IDEXX is an innovation leader in the healthcare industry, seeking a Principal Platform Engineer (DevOps) to lead the design and architecture of AWS, GitHub Enterprise, and Terraform Cloud environments. The role involves mentoring engineers, driving technical decisions, and shaping platform standards within a collaborative, agile team.
Responsibilities:
- Own the design and architecture of platform capabilities across AWS Organizations, GitHub Enterprise, Terraform Cloud, and JFrog Artifactory — balancing developer experience with security and compliance requirements
- Architect and implement complex AWS Organizations structures: multi-account governance, secure account configuration, SCP strategy, permission boundaries, and account vending pipelines that scale with IDEXX’s growth
- Lead the design of GitHub Enterprise configurations, policies, and automation — ensuring the platform is both highly usable for developers and meets InfoSec and Compliance standards
- Define Terraform Cloud platform standards: workspace architecture, Sentinel policy frameworks, module registry strategy, and state management patterns
- Support engineering teams in adopting secure artifact and dependency hosting within JFrog Artifactory
- Write and review production-quality Python — setting the standard for code quality, testing practices, and maintainability on the team
- Lead and participate in pair programming and code review; your engagement elevates the quality and design thinking of the whole team
- Identify platform gaps and technical debt and drive initiatives to address them through the backlog and sprint process
- Mentor and coach Senior and mid-level Platform Engineers — providing technical guidance, code feedback, and career development support
- Model collaborative engineering practices: pairing, documentation, incremental delivery, and open communication
- Help onboard new team members and accelerate their ramp-up on platform tooling, codebases, and team norms
- Partner closely with the Platform Lead Engineer and Platform Agile Practitioner to shape backlog refinement, define acceptance criteria for complex work, and ensure technical clarity before work enters a sprint
- Collaborate with the Platform Engineering Manager and Platform Product Owner to influence prioritization of technically complex or high-impact work
- Drive architectural discussions and lightweight design reviews within the team sprint cycle — keeping the team moving without creating heavyweight process
- Break down ambiguous, cross-team platform problems into well-scoped deliverables
- Engage with senior engineers and technical leads across IDEXX’s software and DevOps teams to understand complex, cross-cutting platform requirements
- Navigate competing customer needs and make principled trade-offs between developer experience, security posture, and platform complexity
- Act as a trusted technical advisor to internal teams on platform capabilities, patterns, and best practices
Requirements:
- 8+ years of experience in platform engineering, DevOps, or infrastructure software engineering, with demonstrated growth in scope and ownership over time
- Subject matter expertise in CloudFormation and Terraform
- Fluency in Python — you write it fluently, review it critically, and set the standard for quality and design on the team
- Deep expertise with AWS Organizations: SCP strategy, account governance, landing zone design (Control Tower or equivalent), and multi-account security architecture
- Advanced GitHub Enterprise administration experience: organization-wide policy design, GitHub Actions at scale, security configuration, and API-driven automation
- Strong Terraform Cloud expertise: workspace and state architecture, Sentinel policy framework design, module publishing, and governance patterns
- A track record of mentoring or growing other engineers — technically and professionally
- Proven ability to handle ambiguous, cross-team problems independently and drive them to clear, well-implemented solutions
- Strong agile collaboration skills: you know how to work within a sprint team, shape a backlog, and deliver iteratively without losing sight of long-term platform health
- Excellent communication skills — you can engage confidently with engineers, managers, InfoSec, and Compliance teams alike
- A collaborative mindset by default — you don't go it alone, and you don't let others go it alone either
- Experience with native AWS management tools, such as AWS Control Tower, AWS Config, or AWS Security Hub at an organizational scale
- Experience using CloudFormation StackSets to distribute standardized resource configurations
- Experience designing policy-as-code frameworks using Sentinel or OPA/Rego
- Experience with identity federation principals in enterprise environments to support single sign-on access, including working knowledge of Entra ID (formerly Azure AD)
- Experience with developer portal or internal tooling frameworks (e.g., Backstage, AWS Service Catalog)
- AWS professional or specialty certification
- Background working in regulated industries (SOC 2, ISO 27001, HIPAA, FedRAMP, or similar)
- Experience contributing to or influencing engineering standards across a broader organization