Director, Secure Architecture & Engineering

About The Position

Requirements

• Demonstrated leadership in enterprise security architecture and engineering, with proven ability to lead teams and deliver enterprise-scale outcomes in fast-paced environments.
• Deep expertise across multiple security domains, including cloud, application, identity, data, infrastructure, network, detection/platform engineering, and product/IoT security.
• Experience driving secure-by-design principles, SSDLC integration, and developing enterprise security standards, threat models, and architectural frameworks.
• Strong communication skills to translate complex engineering concepts into actionable business decisions and influence cross-functional leadership.
• Bachelor’s degree in a technical discipline or equivalent work experience

Nice To Haves

• CISSP, CCSP, GIAC (GDSA, GCSA, GWAPT, GCPN, etc.), and cloud certifications (AWS, Azure, GCP).

Responsibilities

• Lead the design and lifecycle management of IDEXX’s enterprise security architecture , including standards, reference architectures, design patterns, and engineering roadmaps across cloud, application, product, infrastructure, identity, and data domains.
• Direct full-stack security engineering functions , spanning cloud security, application security, infrastructure, identity and access management (IAM/PAM/Zero Trust), product security, data protection, and security platform technologies.
• Embed secure-by-design principles into engineering practices , governing SSDLC integration, security review boards, and enterprise threat modeling programs.
• Partner with executive leadership and global engineering teams to align security architecture and engineering strategies with business objectives, product innovation, and technology operations.
• Establish and implement secure multi-cloud architectures (AWS, Azure, GCP), containerized workloads, Kubernetes environments, and cloud-native security controls.
• Lead application security engineering , including SAST/DAST/IAST, dependency scanning, API security, and CI/CD pipeline security automation.
• Govern enterprise identity and access security , driving Zero Trust architecture, authentication and authorization strategies, and identity lifecycle automation.
• Develop and optimize enterprise security platforms , including SOAR, SIEM, detection engineering, telemetry pipelines, and EDR/XDR integrations for security observability.
• Advance product and IoT security engineering , ensuring embedded systems protection, firmware assurance, and automated product security testing.
• Provide technical leadership for infrastructure and network security , including segmentation, secure connectivity, endpoint protection, and hybrid-cloud security.
• Define and enforce data security standards , including encryption, tokenization, and sensitive-data risk mitigation.
• Lead threat modeling and adversary simulation activities , collaborating with red teams, architecture groups, and privacy/legal stakeholders.
• Foster a high-performing security engineering culture , emphasizing innovation, accountability, and secure-by-default decision-making.
• Ensure operational readiness and continuous improvement , using lifecycle assurance processes, metrics, and KPIs.
• Monitor emerging threats and technologies , delivering executive insights and actionable architectural guidance.
• Represent IDEXX in security forums and vendor partnerships , influencing technology evaluations and advancing IDEXX’s global defensive posture.

Benefits

• Health / Dental / Vision Benefits Day-One
• 5% matching 401k
• Opportunity for annual cash bonus as well as yearly equity award
• Additional benefits including but not limited to financial support, pet insurance, mental health resources, volunteer paid days off, employee stock program, foundation donation matching, and much more!