Security Engineer, Security and Privacy Engineering

Brief info about Vinted 

Vinted Marketplace is the largest online international C2C marketplace in Europe dedicated to second-hand fashion, with millions of registered members spanning 20+ markets in Europe and North America. With a mission to make second-hand the first choice worldwide, Vinted enables people to sell and buy second-hand clothes and lifestyle items from each other, helping give those items a second or even third life.   

Vinted Go launched in 2022,  with a focus on developing products and solutions for more seamless shipping and delivery across Europe. Vinted Go has connected more than 40 carriers and more than 200,000 PUDO points across Europe to support the delivery of millions of parcels per year.  

The Vinted Group, composed of Vinted Marketplace and Vinted Go, is headquartered in Vilnius, with workplaces in Germany, Lithuania, France, the United Kingdom, the Netherlands and over 2,000 employees. It is backed by six leading venture capital firms: Accel, Burda Principal Investments, EQT Growth, Insight Partners, Lightspeed Venture Partners, and Sprints Capital. 

Information about the position 

As a Security Engineer focusing on web application security, you will be part of the Group Security domain, which supports the whole organisation. As an Information Security Engineering team, we adopt or develop technological solutions to strengthen resilience against exploitation by adversaries, and to secure the organisation against external and internal threats. To achieve this, we provide consultations, incident response, pentesting and Application Security enhancing technologies to the whole organisation.

In this position, you’ll 

• Conduct white-box penetration testing on internal web applications and APIs
• Provide application security guidance and support to product and development teams, including threat modeling and security reviews
• Contribute to the development of automated security testing to scale vulnerability detection and foster secure coding practices
• Manage and coordinate penetration tests performed by external partners
• Maintain and enhance the vulnerability management process

About you 

• Passion for cyber security and dedication to continuous learning and development, both personally and professionally
• Thorough understanding of common web security vulnerabilities (e.g., OWASP Top 10) and their remediation strategies
• Experience identifying security issues through code review
• Familiarity with penetration testing tools and libraries, including static and dynamic code analysis
• Proficiency in at least one scripting or development language (preferably Go, Ruby on Rails, Python, JavaScript)
• Skilled at explaining technical concepts to a non-technical stakeholders
• Proactive in taking ownership and dedicated to achieving excellence
• Excellent written and verbal communication skills in English

Work perks 

• The opportunity to benefit from our share options programme
• 25 working days of holiday
• Newest MacBook models
• Free access to an office gym
• Mental and emotional health support through the Mindletic app
• Home office support: we provide IT workstation equipment and a personal budget of up to €540 for home workplace furniture
• Private health insurance
• On-site canteen serving delicious homemade food at friendly prices
• Frequent team-building events
• A personal monthly budget for shopping on Vinted
• The opportunity to spend up to 90 days per year - 21 of which can be spent working outside of the EU - on workation
• A dog-friendly office

Working at Vinted 

Individual Learning Budget

We invest in your professional growth! As part of our commitment to continuous learning, we offer an annual learning budget to support your personal and career development through courses, certifications, workshops and more.

Hybrid Work

We’ve adopted a hybrid workplace model where 2 days in the office are recommended but not enforced. It’s up to you and your team to decide on the exact days you’ll spend working together in person.

Equal Opportunity

The Vinted Group is committed to building an inclusive workplace where people from all walks of life feel a sense of belonging. We welcome applications from people of all backgrounds, identities and life experiences. At Vinted, all applicants are treated fairly without regard to their race, age, religion or belief, sex, national origin, citizenship, gender identity, sexual orientation, disability, or any other protected characteristic.

The salary range for this position is €4,683 to €7,317 gross per month.