DescriptionThe RoleWe're looking for a Security Operations Engineer who will own the day-to-day operation and continuous improvement of our vulnerability and compliance scanning program. This person will play a critical role in strengthening Island's security posture across both commercial and FedRAMP environments, ensuring we meet the rigorous standards required by government and enterprise customers.
You will drive scanning operations across the stack, partner closely with compliance and engineering teams, and help scale our security tooling and processes as we grow. This is a strong entry point into a fast-moving product security team, with clear opportunities for expanded ownership and impact over time.
Note: This position is 100% in-office at our Coppell, TX headquarters near Dallas (Monday through Friday). We believe collaboration and culture thrive face-to-face, and we can't wait to welcome you to the team.
What You'll Do- Operate and maintain vulnerability scanning tools across web applications (Burp Suite), infrastructure/network (Nessus), and container/runtime environments (Sysdig), with exposure to Wiz as a plus
- Run scans on a regular cadence and on-demand for releases, audits, and special initiatives
- Support FedRAMP continuous monitoring (ConMon) activities across US GovCloud environments
- Assist with evidence collection and compliance tracking, including familiarity with NIST 800-53 controls and tools like eMASS
- Triage scan results, identify and filter false positives, prioritize findings by risk, and open/track remediation tickets in Jira
- Partner with engineering teams to ensure SLA adherence and timely remediation
- Produce reports and compliance artifacts for internal stakeholders and external auditors
- Contribute to and maintain the compliance evidence repository
- Improve scanning workflows through automation, scheduling, alerting, and result normalization
- Collaborate closely with the SecOps Lead and broader product security team, contributing to sprint planning and cross-functional initiatives
What You Bring- 1-3 years of experience in security operations, IT security, or a related field (or equivalent hands-on experience through internships, labs, or personal projects)
- Hands-on familiarity with vulnerability scanning tools such as Burp Suite, Nessus, Tenable, or similar (experience with at least one required)
- Basic understanding of AWS cloud infrastructure and containerized environments (Kubernetes, Docker, Chainguard)
- Exposure to structured compliance environments; familiarity with FedRAMP, NIST 800-53, or similar frameworks is a strong plus
- Strong organizational skills with the ability to manage multiple open findings and parallel workstreams
- A curious, self-driven mindset with a desire to expand beyond a defined lane over time
- Scripting or automation skills (Python, Bash) are a plus
- Clear and effective communication skills across Slack, Zoom, and email in a distributed team environment
- US citizenship and ability to work within FedRAMP-regulated environments
- Ability to work onsite in Dallas, TX
Why Island?- Build in a category-defining company
- Work on problems at the intersection of AI, security, and enterprise productivity
- Backed by top-tier investors
- Trusted by leading global enterprises
- Competitive compensation and meaningful equity
- A fast-moving, high-impact environment
Benefits- Comprehensive health, dental, and vision coverage
- 401(k) with company match
- Generous paid time off and company holidays
- Professional development opportunities
- Collaborative, high-performance culture
- Modern office environment in Dallas, TX
