At Lemonway, we're revolutionizing the way marketplaces handle complex and regulated payments. Our dedicated payment solution empowers investment platforms and B2C/B2B marketplaces across Europe, ensuring secure and compliant transactions through our SaaS API. With €35 million raised in Series B funding in 2019, we're not just profitable today with a +104% growth in 2023 — we're on a mission to shape the future of payments in the digital economy.
The company has more than 140 LemonHeroes from 21 different nationalities🌎
More than 400 platforms trust Lemonway every day to collect funds and payments in a secure way. We have clients such as Decathlon, Acer, SNCF, Eiffage, FFF (French Football Federation) and many others (feel free to check our website 😊).
We're at a thrilling juncture in our growth journey, where speed and quality go hand in hand. To maintain this balance, we're constantly innovating and improving our processes, methods, and tools.
Join a dynamic and growing Tech company !
Our Tech Culture: Collaborative Learning We foster a culture of continuous learning and knowledge sharing:
Our Squads and Tribes enable experts to refine and share best practices across teams
We encourage pair programming and collaborative problem-solving
Regular sharing sessions allow everyone to present and discuss technical topics
Certified Excellence
We are PCI-DSS certified, ensuring the highest standards of payment card industry data security.
As part of our Infra and Security Team, you'll work alongside 7 talented members, including Infra, SRE, and Security. Reporting directly to the Head of Infra & Security, you'll bring your expertise in services and product security, an interest in payments, and a desire to enhance your skills in managing the trust zone perimeter (signature engines, identity management services, PKI, HSM, time servers, etc.).
Maintain the trust zone perimeter and support development and infrastructure teams, ensuring compliance with main regulations (depending on the countries) and ETSI standards.
Integrate security into the product lifecycle by collaborating with product and development teams.
Support various teams (People, Data, SRE, BusinessOps, Compliance & Risk, Payments, etc.) in integrating security into their processes.
Manage external providers for internal, technical, and certification audits.
Security Management: Design, implement, and maintain security measures for our products and solutions, including network security, identity and access management, and data protection.
Risk Assessment: Conduct regular security assessments and vulnerability scans of the products and solutions to identify and mitigate potential risks.
Compliance: In collaboration with the Risk and Compliance team, ensure compliance with industry standards and regulatory requirements (e.g. PCI-DSS, GDPR) and support internal and external audits.
Access Control: Manage and enforce Identity and Access Management (IAM) policies, roles, and permissions to ensure least privilege access.
Security Best Practices: Develop and promote security best practices and guidelines among development and operations teams.
Incident Response: Develop and maintain incident response plans for security incidents, including root cause analysis and corrective actions.
Collaboration: Work closely with DevOps, IT, and other development teams to integrate security into the deployment pipeline.
Documentation: Maintain detailed documentation of security configurations, policies, and procedures for the various environment.
Innovation: Stay up-to-date with the latest security trends, threats, and technologies to continuously enhance our cloud security posture.
(This list is not exhaustive, the job holder may be required to carry out other duties as required to fulfill the role)