Logo for Idexx

Cloud Security Architect

Role overview

Qualifications

  • 7-10+ years of experience in information security with at least 5 years focused on cloud security architecture
  • Hands-on experience implementing and operating CSPM solutions in multi-cloud environments
  • Bachelor's degree in Computer Science, Information Security, or equivalent practical experience
  • Proficiency with scripting and automation (Python, Bash, PowerShell)

Responsibilities

  • Architect, implement, and continuously improve cloud security posture management across AWS, Azure, and GCP environments
  • Lead the migration from AquaSec to CrowdStrike Falcon CSPM, ensuring continuity of visibility and compliance enforcement
  • Conduct cloud security assessments, threat modeling, and architecture reviews for critical workloads
  • Embed security controls directly into cloud deployment pipelines using native platform capabilities and third-party tooling

About the company

Idexx logo

Idexx

Biotech: Biology + Technology

9,000 people, one global focus - enhancing the health and well-being of pets, people, and livestock We are passionate about what we do at IDEXX – and why wouldn’t we be? When you’re working to raise the standard of care for pets, make drinking water safe for billions and keep our livestock population around the globe healthy and free of disease, it’s no wonder that what we do each day is more than just a job. There’s an energy across IDEXX that is contagious – where caring and committed people come together to make things better. IDEXX Laboratories, Inc. (NASDAQ: IDXX), a member of the S&P 500, is a leader in pet healthcare innovation, serving practicing veterinarians around the world with a broad range of diagnostic and information technology-based products and services. Headquartered in southern Maine, we conduct operations through more than 70 locations around the world and serve customers in over 175 countries. Our primary business focuses on pet health, a growing market around the world. Our products —in-clinic diagnostic tests and instrumentation, reference laboratory and telemedicine consultation services, and practice management software—enhance the ability of veterinarians to provide advanced medical care, improve staff efficiency and to build more economically successful practices. We also develop and manufacture diagnostic tests and information for the global production animal industry, including poultry and livestock, as well as tests for the quality and safety of water and milk. Please visit our website, IDEXX.com/careers, for further information and to view all of our job opportunities.

Company details

Company typeLarge
IndustryBiotech: Biology + Technology
Company size10001

Your match analysis

See how your profile stacks up against this role.

We compared the job requirements to your profile to show where you're strong and where you fall short.

Job description

Our cybersecurity and information security teams at IDEXX contribute to a more resilient, adaptable, and security-aware enterprise prepared to navigate today’s evolving threat landscape. We have complex, multi-dimensional programs across the organization that support all the technology needed to deliver products and solutions to customers - enabling them to focus on delivering high quality patient care.

IDEXX is seeking a Cloud Security Architect to lead our multi-cloud security architecture across AWS, Azure, and GCP environments. This senior-level position will architect and implement cloud security posture management (CSPM) solutions, drive security standards enforcement, and partner with engineering teams to embed security controls directly into cloud deployment pipelines. You will play a critical role in protecting applications that serve our global veterinary diagnostics business while enabling development teams to move fast without compromising security.

This position reports to the Senior Manager of Product & Application Security and works closely with DevOps engineers and cloud platform owners across the organization.

In this role, you will be responsible for...

Cloud Security Architecture & CSPM

  • Architect, implement, and continuously improve cloud security posture management across AWS, Azure, and GCP environments supporting IDEXX products and applications
  • Lead the migration from AquaSec to CrowdStrike Falcon CSPM, ensuring continuity of visibility and compliance enforcement
  • Establish and maintain compliance with CIS Benchmarks Level 1 standards across all cloud platforms
  • Design monitoring and alerting strategies that surface actionable security gaps to both security and engineering teams

Infrastructure-as-Code Security

  • Implement automated security scanning and policy enforcement for Terraform, CloudFormation, and other IaC frameworks
  • Integrate tools like CrowdStrike Falcon, Checkov and Trivy into CI/CD pipelines to prevent misconfigurations before deployment
  • Develop policy-as-code frameworks that codify security requirements and enable self-service compliance

DevOps Partnership & Enablement

  • Embed security controls directly into cloud deployment pipelines using native platform capabilities and third-party tooling
  • Partner with DevOps teams to build secure-by-default infrastructure templates and golden paths
  • Conduct architecture reviews for new cloud services and deployment patterns
  • Translate complex security requirements into practical, actionable guidance for engineering teams

Security Assessments & Risk Management

  • Conduct cloud security assessments, threat modeling, and architecture reviews for critical workloads
  • Identify and prioritize security risks based on business impact, exploitability, and compensating controls
  • Work with product teams to implement mitigations that balance security effectiveness with operational feasibility

Tooling, Automation & Metrics

  • Manage and optimize cloud-native security tooling including CSPM, CNAPP, and secret scanning solutions
  • Build automation to reduce manual security work and improve consistency of controls
  • Establish metrics and reporting that demonstrate security posture improvement and compliance trends

What You Will Need to Succeed...

  • 7-10+ years of experience in information security with at least 5 years focused on cloud security architecture
  • Hands-on experience implementing and operating CSPM solutions in multi-cloud environments
  • Deep hands-on experience architecting security controls in AWS, Azure, and GCP production environments
  • Demonstrated proficiency with CSPM tools (CrowdStrike Falcon, Wiz, Prisma Cloud, or similar platforms)
  • Strong knowledge of CIS Benchmarks, cloud security frameworks (CSA CCM, NIST), and compliance standards (SOC 2, GDPR, HIPAA)
  • Expertise in Infrastructure-as-Code security scanning and policy enforcement (Checkov, Trivy, Terraform Sentinel, OPA)
  • Experience integrating security controls into CI/CD pipelines (GitHub Actions, GitLab CI, Jenkins, Azure DevOps)
  • Solid understanding of container security, Kubernetes security, and serverless security patterns
  • Proficiency with scripting and automation (Python, Bash, PowerShell)
  • Proven track record architecting security controls for large-scale cloud deployments
  • Experience with CIS Benchmarks implementation and compliance enforcement
  • Strong understanding of cloud-native architecture patterns and security implications
  • Bachelor's degree in Computer Science, Information Security, or equivalent practical experience
  • Proven ability to design security architectures that scale across large, complex cloud environments
  • Track record of successfully partnering with DevOps and engineering teams to implement security without blocking delivery
  • Experience driving security tool migrations and consolidations with minimal disruption
  • Strong analytical skills to assess risk, prioritize work, and make pragmatic security decisions
  • Ability to translate technical security concepts into language that resonates with both technical and business stakeholders
  • Excellent written and verbal communication skills; able to produce concise architecture documentation and executive summaries
  • Demonstrated ability to influence engineering teams through technical credibility rather than authority
  • Comfortable presenting security recommendations to senior technical leadership and defending design decisions
  • Self-directed and outcome-focused; able to identify problems, propose solutions, and drive them to completion with minimal supervision

Preferred

  • Relevant cloud security certifications (AWS Certified Security - Specialty, Azure Security Engineer Associate, GCP Professional Cloud Security Engineer, CCSP)
  • Experience with CrowdStrike Falcon CSPM or other leading CSPM/CNAPP platforms
  • Background in DevSecOps, SRE, or cloud platform engineering
  • Familiarity with OWASP SAMM or similar security maturity frameworks
  • Prior experience in regulated industries (healthcare, financial services) with SOC 2, HIPAA, or PCI-DSS compliance requirements
  • Contributions to open-source security tools or cloud security communities

What you can expect from us:
• Base annual salary target: $120000 - $150000 (yes, we do have flexibility if needed)
• Opportunity for annual cash bonus
• Health / Dental / Vision Benefits Day-One
• 5% matching 401k
• Additional benefits including but not limited to financial support, pet insurance, mental health resources, volunteer paid days off, employee stock program, foundation donation matching, and much more!

Why IDEXX?

We’re proud of the work we do, because our work matters. An innovation leader in every industry we serve, we follow our Purpose and Guiding Principles to help pet owners worldwide keep their companion animals healthy and happy, to ensure safe drinking water for billions, and to help farmers protect livestock and poultry from diseases. We have customers in over 175 countries and a global workforce of over 10,000 talented people.

So, what does that mean for you? We enrich the livelihoods of our employees with a positive and respectful work culture that embraces challenges and encourages learning and discovery.   At IDEXX, you will be supported by competitive compensation, incentives, and benefits while enjoying purposeful work that drives improvement. 

Let’s pursue what matters together. 

IDEXX values a diverse workforce and workplace and strongly encourages women, people of color, LGBTQ+ individuals, people with disabilities, members of ethnic minorities, foreign-born residents, and veterans to apply.

IDEXX is an equal opportunity employer. Applicants will not be discriminated against because of race, color, creed, sex, sexual orientation, gender identity or expression, age, religion, national origin, citizenship status, disability, ancestry, marital status, veteran status, medical condition, or any protected category prohibited by local, state, or federal laws.

#LI-EV1

Apply once. Then go straight to the hiring manager.

After you apply, unlock the direct contact details of the people who actually make the call. A quick follow-up makes you 5x more likely to land an interview.

MR

Marcus Rivera

Chief Revenue Officer

m.rivera@company.com
linkedin.com/in/marcusrivera
Unlocked after you apply
·

Cloud Security Architect Related jobs

Other jobs at Idexx

Premium

Reach out to the hiring manager directly.

Gain access to the contact details of the hiring managers who actually decide, and reach out to network with them directly. That, plus more when you upgrade:

  • Full match report with fit score and gaps
  • Career diagnostics on how recruiters read you
  • Curated company matches and warm intros
  • 48h early access to new roles

Cancel anytime.