Manager of Data Security, Cybersecurity InfoSec

Our cyber security and information security teams at IDEXX contribute to a more resilient, adaptable, and security‑aware enterprise prepared to navigate today’s evolving threat landscape. We have complex, multi‑dimensional programs across the organization that support all the technology needed to deliver products and solutions to customers – enabling them to focus on delivering high quality patient care.

Responsible for driving the execution of IDEXX’s enterprise Data Security program, translating strategy into measurable outcomes across data visibility, protection, and operationalization. Partners across Security, Data Engineering, Cloud, and the business to ensure that sensitive data is identified, governed, and protected consistently across platforms including Snowflake, M365, Box, and custom applications. This is a program leadership role—not a hands‑on engineering or SOC role—focused on delivery, coordination, and outcomes, not platform ownership or day‑to‑day operations.

• Own the end‑to‑end delivery of the Data Security roadmap, including data discovery & visibility (DSPM), DLP/CASB rollout (M365, Box, endpoint), data platform protections (Snowflake, Databricks), application data protection enablement (AWS‑first)
• Translate strategy into phased execution plans, milestones, and deliverables
• Manage cross‑functional dependencies and ensure program momentum and accountability

• Partner with Data Engineering (Snowflake, Databricks, Alation), Security Operations (SOC), Cloud & Application teams (AWS, Azure, GCP), IT and collaboration platforms (M365, Box)
• Coordinate delivery across teams to ensure controls are implemented consistently
• Serve as the primary point of accountability for program progress

• Drive rollout of a Data Management Policy (classification, handling, exceptions)
• Establish and operationalize data owner accountability
• Lead governance forums and ensure policy adoption across the enterprise
• Ensure alignment with privacy, legal, and regulatory expectations (HIPAA, GDPR, etc.)

• Ensure DLP controls are implemented effectively, tuned for usability, and integrated into SOC workflows
• Lead rollout of insider threat detection use cases: data exfiltration (M365, Box), high‑risk data exports (Snowflake), suspicious identity activity (Entra )

• Define and track program success metrics: data visibility coverage, risk reduction (exposure remediation), DLP effectiveness (signal quality), adoption of controls and policies
• Drive continuous improvement through feedback loops with SOC, engineering, and data teams

• 7–10 years experience in cybersecurity, data security, or cloud security programs
• Proven experience driving cross‑functional security or risk programs in complex environments
• Experience delivering initiatives involving data discovery/classification (DSPM or similar), data protection controls (DLP/CASB, platform controls)
• Experience in cloud data environments (AWS preferred; Snowflake or analytics platforms strongly preferred)
• Leadership experience: 3‑5 years building and managing a team
• Demonstrated ability to translate strategy into execution, coordinate across engineering, security, and business teams, and drive outcomes without direct authority over all stakeholders
• Bachelor’s degree in Computer Science, Cybersecurity, Engineering, or related technical field; or equivalent professional experience
• Location:
  
  Remote allowed, preference for EST and CST time zones, local/driving distance to Westbrook, Maine or willingness to relocate

• Familiarity with modern data platforms (Snowflake, Databricks), identity systems (Entra ), collaboration tools (M365, Box) and cloud environments (AWS, Azure, GCP)
• Understanding of data classification, governance, and protection concepts, DLP/CASB and insider risk patterns
• Working knowledge of regulatory frameworks (HIPAA, GDPR, etc.)

• Experience implementing DSPM or enterprise data security…