Security Operations Engineer

Island•Coppell, TX

12h•Onsite

About The Position

Island is the ideal environment for enterprise work, where security is everywhere without ever getting in the way. The Island Enterprise Platform unifies AI enablement, network access, data protection, identity, and endpoint control into one coherent workspace—so organizations get universal visibility and control, and users get a fast, fluid, beautifully simple experience. It’s not just a better way to secure work. It’s a better way to work. Backed by investors like Coatue Management, Insight Partners, and Sequoia Capital, and trusted by some of the largest, most respected enterprises on the planet, Island is redefining what the modern workplace can be. Come join us in building something that’s already changing how the world works. We’re looking for a Security Operations Engineer who will own the day-to-day operation and continuous improvement of our vulnerability and compliance scanning program. This person will play a critical role in strengthening Island’s security posture across both commercial and FedRAMP environments, ensuring we meet the rigorous standards required by government and enterprise customers. You will drive scanning operations across the stack, partner closely with compliance and engineering teams, and help scale our security tooling and processes as we grow. This is a strong entry point into a fast-moving product security team, with clear opportunities for expanded ownership and impact over time. Note: This position is 100% in-office at our Coppell, TX headquarters near Dallas (Monday through Friday). We believe collaboration and culture thrive face-to-face, and we can’t wait to welcome you to the team.

Requirements

1–3 years of experience in security operations, IT security, or a related field (or equivalent hands-on experience through internships, labs, or personal projects)
Hands-on familiarity with vulnerability scanning tools such as Burp Suite, Nessus, Tenable, or similar (experience with at least one required)
Basic understanding of AWS cloud infrastructure and containerized environments (Kubernetes, Docker, Chainguard)
Exposure to structured compliance environments; familiarity with FedRAMP, NIST 800-53, or similar frameworks is a strong plus
Strong organizational skills with the ability to manage multiple open findings and parallel workstreams
A curious, self-driven mindset with a desire to expand beyond a defined lane over time
Scripting or automation skills (Python, Bash) are a plus
Clear and effective communication skills across Slack, Zoom, and email in a distributed team environment
US citizenship and ability to work within FedRAMP-regulated environments
Ability to work onsite in Dallas, TX

Nice To Haves

Experience with Wiz
Familiarity with FedRAMP, NIST 800-53, or similar frameworks
Scripting or automation skills (Python, Bash)

Responsibilities

Operate and maintain vulnerability scanning tools across web applications (Burp Suite), infrastructure/network (Nessus), and container/runtime environments (Sysdig), with exposure to Wiz as a plus
Run scans on a regular cadence and on-demand for releases, audits, and special initiatives
Support FedRAMP continuous monitoring (ConMon) activities across US GovCloud environments
Assist with evidence collection and compliance tracking, including familiarity with NIST 800-53 controls and tools like eMASS
Triage scan results, identify and filter false positives, prioritize findings by risk, and open/track remediation tickets in Jira
Partner with engineering teams to ensure SLA adherence and timely remediation
Produce reports and compliance artifacts for internal stakeholders and external auditors
Contribute to and maintain the compliance evidence repository
Improve scanning workflows through automation, scheduling, alerting, and result normalization
Collaborate closely with the SecOps Lead and broader product security team, contributing to sprint planning and cross-functional initiatives