Jobs Companies 28Stone Information Systems Security Coordinator

About this Information Systems Security Coordinator role at 28Stone

28Stone · Onsite · Riga, Riga, Latvia

28Stone is one of just four capital markets companies in Latvia. But what really sets us apart is that all of our clients are in the US and UK. So we are operating on a truly global scale, building financial solutions for some of the most developed markets in the world.

We are an IT consulting company specializing in capital markets technology and financial infrastructure- basically, we help major financial institutions operate more efficiently by creating custom software solutions.

The capital markets space in Latvia is still pretty small, so working at 28Stone gives you a unique mix- you get to be part of a focused team, but also work on international projects that make a real impact.

We celebrate winning the Top 1% Workplace Awards 2024 in the "Best Workplace for Talent Investment" category and are always seeking to expand our team with positive, open-minded and motivated individuals who are eager learn as well as share what they know.

Your impact zones

  • Coordinate and oversee application vulnerability remediation efforts in partnership with engineering, DevOps, and product teams, ensuring alignment with enterprise security governance requirements.
  • Manage and track application onboarding into approved AppSec scanning tools (e.g., SAST, DAST, SCA), ensuring coverage, scan success, and adherence to secure coding and DevSecOps policy timelines.
  • Monitor security scan outputs, triage findings, and communicate risk-based remediation guidance to development teams, ensuring vulnerabilities are resolved within defined risk-based SLAs.
  • Support governance processes by coordinating policy exception, waiver, and risk acceptance submissions, ensuring appropriate justification, approvals, and documentation in line with GRC standards.
  • Plan, facilitate, and lead cross-functional remediation working sessions with engineering teams, platform owners, and third-party vendors to address remediation blockers and risk concerns.
  • Enforce secure coding and DevSecOps policy compliance by identifying gaps, monitoring adherence, and escalating non-compliance to engineering leadership, risk owners, and governance stakeholders as required.
  • Identify and manage orphaned or unowned applications within AppSec tooling, ensuring accountability, ownership assignment, and accurate system-of-record data.
  • Develop, maintain, and present security and compliance dashboards that provide visibility into application risk posture, vulnerability trends, remediation progress, and policy compliance metrics.
  • Document AppSec, DevSecOps, and GRC processes, controls, and operating procedures to ensure consistency, repeatability, and audit readiness.
  • Support internal audits, regulatory assessments, and external reviews by maintaining accurate compliance evidence, vulnerability remediation records, and risk management documentation.

Requirements

  • Bachelor’s degree in computer science, Information Security, or a related field.
  • At least 3 years of experience in vulnerability management, security coordination, or related IT security role.
  • Hands-on experience with vulnerability management and coordination using at least one of: Invicti, SonarQube, Sonatype, or Tenable.
  • Experience tracking remediation timelines and SLA compliance.
  • Experience coordinating across multiple teams.
  • Experience escalating and resolving issues with internal teams and external vendors.
  • Excellent written and verbal communication skills in English, with ability to provide clear context and actionable information to teams.
  • Strong coordination, follow-up abilities across multiple teams, and persistence until issues are resolved.

Considered as advantage:

  • Familiarity with data encryption concepts (data at rest and in transit).
  • Familiarity with CI/CD pipelines and DevOps workflows.
  • Experience with ServiceNow or similar ticketing systems.

Benefits

  • Flexible work schedule and the possibility of working from home in Latvia or one of our offices (Riga, Daugavpils).
  • Health insurance and mental wellness platform from Day 1: sport/dentist/vaccination/accident plans + massage chair in the office.
  • Annual training budget.
  • Technology communities: friendly and experienced team members who support your professional growth.
  • Sports community: Squad Hour gym membership deal, 28Stone volleyball team, various public sports events, and monthly challenges.
  • Social events: bi-weekly lunches, board game nights, team buildings, company-wide events.
  • Loyalty rewards program: referral bonuses, gifts, and merchandise on your work anniversary.
  • Paid mobile phone bills.
  • Additional one day of paid sick leave for emergency cases.
  • Modern & ergonomic office space: all the resources and tools to perform your tasks.
  • Additional perks in the office: free snacks, fruits, tea, coffee, board games, novuss table and Xbox.

Compensation

Gross: 2500- 3800 EUR

We are flexible and use an individual approach with each candidate we meet, so we invite you to apply even if you do not meet some of the listed requirements.

Only candidates who have the right to work in Latvia are considered for this position.

The mentioned remuneration may vary depending on the candidate’s skills, qualifications, and experience.

Ready to apply to 28Stone?
Apply to 28Stone

About 28Stone

28Stone was founded in 2011 to deliver software that brings out the best in every client we serve. For over a decade, we have been developing game-changing custom software for the world's leading sell-side, buy-side, market venues, brokers, and other financial markets participants.

We offer a premium service vs ‘big box’ pure off-shore plays due to our deep subject matter and industry-specific engineering expertise. At the same time, our globally distributed delivery model enables our teams to be more scalable and cost-efficient compared to pure on-shore plays. Enabling all of this is a process that seamlessly ties together subject matter expertise from our industry center locations with lower-cost, premium-quality, development, testing, and project management resources from our delivery centers in Europe. With an exclusive focus on financial services technology, 28Stone has been successfully delivering value to clients for more than a decade.

See all jobs at 28Stone →

Similar jobs

Sign up for suggestions tailored to the jobs you open and the searches you save.

Apply now
🤖

Whoa — hold up

JobsRadar was built for real people having a rough time in their job search — not for automated requests. You're clicking way too fast and you're now temporarily blocked.

Come back later. If you're genuinely job hunting, we've got your back — just act like a human.

Catch your next role the second it’s posted.

Create a free account and we’ll watch the boards for you — the instant a job matches your search, it lands in your inbox or Telegram. No digging, no refreshing.

Create free account

Free forever · takes 30 seconds · already have one?

Get an edge on your job hunt.

Join our Telegram channel for the stuff that helps you land the role — salary benchmarks, the weekly market pulse, and new-feature drops. No spam, just signal.

Join the channel — it's free