Security Specialist, Group Security

Brief info about Vinted 

Vinted Marketplace is the largest online international C2C marketplace in Europe dedicated to second-hand fashion, with millions of registered members spanning 20+ markets in Europe and North America. With a mission to make second-hand the first choice worldwide, Vinted enables people to sell and buy second-hand clothes and lifestyle items from each other, helping give those items a second or even third life.   

Vinted Go launched in 2022,  with a focus on developing products and solutions for more seamless shipping and delivery across Europe. Vinted Go has connected more than 40 carriers and more than 200,000 PUDO points across Europe to support the delivery of millions of parcels per year.  

The Vinted Group, composed of Vinted Marketplace and Vinted Go, is headquartered in Vilnius, with workplaces in Germany, Lithuania, France, the United Kingdom, the Netherlands and over 2,000 employees. It is backed by six leading venture capital firms: Accel, Burda Principal Investments, EQT Growth, Insight Partners, Lightspeed Venture Partners, and Sprints Capital. 

Information about the position 

We are looking for an information security enthusiast, someone highly motivated, with ambition, strong communication skills, and a firm commitment to finding tailored solutions to issues that Vinted may encounter when working with third parties.

As a member of Vinted’s Cyber Risk & Access Management team, part of the Group Security function, you’ll be focused on supporting Vinted’s information security Third Party Risk Management (TPRM) process. The role will mainly focus on identifying whether selected vendors and their products meet our (and our customers') high expectations when it comes to information security, and assisting in defining necessary technical and organisational security measures throughout all TPRM phases.

In this position, you’ll 

• Carry out information security assessments of Vinted’s third parties and review of their contracts for relevant controls, supporting business in their goals.
• Continuously improve the Security TPRM process to ensure relevant and appropriate information security requirements are mandated for vendors.
• Build up information security requirements for vendors based on the nature of the services provided and Vinted’s risk appetite.
• Participate in assessments of vendors’ security posture and propose actions to mitigate the identified risks.
• Work with potential and existing external partners in a respectful, fair, and transparent manner to build trust.
• Engage, collaborate, and align with internal stakeholders of the company’s TPRM process.

About you 

• Have experience in developing information security requirements, running IT auditing or compliance-related activities applicable to third parties.
• Have a strong understanding of information security principles, relevant organisational and technical controls, risk and compliance standards and frameworks (e.g. NIS2, ISO27001, NIST).
• Comfortable with trying out innovative methods to improve security across the organisation and its partners.
• Good at striking a balance between business needs and best practices in procurement.
• Good at communicating technical topics to a business audience.
• Care deeply about personal and professional growth.
• Care for collaboration with team members, knowledge sharing and fostering a positive, cooperative environment.
• Excellent written and spoken English.

Work perks 

• The opportunity to benefit from our share options programme
• 25 working days of holiday
• Newest MacBook models
• Free access to an office gym
• Mental and emotional health support through the Mindletic app
• Home office support: we provide IT workstation equipment and a personal budget of up to €540 for home workplace furniture
• Private health insurance
• On-site canteen serving delicious homemade food at friendly prices
• Frequent team-building events
• A personal monthly budget for shopping on Vinted
• The opportunity to spend up to 90 days per year - 21 of which can be spent working outside of the EU - on workation
• A dog-friendly office

Working at Vinted 

Individual Learning Budget

We invest in your professional growth! As part of our commitment to continuous learning, we offer an annual learning budget to support your personal and career development through courses, certifications, workshops and more.

Hybrid Work 

We’ve adopted a hybrid workplace model where 2 days in the office are recommended but not enforced. It’s up to you and your team to decide on the exact days you’ll spend working together in person.

Equal Opportunity

The Vinted Group is committed to building an inclusive workplace where people from all walks of life feel a sense of belonging. We welcome applications from people of all backgrounds, identities and life experiences. At Vinted, all applicants are treated fairly without regard to their race, age, religion or belief, sex, national origin, citizenship, gender identity, sexual orientation, disability, or any other protected characteristic.

The salary range for this position is € 2,950 - € 3,983 gross per month.