Security Enablement Lead – Information Security

Security Enablement Lead – Information Security

Requirements

• Bachelor’s degree in Computer Science, Information Security, or related field, or equivalent work experience
• 3 to 5+ years of experience in information security, with specific focus on application security, secure development practices, or security program implementation
• Demonstrated experience developing and delivering security training or education programs
• Strong understanding of SDLC processes and secure coding principles
• Excellent communication, presentation, and interpersonal skills
• Ability to translate complex security concepts for technical and non-technical audiences
• Program management experience with demonstrated success in building and scaling initiatives
• Knowledge of security frameworks and standards (OWASP, NIST, CIS, etc.)

Responsibilities

• Lead the day-to-day operation and evolution of the Security Champions program
• Recruit, onboard, and support a growing network of security champions embedded within product and application delivery teams
• Coordinate specialized security training, certification opportunities, and regular briefings on security trends and threats
• Establish and maintain a community platform for knowledge sharing and collaboration
• Track and report on program success metrics including security defect identification rates, resolution times, and team awareness levels
• Act as the primary liaison between security champions and the security organization
• Drive the program to full operational status by Q4 2025 as outlined in our roadmap
• Facilitate recognition for champion contributions to security initiatives
• Support development of a comprehensive security engineering framework based on industry standards (OWASP SAMM, CIS Benchmarks, CMU SEF)
• Implement a role-based security training curriculum for technical personnel (developers, architects, testers)
• Communicate security controls across the development lifecycle
• Establish security assessment methods for application architectures
• Implement training needs assessment, curriculum development, and module launches
• Design and deliver education programs on secure development practices
• Build awareness campaigns to promote security best practices
• Measure and report on training effectiveness using established metrics
• Collaborate with InfoSec, IT Operations, and product delivery teams to align security objectives
• Provide guidance on security best practices to development teams
• Support security requirement implementation and vulnerability management initiatives
• Identify opportunities to enhance security processes and tools
• Contribute to the continued development of the security culture at IDEXX

Preferred Qualifications

• Security certification (CISSP, CSSLP, Security+, etc.)
• Experience implementing or managing a Security Champions program
• Background in training, education, or knowledge management
• Knowledge of cloud security concepts across major platforms (AWS, Azure, GCP)
• Knowledge of security tooling (SAST, DAST, SCA, etc.)
• Knowledge of vulnerability management processes
• Experience working in regulated industries