Information Security Officer, Security & Privacy Governance

  • Vilnius, Lithuania
  • Engineering
  • Vinted Group

Brief info about Vinted 

Vinted Marketplace is the largest online international C2C marketplace in Europe dedicated to second-hand fashion, with millions of registered members spanning 22 markets in Europe and North America. With a mission to make second-hand the first choice worldwide, Vinted enables people to sell and buy second-hand clothes and lifestyle items from each other, helping give those items a second or even third life.   

Vinted Go launched in 2022,  with a focus on developing products and solutions for more seamless shipping and delivery across Europe. Vinted Go has connected more than 40 carriers and more than 200,000 PUDO points across Europe to support the delivery of millions of parcels per year.  

The Vinted Group, composed of Vinted Marketplace and Vinted Go, is headquartered in Vilnius, with workplaces in Germany, Lithuania, France, the United Kingdom, the Netherlands and over 2,000 employees. It is backed by six leading venture capital firms: Accel, Burda Principal Investments, EQT Growth, Insight Partners, Lightspeed Venture Partners, and Sprints Capital. 

Information about the position 

As an Information Security Officer in the Security and Privacy Governance Domain within the Security & Privacy Function supporting the Vinted Group, You will oversee the development, implementation, and management of comprehensive information security policies and procedures to ensure compliance with security frameworks and standards. You'll also contribute to incident response, risk mitigation, and continuous improvement initiatives, collaborating with stakeholders across the organisation to align security measures with business goals. Additionally, You'll work with the Awareness Team to foster a security-conscious culture through training programs and monitor ISMS performance to enhance the organisation's overall security posture.

In this position, you’ll 

  • Lead the design, development, and improvements of comprehensive information security policies and procedures throughout the organisation.
  • Collaborate with Risk Manager and relevant stakeholders to develop and implement risk mitigation plans.
  • Support the management of incidents by communicating with external authorities in collaboration with the DPO, and participating in post-mortem analyses to evaluate root causes and recommend security control enhancements.
  • Manage security audits and assessments to ensure compliance with industry standards, driving continuous improvement initiatives based on findings.
  • Oversee that policies and procedures related to Vinted’s Information Security Management System (ISMS) are regularly reviewed and updated to align with evolving threats and business requirements.
  • Collaborate with cross-functional teams to align security measures with business objectives, ensuring a balance between security and operational efficiency.
  • Oversee overall ISMS performance and analyse key performance indicators (KPIs) provided by relevant stakeholders to gain insights into the ISMS's effectiveness and identify trends and areas for improvement.
  • Stay abreast of emerging threats and industry best practices, continuously evaluating and enhancing the organisation’s security posture.
  • Ensure that the organisation’s systems and data security meet business needs through insightful reporting, transparency, and governance.
  • Contribute to training and awareness programs to foster a security-conscious culture within the organisation.

About you 

  • At least 4 years of work experience in information security, risk management, or a related field.
  • Strong understanding of security frameworks and standards, such as ISO 27001, PCI DSS, NIST, etc.
  • Strong understanding of security and privacy principles, regulations, and industry best practices.
  • Excellent communication and interpersonal skills, with the ability to collaborate across diverse teams.
  • Experience delivering cross-functional projects in highly complex environments.
  • Can find a sensible balance between governance requirements, best practices and business needs.
  • Inclined to take ownership and strive for excellence.
  • Commitment to continuous professional development and staying current with emerging security trends and technologies.

Work perks 

  • The opportunity to benefit from our share options programme
  • 25 working days of holiday
  • Newest MacBooks 
  • Free access to an office gym
  • Mental and emotional health support through the Mindletic app
  • Home office support: we provide IT workstation equipment and a personal budget of up to €540 for home workplace furniture
  • Private health insurance
  • On-site canteen serving delicious homemade food at discount prices
  • Monthly team-building events
  • A personal monthly budget for shopping on Vinted
  • The opportunity to spend up to 90 days per year - 21 of which can be spent working outside of the EU - on workation
  • A dog-friendly office

Working at Vinted 

Individual Learning Budget

Vinted will set aside a yearly sum equal to 10-13.2% of your annual salary to be invested in your continuous professional development. You’ll be able to take the initiative to use it for covering relevant learning activities that benefit your role.

Hybrid Work 

We’ve adopted a hybrid workplace model where 2 days in the office are recommended but not enforced. It’s up to you and your team to decide on the exact days you’ll spend working together in person.

Equal Opportunity

The Vinted Group is committed to building an inclusive workplace where people from all walks of life feel a sense of belonging. We welcome applications from people of all backgrounds, identities and life experiences. At Vinted, all applicants are treated fairly without regard to their race, age, religion or belief, sex, national origin, citizenship, gender identity, sexual orientation, disability, or any other protected characteristic.

The salary range for this position is €3,792 - 5,125 (gross) per month.

If this opening caught your attention – we’d be happy if you applied.