Cloud Security Engineer

About the position

IDEXX Laboratories is seeking a talented Cloud Security Engineer to strengthen our multi-cloud security posture and lead our Cloud Security Posture Management (CSPM) initiatives. In this role, you will be responsible for developing and implementing security guidance, monitoring solutions, and providing remediation guidance across our AWS, Azure, and Google Cloud Platform environments. The ideal candidate will combine strong technical cloud security expertise with the ability to collaborate across teams to establish a secure cloud foundation. As a Cloud Security Engineer at IDEXX, you will play a critical role in securing our expanding multi-cloud footprint. You will lead the implementation and refinement of CSPM tools, develop cloud security standards, establish comprehensive compliance monitoring, and providing remediation guidance. This position requires expertise across major cloud platforms and the ability to establish security capabilities that enable business innovation while maintaining a strong security posture. If you love working in a highly collaborative environment at the forefront of cloud security technology to protect critical systems with the opportunity to shape our cloud security strategy and practices, then this could be the right fit for you!

Responsibilities

• Lead the implementation, refinement, and optimization of Cloud Security Posture Management (CSPM) solutions across our multi-cloud environment
• Define, implement, and maintain cloud security baseline configurations for AWS, Azure, and Google Cloud Platform
• Establish continuous monitoring of cloud security posture and detect potential drift from secure baselines
• Design and implement real-time alerting for cloud security issues and misconfigurations
• Evaluate, recommend, and implement remediation capabilities for common cloud security issues
• Develop comprehensive cloud security guidance and best practices tailored to each cloud platform
• Establish automated compliance monitoring against industry standards (CIS, NIST, etc.) and internal policies
• Create and maintain reporting dashboards and metrics
• Work with teams to ensure cloud environments meet regulatory requirements
• Identify security architecture patterns for cloud deployments that meet compliance requirements
• Collaborate with cloud engineering, DevOps, and application teams to implement security controls
• Implement cloud-native security services and third-party security solutions
• Review infrastructure-as-code templates and patterns for security concerns
• Provide cloud security expertise for new cloud initiatives and migrations
• Educate development and operations teams on cloud security best practices
• Collaborate with the Security Champions program to promote cloud security awareness
• Document cloud security architecture, configurations, and processes
• Stay current with emerging cloud security threats, tools, and techniques
• Contribute to the overall security program maturity

Requirements

• Bachelor's degree in Computer Science, Information Security, or related field, or equivalent work experience
• 5+ years of experience in information security, with at least 3 years focused on cloud security
• Hands-on experience securing environments in at least two major cloud platforms (AWS, Azure, GCP)
• Experience implementing and managing Cloud Security Posture Management (CSPM) solutions
• Strong understanding of cloud service provider security services and features
• Knowledge of compliance frameworks and security standards (CIS, NIST, ISO, etc.)
• Experience with infrastructure-as-code and security-as-code implementations
• Familiarity with containerization technologies and their security implications
• Strong scripting and automation skills (Python, PowerShell, Bash, etc.)

Nice-to-haves

• Security certifications (CCSP, AWS Security Specialty, Azure Security Engineer, GCP Professional Cloud Security Engineer, etc.)
• Experience with cloud-native security tools and services
• Knowledge of identity and access management across cloud platforms
• Experience with security monitoring, logging, and SIEM integration
• Background in DevSecOps practices and tooling
• Experience implementing Zero Trust architectures in cloud environments
• Knowledge of threat modeling and secure architecture design

Benefits

• Base annual salary target: $120000 - $140000 (yes, we do have flexibility if needed)
• Opportunity for annual cash bonus
• Health / Dental / Vision Benefits Day-One
• 5% matching 401k
• Additional benefits including but not limited to financial support, pet insurance, mental health resources, volunteer paid days off, employee stock program, foundation donation matching, and much more!