Data Security Program Lead

Benefits

Additional Information

Our cyber security and information security teams at IDEXX contribute to a more resilient, adaptable, and security-aware enterprise prepared to navigate today's evolving threat landscape. We have complex, multi-dimensional programs across the organization that support all the technology needed to deliver products and solutions to customers - enabling them to focus on delivering high quality patient care. The Data Security Program Lead is responsible for driving the execution of IDEXX's enterprise Data Security program , translating strategy into measurable outcomes across data visibility, protection, and operationalization. This role partners across Security, Data Engineering, Cloud, and the business to ensure that sensitive data is identified, governed, and protected consistently across platforms including Snowflake, M365, Box, and custom applications. This is a program leadership role-not a hands-on engineering or SOC role -focused on delivery, coordination, and outcomes , not platform ownership or day-to-day operations. In this role, you will be responsible for... Data Security Program Execution where you will own the end-to-end delivery of the Data Security roadmap, including: Data discovery & visibility (DSPM) DLP/CASB rollout (M365, Box, endpoint) Data platform protections (Snowflake, Databricks) Application data protection enablement (AWS-first) Translate strategy into phased execution plans, milestones, and deliverables Manage cross-functional dependencies and ensure program momentum and accountability Cross-Functional Coordination & Delivery where you will partner with: Data Engineering (Snowflake, Databricks, Alation) Security Operations (SOC) (DLP triage, insider threat response) Cloud & Application teams (AWS, Azure, GCP) IT and collaboration platforms (M365, Box) Coordinate delivery across teams to ensure controls are implemented consistently Serve as the primary point of accountability for program progress Governance & Data Owner Engagement Drive rollout of a Data Management Policy (classification, handling, exceptions) Establish and operationalize data owner accountability Lead governance forums and ensure policy adoption across the enterprise Ensure alignment with privacy, legal, and regulatory expectations (HIPAA, GDPR, etc.) DLP & Insider Risk Operationalization Ensure DLP controls are: implemented effectively, tuned for usability (reduce false positives), and integrated into SOC workflows Lead rollout of insider threat detection use cases : Data exfiltration (M365, Box), High-risk data exports (Snowflake) and Suspicious identity activity (Entra ID) Metrics, Reporting & Continuous Improvement Define and track program success metrics, including: Data visibility coverage, Risk reduction (exposure remediation), DLP effectiveness (signal quality) and adoption of controls and policies Drive continuous improvement through feedback loops with: SOC, Engineering and Data teams What You Will Need to Succeed: 7-10 years experience in cybersecurity, data security, or cloud security programs Proven experience driving cross-functional security or risk programs in complex environments Experience delivering initiatives involving: Data discovery/classification (DSPM or similar), Data protection controls (DLP/CASB, platform controls) Experience in cloud data environments (AWS preferred; Snowflake or analytics platforms strongly preferred) Leadership : 3-5 years of experience in building and managing a team Demonstrated ability to translate strategy into execution , c oordinate across engineering, security, and business teams and drive outcomes without direct authority over all stakeholders Bachelor's degree in Computer Science, Cybersecurity, Engineering, or related technical field; or equivalent professional experience Location: We are fine with 100% remote/virtual for this role , with a preference for EST and CST time zones. Preferred is local/driving distance to Westbrook, Maine or being open to relocation. Technical and Domain Understanding Familiarity with: Modern data platforms (Snowflake, Databricks), Identity systems (Entra ID), Collaboration tools (M365, Box) and Cloud environments (AWS, Azure, GCP) Understanding of: Data classification, governance, and protection concepts, Data loss prevention (DLP/CASB) and insider risk patterns Working knowledge of regulatory frameworks (HIPAA, GDPR, etc.) It would be a plus if you had any of these.... Experience implementing DSPM or enterprise data security programs Background working with data engineering or analytics organizations Experience with Snowflake security controls or data catalog integration (e.g., Alation) Advanced certifications such as CISSP, CISSP-ISSAP, CISM, CCSP, or equivalent Experience working in life sciences, medical diagnostics, healthcare, or other regulated data environments Background in data governance, cataloging, classification programs, or enterprise data management Experience leveraging AI/ML in cybersecurity operatio

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at idexx? Share your experience