IDEXX Laboratories, Inc
Associate Director, Global Vulnerability Management
IDEXX Laboratories, Inc, Westbrook, Maine, us, 04098
Our cybersecurity and information security teams at IDEXX contribute to a more resilient, adaptable, and security-aware enterprise prepared to navigate today's evolving threat landscape. We have complex, multi-dimensional programs across the organization that support all the technology needed to deliver products and solutions to customers - enabling them to focus on delivering high quality patient care.
The
Associate Director of Global Vulnerability Management
is a senior cybersecurity leader responsible for establishing, maturing, and overseeing IDEXX's global vulnerability management strategy, governance, operations, and supporting technologies. This role ensures the proactive identification, prioritization, and remediation of security vulnerabilities across enterprise infrastructure, cloud environments, product ecosystems, manufacturing operations, and laboratory environments.
This is a ground-floor leadership opportunity to build and scale a global vulnerability management program from the ground up.
You will lead a distributed team of vulnerability management professionals, security engineers, and analysts while partnering closely with IT Operations, Cloud Infrastructure, Engineering, DevSecOps, and business technology leaders to embed vulnerability management into how IDEXX operates-helping teams understand what to remediate, how to remediate, and how to execute consistently.
In this role, you will be responsible for...
Strategic Leadership & Program Ownership
Define and execute IDEXX's global vulnerability management strategy, roadmap, and operating model aligned with NIST CSF, ISO 27001, and CIS Controls
Advise the CISO on vulnerability posture, enterprise risk trends, and risk-reduction strategy
Establish vulnerability lifecycle workflows from discovery through remediation validation, including escalation paths, exceptions, and governance
Develop vulnerability management policies, standards, and remediation SLAs
Define and track KPIs, KRIs, and program success metrics to measure effectiveness, velocity, and maturity
People Leadership & Program Enablement
Lead, mentor, and grow a global team of vulnerability management professionals, security engineers, and analysts
Build sustainable organizational capabilities and a culture of continuous improvement and operational excellence
Manage staffing, performance, career development, and vendor/partner relationships to support program scale and effectiveness
Enterprise Vulnerability Management Operations
Lead enterprise-wide vulnerability identification, assessment, prioritization, and remediation across infrastructure, applications, cloud (AWS, Azure, GCP), endpoints, containers, OT/IoT, manufacturing, and laboratory environments
Establish risk-based prioritization models incorporating exploitability, threat intelligence, asset criticality, and environmental context
Define scanning strategies and integrate vulnerability data from multiple sources including scanners, CSPM, penetration testing, and threat intelligence
Integrate vulnerability management with patching, configuration management, and secure SDLC processes
Technology & Automation
Own and mature vulnerability management platforms (e.g., Tenable, Qualys, Rapid7, Wiz, Snyk) to ensure accuracy, coverage, and scalability
Drive automation, cloud-native capabilities, CI/CD integration, and shift-left practices to improve remediation efficiency and developer enablement
Integrate vulnerability data into orchestration platforms, ticketing systems, and security dashboards
Cross-Functional Partnership & Risk Reduction
Partner with IT Operations, Cloud Infrastructure, Engineering, DevSecOps, and business technology leaders to embed remediation into enterprise workflows
Assess and improve remediation capacity through training, tooling enhancements, and automation
Incorporate threat intelligence and ensure alignment with governance, regulatory, and compliance requirements
Develop remediation playbooks, technical documentation, and provide hands‑on guidance for complex remediation efforts
Metrics, Reporting & Executive Communication
Develop and deliver operational, technical, and executive-level vulnerability reporting and dashboards
Communicate vulnerability posture, trends, and recommendations to the CISO, security leadership, and governance forums
Analyze vulnerability data to identify systemic issues, recurring patterns, and opportunities for proactive risk reduction
What Success Looks Like in the First 12-18 Months
Enterprise-wide vulnerability scanning in place with reliable coverage across all environments
Vulnerability management policies, SLAs, and workflows established and operating consistently
Risk-based prioritization and remediation cycles embedded, with critical vulnerabilities meeting defined SLAs
Strong cross‑functional engagement driving measurable improvements in remediation velocity
Executive reporting in place demonstrating risk reduction, trends, and capacity needs
What You Will Need To Succeed...
Bachelor's degree in Computer Science, Cybersecurity, Information Systems, or a related field-or equivalent professional experience
7+ years of cybersecurity experience, including 5+ years leading enterprise vulnerability management programs
Deep expertise deploying and operating vulnerability management platforms at scale (e.g., Tenable, Qualys, Rapid7, Wiz, Snyk)
Strong knowledge of cloud security and cloud-native vulnerability management across AWS, Azure, and GCP
Proven ability to build and mature vulnerability management programs, establishing processes, workflows, and operational cadence
Demonstrated success partnering with IT Operations, Infrastructure, and Engineering teams to drive remediation outcomes
Excellent communication skills with the ability to translate technical vulnerability data into business risk for executive and technical audiences
Key Competencies:
Strategic, Risk-Based Leadership: Ability to design and scale a vulnerability management program while balancing risk, business needs, and operational constraints
Executive Communication & Influence: Communicates clearly and credibly with audiences ranging from engineers to the CISO and board
Technical Security Depth: Strong understanding of vulnerabilities, remediation techniques, and security across infrastructure, cloud, applications, containers, and OT
Operational Excellence & People Leadership: Builds sustainable global operations through clear ownership, accountability, and continuous improvement
Collaboration & Service Mindset: Trusted partner who enables teams to succeed through pragmatic, service-oriented security practices
Location:
On-site presence required at IDEXX headquarters in Westbrook, Maine, at a minimum of 8 days per month, preferably more.
It would be considered a plus if you have any of this...
Security certifications (e.g., CISSP, CISM, GIAC, CEH)
Experience in regulated or operationally complex environments (e.g., healthcare, biotech, medical devices, manufacturing, laboratories)
Hands‑on experience with DevSecOps, container security, IaC scanning, and CI/CD automation
OT/IoT vulnerability management experience in manufacturing or laboratory environments
Background in patching, configuration management, or IT operations
Scripting or automation skills (e.g., Python, PowerShell, Bash)
Experience with vulnerability scoring, prioritization, and metrics (e.g., CVSS, EPSS, dashboards)
What you can expect from us:
Base annual salary target: $160000 - $190000 (yes, we do have flexibility if needed)
Opportunity for annual cash bonus as well as yearly equity award
Health / Dental / Vision Benefits Day-One
5% matching 401k
Additional benefits including but not limited to financial support, pet insurance, mental health resources, volunteer paid days off, employee stock program, foundation donation matching, and much more!
Why IDEXX? We're proud of the work we do, because our work matters. An innovation leader in every industry we serve, we follow our Purpose and Guiding Principles to help pet owners worldwide keep their companion animals healthy and happy, to ensure safe drinking water for billions, and to help farmers protect livestock and poultry from diseases. We have customers in over 175 countries and a global workforce of over 10,000 talented people.
So, what does that mean for you? We enrich the livelihoods of our employees with a positive and respectful work culture that embraces challenges and encourages learning and discovery. At IDEXX, you will be supported by competitive compensation, incentives, and benefits while enjoying purposeful work that drives improvement.
Let's pursue what matters together.
IDEXX values a diverse workforce and workplace and strongly encourages women, people of color, LGBTQ+ individuals, people with disabilities, members of ethnic minorities, foreign-born residents, and veterans to apply.
IDEXX is an equal opportunity employer. Applicants will not be discriminated against because of race, color, creed, sex, sexual orientation, gender identity or expression, age, religion, national origin, citizenship status, disability, ancestry, marital status, veteran status, medical condition, or any protected category prohibited by local, state, or federal laws.
#LI-EV1
#J-18808-Ljbffr
The
Associate Director of Global Vulnerability Management
is a senior cybersecurity leader responsible for establishing, maturing, and overseeing IDEXX's global vulnerability management strategy, governance, operations, and supporting technologies. This role ensures the proactive identification, prioritization, and remediation of security vulnerabilities across enterprise infrastructure, cloud environments, product ecosystems, manufacturing operations, and laboratory environments.
This is a ground-floor leadership opportunity to build and scale a global vulnerability management program from the ground up.
You will lead a distributed team of vulnerability management professionals, security engineers, and analysts while partnering closely with IT Operations, Cloud Infrastructure, Engineering, DevSecOps, and business technology leaders to embed vulnerability management into how IDEXX operates-helping teams understand what to remediate, how to remediate, and how to execute consistently.
In this role, you will be responsible for...
Strategic Leadership & Program Ownership
Define and execute IDEXX's global vulnerability management strategy, roadmap, and operating model aligned with NIST CSF, ISO 27001, and CIS Controls
Advise the CISO on vulnerability posture, enterprise risk trends, and risk-reduction strategy
Establish vulnerability lifecycle workflows from discovery through remediation validation, including escalation paths, exceptions, and governance
Develop vulnerability management policies, standards, and remediation SLAs
Define and track KPIs, KRIs, and program success metrics to measure effectiveness, velocity, and maturity
People Leadership & Program Enablement
Lead, mentor, and grow a global team of vulnerability management professionals, security engineers, and analysts
Build sustainable organizational capabilities and a culture of continuous improvement and operational excellence
Manage staffing, performance, career development, and vendor/partner relationships to support program scale and effectiveness
Enterprise Vulnerability Management Operations
Lead enterprise-wide vulnerability identification, assessment, prioritization, and remediation across infrastructure, applications, cloud (AWS, Azure, GCP), endpoints, containers, OT/IoT, manufacturing, and laboratory environments
Establish risk-based prioritization models incorporating exploitability, threat intelligence, asset criticality, and environmental context
Define scanning strategies and integrate vulnerability data from multiple sources including scanners, CSPM, penetration testing, and threat intelligence
Integrate vulnerability management with patching, configuration management, and secure SDLC processes
Technology & Automation
Own and mature vulnerability management platforms (e.g., Tenable, Qualys, Rapid7, Wiz, Snyk) to ensure accuracy, coverage, and scalability
Drive automation, cloud-native capabilities, CI/CD integration, and shift-left practices to improve remediation efficiency and developer enablement
Integrate vulnerability data into orchestration platforms, ticketing systems, and security dashboards
Cross-Functional Partnership & Risk Reduction
Partner with IT Operations, Cloud Infrastructure, Engineering, DevSecOps, and business technology leaders to embed remediation into enterprise workflows
Assess and improve remediation capacity through training, tooling enhancements, and automation
Incorporate threat intelligence and ensure alignment with governance, regulatory, and compliance requirements
Develop remediation playbooks, technical documentation, and provide hands‑on guidance for complex remediation efforts
Metrics, Reporting & Executive Communication
Develop and deliver operational, technical, and executive-level vulnerability reporting and dashboards
Communicate vulnerability posture, trends, and recommendations to the CISO, security leadership, and governance forums
Analyze vulnerability data to identify systemic issues, recurring patterns, and opportunities for proactive risk reduction
What Success Looks Like in the First 12-18 Months
Enterprise-wide vulnerability scanning in place with reliable coverage across all environments
Vulnerability management policies, SLAs, and workflows established and operating consistently
Risk-based prioritization and remediation cycles embedded, with critical vulnerabilities meeting defined SLAs
Strong cross‑functional engagement driving measurable improvements in remediation velocity
Executive reporting in place demonstrating risk reduction, trends, and capacity needs
What You Will Need To Succeed...
Bachelor's degree in Computer Science, Cybersecurity, Information Systems, or a related field-or equivalent professional experience
7+ years of cybersecurity experience, including 5+ years leading enterprise vulnerability management programs
Deep expertise deploying and operating vulnerability management platforms at scale (e.g., Tenable, Qualys, Rapid7, Wiz, Snyk)
Strong knowledge of cloud security and cloud-native vulnerability management across AWS, Azure, and GCP
Proven ability to build and mature vulnerability management programs, establishing processes, workflows, and operational cadence
Demonstrated success partnering with IT Operations, Infrastructure, and Engineering teams to drive remediation outcomes
Excellent communication skills with the ability to translate technical vulnerability data into business risk for executive and technical audiences
Key Competencies:
Strategic, Risk-Based Leadership: Ability to design and scale a vulnerability management program while balancing risk, business needs, and operational constraints
Executive Communication & Influence: Communicates clearly and credibly with audiences ranging from engineers to the CISO and board
Technical Security Depth: Strong understanding of vulnerabilities, remediation techniques, and security across infrastructure, cloud, applications, containers, and OT
Operational Excellence & People Leadership: Builds sustainable global operations through clear ownership, accountability, and continuous improvement
Collaboration & Service Mindset: Trusted partner who enables teams to succeed through pragmatic, service-oriented security practices
Location:
On-site presence required at IDEXX headquarters in Westbrook, Maine, at a minimum of 8 days per month, preferably more.
It would be considered a plus if you have any of this...
Security certifications (e.g., CISSP, CISM, GIAC, CEH)
Experience in regulated or operationally complex environments (e.g., healthcare, biotech, medical devices, manufacturing, laboratories)
Hands‑on experience with DevSecOps, container security, IaC scanning, and CI/CD automation
OT/IoT vulnerability management experience in manufacturing or laboratory environments
Background in patching, configuration management, or IT operations
Scripting or automation skills (e.g., Python, PowerShell, Bash)
Experience with vulnerability scoring, prioritization, and metrics (e.g., CVSS, EPSS, dashboards)
What you can expect from us:
Base annual salary target: $160000 - $190000 (yes, we do have flexibility if needed)
Opportunity for annual cash bonus as well as yearly equity award
Health / Dental / Vision Benefits Day-One
5% matching 401k
Additional benefits including but not limited to financial support, pet insurance, mental health resources, volunteer paid days off, employee stock program, foundation donation matching, and much more!
Why IDEXX? We're proud of the work we do, because our work matters. An innovation leader in every industry we serve, we follow our Purpose and Guiding Principles to help pet owners worldwide keep their companion animals healthy and happy, to ensure safe drinking water for billions, and to help farmers protect livestock and poultry from diseases. We have customers in over 175 countries and a global workforce of over 10,000 talented people.
So, what does that mean for you? We enrich the livelihoods of our employees with a positive and respectful work culture that embraces challenges and encourages learning and discovery. At IDEXX, you will be supported by competitive compensation, incentives, and benefits while enjoying purposeful work that drives improvement.
Let's pursue what matters together.
IDEXX values a diverse workforce and workplace and strongly encourages women, people of color, LGBTQ+ individuals, people with disabilities, members of ethnic minorities, foreign-born residents, and veterans to apply.
IDEXX is an equal opportunity employer. Applicants will not be discriminated against because of race, color, creed, sex, sexual orientation, gender identity or expression, age, religion, national origin, citizenship status, disability, ancestry, marital status, veteran status, medical condition, or any protected category prohibited by local, state, or federal laws.
#LI-EV1
#J-18808-Ljbffr