Security Operations Engineer

Island Island · Enterprise · Dallas, TX · Engineering

Security Operations Engineer responsible for the operation and improvement of vulnerability and compliance scanning programs within commercial and FedRAMP environments. This role involves managing scanning tools, supporting compliance activities, triaging results, and automating workflows.

What you'd actually do

  1. Operate and maintain vulnerability scanning tools across web applications (Burp Suite), infrastructure/network (Nessus), and container/runtime environments (Sysdig), with exposure to Wiz as a plus
  2. Run scans on a regular cadence and on-demand for releases, audits, and special initiatives
  3. Support FedRAMP continuous monitoring (ConMon) activities across US GovCloud environments
  4. Assist with evidence collection and compliance tracking, including familiarity with NIST 800-53 controls and tools like eMASS
  5. Triage scan results, identify and filter false positives, prioritize findings by risk, and open/track remediation tickets in Jira

Skills

Required

  • 1–3 years of experience in security operations, IT security, or a related field
  • Hands-on familiarity with vulnerability scanning tools such as Burp Suite, Nessus, Tenable, or similar
  • Basic understanding of AWS cloud infrastructure and containerized environments (Kubernetes, Docker, Chainguard)
  • US citizenship
  • Ability to work onsite in Dallas, TX

Nice to have

  • exposure to Wiz
  • familiarity with FedRAMP, NIST 800-53, or similar frameworks
  • Scripting or automation skills (Python, Bash)
  • experience through internships, labs, or personal projects

What the JD emphasized

  • FedRAMP
  • NIST 800-53
  • US citizenship and ability to work within FedRAMP-regulated environments