Mistral2mo ago

CyberSecurity Engineer, DevSecOps

France·ParisFull-timemid

EngineeringSecurityOtherSecurity Engineer

12 views0 saves0 applied

Apply Now

Quick Summary

Overview

About Mistral At Mistral AI, we believe in the power of AI to simplify tasks, save time, and enhance learning and creativity. Our technology is designed to integrate seamlessly into daily working life.

Key Responsibilities

• Drive threat modeling and risk prioritization exercises, serving as the security counterpart to system-design reviews for our core infrastructure and new products.

Requirements Summary

• 5+ years of experience in DevSecOps, Security Engineering, or Cloud Security, ideally acting as an early security hire in a fast-paced or hyper-scale environment.

Technical Tools

gokubernetespythonterraformci-cdcybersecuritydistributed-systems

About Mistral

At Mistral AI, we believe in the power of AI to simplify tasks, save time, and enhance learning and creativity. Our technology is designed to integrate seamlessly into daily working life.

We democratize AI through high-performance, optimized, open-source and cutting-edge models, products and solutions. Our comprehensive AI platform is designed to meet enterprise needs, whether on-premises or in cloud environments. Our offerings include le Chat, the AI assistant for life and work.

We are a dynamic, collaborative team passionate about AI and its potential to transform society.

Our diverse workforce thrives in competitive environments and is committed to driving innovation. Our teams are distributed between France, USA, UK, Germany and Singapore. We are creative, low-ego and team-spirited.

Join us to be part of a pioneering company shaping the future of AI. Together, we can make a meaningful impact. See more about our culture on https://mistral.ai/careers.

Role summary

Mistral AI is looking for a DevSecOps Engineer to architect and maintain the security posture of our rapidly scaling AI infrastructure and application lifecycle. You will treat security as a seamless enabler for our research and engineering teams.

Your objective is to embed robust security controls into our CI/CD pipelines, infrastructure environments, and developer workflows, without compromising deployment velocity.

What you will do

• Drive threat modeling and risk prioritization exercises, serving as the security counterpart to system-design reviews for our core infrastructure and new products.

• Own end-to-end vulnerability management across CI/CD pipelines and runtime environments, covering both underlying infrastructure and applications.

• Secure our Kubernetes deployments and containerized workloads, implementing advanced pod and node hardening to prevent lateral movement across distributed systems.

• Define and enforce Infrastructure-as-Code security by building robust Terraform guardrails and integrating policy-as-code directly into deployment pipelines.

• Design and execute a comprehensive security tooling strategy, managing solutions for CNAPP, CSPM, SAST, SCA, secrets management, and SBOM-CVE tracking.

• Champion developer enablement by building secure defaults, streamlining remediation workflows, and drafting actionable security guidelines.

• Build foundational security automation to scale alongside hyper-growth, minimizing manual overhead while establishing a pragmatic security culture from the ground up.

About you

• 5+ years of experience in DevSecOps, Security Engineering, or Cloud Security, ideally acting as an early security hire in a fast-paced or hyper-scale environment.

• Deep understanding of Kubernetes and container security, alongside strong experience securing Infrastructure-as-Code (Terraform) across major cloud providers.

• Strong programming and scripting skills (Python, Go, or similar) to build security automation and seamlessly integrate diverse security tools into the developer workflow.

• Extensive experience deploying and tuning modern security tooling with a pragmatic approach to vulnerability management and threat modeling.

• Strong communication skills with a proven track record of partnering with developers and researchers to embed secure defaults without creating engineering friction.

Hiring Process

• Introduction call - 30 min

• Hiring Manager interview - 30 min

• Technical Rounds

- Scripting Interview - 45 min

- Dee-Dive interview - 55 min

• Culture-fit discussion - 30 min

• References

By applying, you agree to our Applicant Privacy Policy.

Location & Remote

The position is based in our Paris HQ offices and we encourage going to the office as much as we can (at least 3 days per week) to create bonds and smooth communication. Our remote policy aims to provide flexibility, improve work-life balance and increase productivity. Each manager can decide the amount of days worked remotely based on autonomy and a specific context (e.g. more flexibility can occur during summer). In any case, employees are expected to maintain regular communication with their teams and be available during core working hours.

What we offer

💰 Competitive salary and equity package

🧑‍⚕️ Health insurance

🚴 Transportation allowance

🥎 Sport allowance

🥕 Meal vouchers

💰 Private pension plan

🍼 Generous parental leave policy

By applying, you agree to our Applicant Privacy Policy.