Security Engineer (Web Application Firewall), Group Security

Kaunas, Lithuania

Apply now Apply later

Brief info about Vinted 

Vinted Marketplace is the largest online international C2C marketplace in Europe dedicated to second-hand fashion, with millions of registered members spanning 20+ markets in Europe and North America. With a mission to make second-hand the first choice worldwide, Vinted enables people to sell and buy second-hand clothes and lifestyle items from each other, helping give those items a second or even third life.   

Vinted Go launched in 2022,  with a focus on developing products and solutions for more seamless shipping and delivery across Europe. Vinted Go has connected more than 40 carriers and more than 200,000 PUDO points across Europe to support the delivery of millions of parcels per year.  

The Vinted Group, composed of Vinted Marketplace and Vinted Go, is headquartered in Vilnius, with workplaces in Germany, Lithuania, France, the United Kingdom, the Netherlands and over 2,000 employees. It is backed by six leading venture capital firms: Accel, Burda Principal Investments, EQT Growth, Insight Partners, Lightspeed Venture Partners, and Sprints Capital. 

Information about the position 

As a Security Engineer focusing on Web Application Firewall, you will be part of the Group Security function, which supports the whole organisation. As a Cyber Defense team, we adopt or develop technological solutions to protect the security of Vinted members and employees and to secure the organisation against external and internal threats. To achieve this, we provide consultations, incident response, threat intelligence, security awareness and security-enhancing technologies and services to the whole organisation.

In this position, you’ll 

  • Contribute to the development and maintenance of tooling for WAF (Web Application Firewall)
  • Monitor, tune, and update WAF rules and configuration to ensure performance and security
  • Collaborate with engineering teams to identify vulnerabilities and proactively mitigate risks
  • Analyse web traffic patterns and investigate security incidents related to web applications
  • Stay current on the latest web application threats, attack vectors, and security trends to continuously improve defenses
  • Provide guidance and best practices on secure web architecture and WAF integration across the organisation

About you 

  • Hands-on experience managing and tuning Web Application Firewall rules and policies to protect against known and emerging threats
  • Have experience analysing HTTP traffic patterns, identifying anomalies, and fine-tuning protections without impacting legitimate users
  • Skilled at distinguishing between benign bots (like search engines) and malicious actors scraping data
  • Solid understanding of web application architectures and common vulnerabilities (OWASP Top 10, etc.)
  • You enjoy digging into security incidents, uncovering root causes, and implementing long-term mitigations
  • Can communicate clearly with technical and non-technical stakeholders and work well in cross-functional teams
  • Have experience with automation, infrastructure-as-code, observability and CI/CD tooling
  • Working knowledge of Kubernetes, Apache Flink, Scala (or Java) and Kafka is a plus
  • Excellent at communicating in spoken and written English

Work perks 

  • The opportunity to benefit from our share options programme
  • 25 working days of holiday
  • Newest MacBook models
  • Mental and emotional health support through the Mindletic app
  • Home office support: we provide IT workstation equipment and a personal budget of up to €540 for home workplace furniture
  • Never ending snacks and monthly lunch benefit
  • Private health insurance
  • Frequent team-building events
  • A personal monthly budget for shopping on Vinted
  • The opportunity to spend up to 90 days per year - 21 of which can be spent working outside of the EU - on workation
  • A dog-friendly office

Working at Vinted 

Individual Learning Budget

We invest in your professional growth! As part of our commitment to continuous learning, we offer an annual learning budget to support your personal and career development through courses, certifications, workshops and more.

Hybrid Work

We’ve adopted a hybrid workplace model where 2 days in office are recommended but not enforced. It’s up to you and your team to decide on the exact days you’ll spend working together in person.

Equal Opportunity

The Vinted Group is committed to building an inclusive workplace where people from all walks of life feel a sense of belonging. We welcome applications from people of all backgrounds, identities and life experiences. At Vinted, all applicants are treated fairly without regard to their race, age, religion or belief, sex, national origin, citizenship, gender identity, sexual orientation, disability, or any other protected characteristic.

The salary range for this position is 4,975 - € 6,725 gross per month.

Apply now Apply later

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Job stats:  1  0  0

Tags: Automation CI/CD Cyber defense Firewalls Incident response Java Kafka Kubernetes OWASP Scala Threat intelligence Vulnerabilities

Perks/benefits: Career development Equity / stock options Gear Health care Insurance Pet friendly Team events

Region: Europe
Country: Lithuania

More jobs like this

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.