Data Security Program Lead

Our cyber security and information security teams at IDEXX contribute to a more resilient, adaptable, and security-aware enterprise prepared to navigate today’s evolving threat landscape. We have complex, multi-dimensional programs across the organization that support all the technology needed to deliver products and solutions to customers - enabling them to focus on delivering high quality patient care.

The Data Security Program Lead is responsible for driving the execution of IDEXX’s enterprise Data Security program, translating strategy into measurable outcomes across data visibility, protection, and operationalization.

This role partners across Security, Data Engineering, Cloud, and the business to ensure that sensitive data is identified, governed, and protected consistently across platforms including Snowflake, M365, Box, and custom applications.

This is a program leadership role—not a hands-on engineering or SOC role—focused on delivery, coordination, and outcomes, not platform ownership or day-to-day operations.

In this role, you will be responsible for…

Data Security Program Execution where you will own the end-to-end delivery of the Data Security roadmap, including:

• Data discovery & visibility (DSPM)
• DLP/CASB rollout (M365, Box, endpoint)
• Data platform protections (Snowflake, Databricks)
• Application data protection enablement (AWS-first)
• Translate strategy into phased execution plans, milestones, and deliverables
• Manage cross-functional dependencies and ensure program momentum and accountability

Cross-Functional Coordination & Delivery where you will partner with:

• Data Engineering (Snowflake, Databricks, Alation)
• Security Operations (SOC) (DLP triage, insider threat response)
• Cloud & Application teams (AWS, Azure, GCP)
• IT and collaboration platforms (M365, Box)
• Coordinate delivery across teams to ensure controls are implemented consistently
• Serve as the primary point of accountability for program progress

Governance & Data Owner Engagement

• Drive rollout of a Data Management Policy (classification, handling, exceptions)
• Establish and operationalize data owner accountability
• Lead governance forums and ensure policy adoption across the enterprise
• Ensure alignment with privacy, legal, and regulatory expectations (HIPAA, GDPR, etc.)

DLP & Insider Risk Operationalization

• Ensure DLP controls are:  implemented effectively, tuned for usability (reduce false positives), and integrated into SOC workflows
• Lead rollout of insider threat detection use cases: Data exfiltration (M365, Box), High-risk data exports (Snowflake) and Suspicious identity activity (Entra ID)

Metrics, Reporting & Continuous Improvement

• Define and track program success metrics, including: Data visibility coverage, Risk reduction (exposure remediation), DLP effectiveness (signal quality) and adoption of controls and policies
• Drive continuous improvement through feedback loops with: SOC, Engineering and Data teams

What You Will Need to Succeed:

• 7–10 years experience in cybersecurity, data security, or cloud security programs
• Proven experience driving cross-functional security or risk programs in complex environments
• Experience delivering initiatives involving: Data discovery/classification (DSPM or similar), Data protection controls (DLP/CASB, platform controls)
• Experience in cloud data environments (AWS preferred; Snowflake or analytics platforms strongly preferred)
• Leadership: 3-5 years of experience in building and managing a team
• Demonstrated ability to translate strategy into execution, coordinate across engineering, security, and business teams and drive outcomes without direct authority over all stakeholders
• Bachelor's degree in Computer Science, Cybersecurity, Engineering, or related technical field; or equivalent professional experience
• Location: We are fine with 100% remote/virtual for this role, with a preference for EST and CST time zones. Preferred is local/driving distance to Westbrook, Maine or being open to relocation.

Technical and Domain Understanding

• Familiarity with: Modern data platforms (Snowflake, Databricks), Identity systems (Entra ID), Collaboration tools (M365, Box) and Cloud environments (AWS, Azure, GCP)
• Understanding of: Data classification, governance, and protection concepts, Data loss prevention (DLP/CASB) and insider risk patterns
• Working knowledge of regulatory frameworks (HIPAA, GDPR, etc.)

It would be a plus if you had any of these….

• Experience implementing DSPM or enterprise data security programs
• Background working with data engineering or analytics organizations
• Experience with Snowflake security controls or data catalog integration (e.g., Alation)
• Advanced certifications such as CISSP, CISSP-ISSAP, CISM, CCSP, or equivalent
• Experience working in life sciences, medical diagnostics, healthcare, or other regulated data environments
• Background in data governance, cataloging, classification programs, or enterprise data management
• Experience leveraging AI/ML in cybersecurity operations or anomaly detection

What you can expect from us:

• Base annual salary target: $160000 - $180000 (yes, we do have flexibility if needed)
• Opportunity for annual cash bonus and yearly equity award
• Health / Dental / Vision Benefits Day-One
• 5% matching 401k
• Additional benefits including but not limited to financial support, pet insurance, mental health resources, volunteer paid days off, employee stock program, foundation donation matching, and much more!

Why IDEXX?

We’re proud of the work we do, because our work matters. An innovation leader in every industry we serve, we follow our Purpose and Guiding Principles to help pet owners worldwide keep their companion animals healthy and happy, to ensure safe drinking water for billions, and to help farmers protect livestock and poultry from diseases. We have customers in over 175 countries and a global workforce of over 10,000 talented people.

So, what does that mean for you? We enrich the livelihoods of our employees with a positive and respectful work culture that embraces challenges and encourages learning and discovery.   At IDEXX, you will be supported by competitive compensation, incentives, and benefits while enjoying purposeful work that drives improvement.

Let’s pursue what matters together.

IDEXX values a diverse workforce and workplace and strongly encourages women, people of color, LGBTQ+ individuals, people with disabilities, members of ethnic minorities, foreign-born residents, and veterans to apply.

IDEXX is an equal opportunity employer. Applicants will not be discriminated against because of race, color, creed, sex, sexual orientation, gender identity or expression, age, religion, national origin, citizenship status, disability, ancestry, marital status, veteran status, medical condition, or any protected category prohibited by local, state, or federal laws.

#LI-REMOTE