of race, color, creed, sex, sexual orientation, gender identity or expression, age, religion, national origin, citizenship status, disability, ancestry, marital status, veteran status, medical condition, or any protected category prohibited by local, state, or federal laws.