IDEXX Livestock Diagnostics
Principal Application Security Engineer
IDEXX Livestock Diagnostics, Westbrook, Maine, us, 04098
Overview
Join to apply for the
Principal Application Security Engineer
role at
IDEXX Livestock Diagnostics . IDEXX seeks a
Principal Application Security Engineer
to guide and influence secure design practices across IDEXX product portfolio. This consultative role partners with development teams to establish security best practices, provide architectural guidance, and enable teams to build secure products from inception. You'll serve as a trusted advisor rather than a hands-on implementer. This role offers high visibility and the opportunity to shape security culture across IDEXX and influence product security strategy. Responsibilities Strategic Security Consulting: Advising product teams on security architecture decisions and risk trade-offs; facilitating threat modeling workshops and architecture review sessions; providing expert guidance on security patterns and anti-patterns and influencing security strategy across multiple product lines and teams. Security Standards & Governance: Working with IDEXX GRC team to promote security policies, standards, and guidelines for development teams; creating reusable security blueprints and reference architectures; establishing security decision frameworks for common architectural patterns and guiding teams in interpreting and applying compliance requirements. Stakeholder Engagement & Influence: Consulting with product owners, architects, and engineering leads on security risks; presenting security recommendations to technical and business stakeholders and building consensus around security decisions across diverse teams; acting as liaison between Information Security and product development. Security Program Development: Influencing the Product & Application Security program strategy and initiatives; designing security awareness programs tailored to different roles; developing self-service security resources and playbooks; establishing metrics to measure security program effectiveness.
Qualifications
7-10+ years in security consulting, architecture, or advisory roles with experience in application security and implementing SAST, DAST, SCA, etc. In-depth experience performing application security initiatives, including security assessments, threat modeling, and secure code reviews; strong understanding of modern software development practices, cloud computing concepts, and delivery methodologies. Proficiency in security testing tools such as Synopsys, CodeQL, CSPM, etc. Experience with security of cloud workloads (AWS, Azure, GCP) and containerization technologies (Docker, Kubernetes). Comfortable working with various methodologies & topologies, including DevOps, DevSecOps, SCRUM/Agile, Waterfall, etc.; expertise in threat modeling and risk assessment methodologies. Deep knowledge of application security principles and patterns; understanding of enterprise security architecture frameworks; familiarity with regulatory compliance (SOX, GDPR, HIPAA). Exceptional written and verbal communication abilities with the ability to translate technical risks into business impact; proven track record of influencing technical decisions without direct authority with a background in stakeholder management and consensus building. Experience presenting to and advising Principal technical leadership; experience facilitating workshops and leading architectural discussions; skills in creating compelling security documentation and presentations. Nice to have: security certifications (CISSP, SABSA, TOGAF); healthcare or regulated industries experience; track record of developing security programs or frameworks; public speaking or thought leadership in security.
Location
Location: must be driving distance from our corporate HQ in Westbrook, Maine with a hybrid requirement of 8 days per month on-site. What You Can Expect From Us
Base annual salary target: $150000 to 170000 (flexible if needed) Opportunity for annual cash bonus and yearly equity award Health / Dental / Vision Benefits Day-One 5% matching 401k Additional benefits including but not limited to financial support, pet insurance, mental health resources, volunteer paid days off, employee stock program, foundation donation matching, and more
Employment details
Employment type: Full-time Seniority level: Mid-Senior level Job function: Information Technology
#J-18808-Ljbffr
Join to apply for the
Principal Application Security Engineer
role at
IDEXX Livestock Diagnostics . IDEXX seeks a
Principal Application Security Engineer
to guide and influence secure design practices across IDEXX product portfolio. This consultative role partners with development teams to establish security best practices, provide architectural guidance, and enable teams to build secure products from inception. You'll serve as a trusted advisor rather than a hands-on implementer. This role offers high visibility and the opportunity to shape security culture across IDEXX and influence product security strategy. Responsibilities Strategic Security Consulting: Advising product teams on security architecture decisions and risk trade-offs; facilitating threat modeling workshops and architecture review sessions; providing expert guidance on security patterns and anti-patterns and influencing security strategy across multiple product lines and teams. Security Standards & Governance: Working with IDEXX GRC team to promote security policies, standards, and guidelines for development teams; creating reusable security blueprints and reference architectures; establishing security decision frameworks for common architectural patterns and guiding teams in interpreting and applying compliance requirements. Stakeholder Engagement & Influence: Consulting with product owners, architects, and engineering leads on security risks; presenting security recommendations to technical and business stakeholders and building consensus around security decisions across diverse teams; acting as liaison between Information Security and product development. Security Program Development: Influencing the Product & Application Security program strategy and initiatives; designing security awareness programs tailored to different roles; developing self-service security resources and playbooks; establishing metrics to measure security program effectiveness.
Qualifications
7-10+ years in security consulting, architecture, or advisory roles with experience in application security and implementing SAST, DAST, SCA, etc. In-depth experience performing application security initiatives, including security assessments, threat modeling, and secure code reviews; strong understanding of modern software development practices, cloud computing concepts, and delivery methodologies. Proficiency in security testing tools such as Synopsys, CodeQL, CSPM, etc. Experience with security of cloud workloads (AWS, Azure, GCP) and containerization technologies (Docker, Kubernetes). Comfortable working with various methodologies & topologies, including DevOps, DevSecOps, SCRUM/Agile, Waterfall, etc.; expertise in threat modeling and risk assessment methodologies. Deep knowledge of application security principles and patterns; understanding of enterprise security architecture frameworks; familiarity with regulatory compliance (SOX, GDPR, HIPAA). Exceptional written and verbal communication abilities with the ability to translate technical risks into business impact; proven track record of influencing technical decisions without direct authority with a background in stakeholder management and consensus building. Experience presenting to and advising Principal technical leadership; experience facilitating workshops and leading architectural discussions; skills in creating compelling security documentation and presentations. Nice to have: security certifications (CISSP, SABSA, TOGAF); healthcare or regulated industries experience; track record of developing security programs or frameworks; public speaking or thought leadership in security.
Location
Location: must be driving distance from our corporate HQ in Westbrook, Maine with a hybrid requirement of 8 days per month on-site. What You Can Expect From Us
Base annual salary target: $150000 to 170000 (flexible if needed) Opportunity for annual cash bonus and yearly equity award Health / Dental / Vision Benefits Day-One 5% matching 401k Additional benefits including but not limited to financial support, pet insurance, mental health resources, volunteer paid days off, employee stock program, foundation donation matching, and more
Employment details
Employment type: Full-time Seniority level: Mid-Senior level Job function: Information Technology
#J-18808-Ljbffr