As a
Principal Platform Engineer (DevOps), you bring deep technical ownership to IDEXX's internal developer platforms - shaping the direction of our AWS, GitHub Enterprise, Terraform Cloud, and JFrog Artifactory environments alongside a close-knit agile team. You lead from within the team: writing production Python, mentoring engineers, driving technical decisions, and solving the most complex cross-team platform challenges. You are the go-to person for the hardest problems, the most ambiguous requirements, and the broadest platform questions - and you make the engineers around you better in the process.
In this role...You will be responsible for Platform Development & Technical Leadership:- Own the design and architecture of platform capabilities across AWS Organizations, GitHub Enterprise, Terraform Cloud, and JFrog Artifactory - balancing developer experience with security and compliance requirements.
- Architect and implement complex AWS Organizations structures: multi-account governance, secure account configuration, SCP strategy, permission boundaries, and account vending pipelines that scale with IDEXX's growth.
- Lead the design of GitHub Enterprise configurations, policies, and automation - ensuring the platform is both highly usable for developers and meets InfoSec and Compliance standards.
- Define Terraform Cloud platform standards: workspace architecture, Sentinel policy frameworks, module registry strategy, and state management patterns.
- Support engineering teams in adopting secure artifact and dependency hosting within JFrog Artifactory
- Write and review production-quality Python - setting the standard for code quality, testing practices, and maintainability on the team.
- Lead and participate in pair programming and code review; your engagement elevates the quality and design thinking of the whole team.
- Identify platform gaps and technical debt and drive initiatives to address them through the backlog and sprint process.
You will be a mentor, fostering Team Growth:- Mentor and coach Senior and mid-level Platform Engineers - providing technical guidance, code feedback, and career development support.
- Model collaborative engineering practices: pairing, documentation, incremental delivery, and open communication.
- Help onboard new team members and accelerate their ramp-up on platform tooling, codebases, and team norms.
You will have Agile Team Participation:- Partner closely with the Platform Lead Engineer and Platform Agile Practitioner to shape backlog refinement, define acceptance criteria for complex work, and ensure technical clarity before work enters a sprint.
- Collaborate with the Platform Engineering Manager and Platform Product Owner to influence prioritization of technically complex or high-impact work.
- Drive architectural discussions and lightweight design reviews within the team sprint cycle - keeping the team moving without creating heavyweight process.
- Break down ambiguous, cross-team platform problems into well-scoped deliverables.
You will engage with Internal Customer Partnerships:- Engage with senior engineers and technical leads across IDEXX's software and DevOps teams to understand complex, cross-cutting platform requirements.
- Navigate competing customer needs and make principled trade-offs between developer experience, security posture, and platform complexity.
- Act as a trusted technical advisor to internal teams on platform capabilities, patterns, and best practices.
What You Need to Succeed...- 8+ years of experience in platform engineering, DevOps, or infrastructure software engineering, with demonstrated growth in scope and ownership over time.
- Subject matter expertise in CloudFormation and Terraform
- Fluency in Python - you write it fluently, review it critically, and set the standard for quality and design on the team.
- Deep expertise with AWS Organizations: SCP strategy, account governance, landing zone design (Control Tower or equivalent), and multi-account security architecture.
- Advanced GitHub Enterprise administration experience: organization-wide policy design, GitHub Actions at scale, security configuration, and API-driven automation.
- Strong Terraform Cloud expertise: workspace and state architecture, Sentinel policy framework design, module publishing, and governance patterns.
- A track record of mentoring or growing other engineers - technically and professionally.
- Proven ability to handle ambiguous, cross-team problems independently and drive them to clear, well-implemented solutions.
- Strong agile collaboration skills: you know how to work within a sprint team, shape a backlog, and deliver iteratively without losing sight of long-term platform health.
- Excellent communication skills - you can engage confidently with engineers, managers, InfoSec, and Compliance teams alike.
- A collaborative mindset by default - you don't go it alone, and you don't let others go it alone either.
Nice to Have...- Experience with native AWS management tools, such as AWS Control Tower, AWS Config, or AWS Security Hub at an organizational scale.
- Experience using CloudFormation StackSets to distribute standardized resource configurations
- Experience designing policy-as-code frameworks using Sentinel or OPA/Rego.
- Experience with identity federation principals in enterprise environments to support single sign-on access, including working knowledge of Entra ID (formerly Azure AD)
- Experience with developer portal or internal tooling frameworks (e.g., Backstage, AWS Service Catalog).
- AWS professional or specialty certification.
- Background working in regulated industries (SOC 2, ISO 27001, HIPAA, FedRAMP, or similar).
- Experience contributing to or influencing engineering standards across a broader organization.
Technologies You'll Work With...Amazon Web Services and AWS Organizations (SCPs, IAM, Control Tower), GitHub Enterprise, Terraform Cloud, JFrog Artifactory, Python, CloudFormation, Git
Location: We prefer you to be driving distance to our Westbrook, Maine Headquarters where we require a flexible hybrid 8 days per month on-site. Alternatively, we are also open to those in NH or MA who can visit the HQ less frequently.
What you can expect from us:• Base annual salary target: $120000 - $140000 (yes, we do have flexibility if needed)
• Opportunity for annual cash bonus
• Health / Dental / Vision Benefits Day-One
• 5% matching 401k
• Additional benefits including but not limited to financial support, pet insurance, mental health resources, volunteer paid days off, employee stock program, foundation donation matching, and much more!
