InfoSec Application Security Analyst

IDEXX is seeking a highly skilled and experienced Senior Application Security Analyst to join our dynamic product security team. This role will be instrumental in shaping and implementing our application security strategy, ensuring the integrity and safety of our software products throughout their lifecycle.

This role offers an exciting opportunity to make a significant impact on our product security posture while working with cutting-edge technologies in a dynamic environment.

In this role, you will…

• Perform application security initiatives, including security assessments, threat modeling, and secure code reviews.
•  Integrate security practices into the DevOps pipeline, focusing on automation and "security as code" principles.
• Implement and manage security testing tools, including SAST, DAST, and SCA.
• Collaborate with development teams, product owners, and other stakeholders to ensure security requirements are met throughout the SDLC.
• Provide expert guidance on secure development practices and conduct security training for development teams.
• Evaluate and recommend security tools and technologies to enhance our application security posture.
• Perform threat assessments and provide actionable recommendations to mitigate identified vulnerabilities.
• Stay current with emerging threats, industry trends, and regulatory requirements, incorporating this knowledge into our security strategy.
• Contribute to the development of security policies, standards, and best practices.
• Mentor junior team members and foster a culture of security awareness across the organization.

What you will need to succeed:

• 6+ years of experience in application security, with at least 2 years implementing SAST, DAST, SCA, etc.
• Bachelor's degree in Computer Science, Information Security, or related field; Master's degree preferred, or equivalent experience.
• Strong understanding of modern software development practices, cloud computing concepts, and delivery methodologies.
• Proficiency in security testing tools such as Synopsys, CodeQL, CSPM, etc.
• Experience with security of cloud workloads (AWS, Azure, GCP) and containerization technologies (Docker, Kubernetes).
• Comfortable working with various methodologies & topologies, including DevOps, DevSecOps, SCRUM/Agile, Waterfall, etc.
• In-depth knowledge of web application vulnerabilities and common attack vectors.
• Familiarity with industry standards and frameworks (OWASP, NIST, ISO 27001).
• Strong analytical and problem-solving skills with attention to detail.
• Excellent communication skills, both written and verbal, with the ability to articulate complex security concepts to technical and non-technical audiences.
• Strategic thinking and ability to align security initiatives with business objectives.
• Proactive approach to identifying and addressing security risks.
• Collaborative mindset with strong interpersonal skills.
• Adaptability to rapidly changing technology landscapes and security threats
• Passion for continuous learning and staying updated on the latest security trends.

Why IDEXX?

We’re proud of the work we do, because our work matters. An innovation leader in every industry we serve, we follow our Purpose and Guiding Principles to help pet owners worldwide keep their companion animals healthy and happy, to ensure safe drinking water for billions, and to help farmers protect livestock and poultry from diseases. We have customers in over 175 countries and a global workforce of over 10,000 talented people.

So, what does that mean for you? We enrich the livelihoods of our employees with a positive and respectful work culture that embraces challenges and encourages learning and discovery.   At IDEXX, you will be supported by competitive compensation, incentives, and benefits while enjoying purposeful work that drives improvement. 

Let’s pursue what matters together.

IDEXX values a diverse workforce and workplace and strongly encourages women, people of color, LGBTQ+ individuals, people with disabilities, members of ethnic minorities, foreign-born residents, and veterans to apply.

IDEXX is an equal opportunity employer. Applicants will not be discriminated against because of race, color, creed, sex, sexual orientation, gender identity or expression, age, religion, national origin, citizenship status, disability, ancestry, marital status, veteran status, medical condition, or any protected category prohibited by local, state, or federal laws.

#LI-REMOTE