About Mistral

We are a dynamic, collaborative team passionate about AI and its potential to transform society. Our diverse workforce thrives in competitive environments and is committed to driving innovation. Our teams are distributed between Europe, North America, Asia and the Middle East. We are creative, low-ego and team-spirited.

**About Mistral **

At Mistral AI, we believe in the power of AI to simplify tasks, save time, and enhance learning and creativity. Our technology is designed to integrate seamlessly into daily working life.

We democratize AI through high-performance, optimized, open-source and cutting-edge models, products and solutions. Our comprehensive AI platform is designed to meet enterprise needs, whether on-premises or in cloud environments. Our offerings include le Chat, the AI assistant for life and work.

We are a dynamic, collaborative team passionate about AI and its potential to transform society.

Our diverse workforce thrives in competitive environments and is committed to driving innovation. Our teams are distributed between France, USA, UK, Germany and Singapore. We are creative, low-ego and team-spirited.

Join us to be part of a pioneering company shaping the future of AI. Together, we can make a meaningful impact. See more about our culture on https://mistral.ai/careers.

Role summary

Embedded directly within Mistral's Security Engineering ecosystem, you will architect and enforce the security posture of our entire technical stack, from on-premise foundations to cloud-native deployments.

You'll own the vulnerability management lifecycle end-to-end: define security standards, automate detection within the development lifecycle, and facilitate rapid remediation. Work closely with SRE and Engineering to deliver robust, secure applications and infrastructure without compromising on velocity or innovation.

Reporting line: Reports to the Chief Information Security Officer.

Location: Paris (on-site hybrid).

What you will do

• Oversee the identification, prioritization, and remediation of vulnerabilities across both On-Prem and Cloud infrastructures as well as internal applications.

• Select, deploy, and maintain the tools needed for visibility and protection, including CNAPP, CSPM, SAST/DAST, secret scanning, and SBOM/CVE tracking.

• Integrate security controls and automated gates directly into CI/CD pipelines to catch vulnerabilities before deployment (Shift Left).

• Partner with engineering teams to interpret findings and "ease the fix," providing patches, code snippets, or architectural advice to resolve issues quickly.

• Define and maintain rigorous security guidelines and best practices for developers and system administrators.

• Design and lead security awareness programs and technical training tailored for developers and admins to reduce human risk.

• Track and define key security metrics (MTTR, coverage, vulnerability density) to visualize posture and progress to leadership.

Who you are

• 6+ years of experience in Information Security, with a specific focus on Application Security, Cloud Security, or DevSecOps.

• Strong scripting skills (Python, Go, or Bash) to automate security tasks and integrate tools.

• Deep understanding of CI/CD ecosystems and container orchestration (Kubernetes/Docker).

• Hands-on experience with modern security tooling (e.g., Wiz, Snyk, SonarQube, Prisma, or similar enterprise tools).

• Collaborative mindset: you view developers as partners, not adversaries, and focus on enabling them to code securely.

• Clear communication, autonomous, and capable of translating technical security risks into actionable engineering tasks.

It would be ideal if you also have:

• Industry certifications such as CISSP, CCSP, OSCP, or cloud-specific security certifications.

• Strong Infrastructure as Code (IaC) experience with Terraform or Ansible.

• Experience in offensive security (Penetration Testing) to better understand attacker mindsets.

• Prior experience securing large-scale AI or Machine Learning infrastructure.

Recruitment process

• Introduction call (30 min)

• Hiring Manager (30 min)

• Technical Rounds:

Technical Round (75 min)

• Value talk / Culture fit (30 min)

• References

By applying, you agree to our Applicant Privacy Policy.

What do we offer?

We support our employees’ well-being, growth, and work-life balance, with a range of global benefits designed to meet the diverse needs of our team members worldwide.

Health & Family

Healthcare Coverage 100% employer-sponsored premium plans for medical, dental, and vision care for you and your dependents.
Parental Leave 20 weeks of paid leave for all primary parents.
Childcare Support Reserved daycare seats or financial assistance for working parents.

Financial & Career Planning

Retirement Plans Competitive employer-matched contributions in applicable markets (e.g., 6% 401k match in the US, 5% pension contribution in the UK) to secure your financial future.
Relocation Support Financial assistance for moving expenses, visa sponsorship, and settling-in services for you and your family.

Daily Life & Wellness

Meal Allowances Monthly stipends, vouchers, or catered in-office meals, depending on your office location.
Transportation Support Monthly allowances for public transport, parking, or sustainable mobility
Fitness & Wellness Subsidies or memberships for gyms, wellness programs, or fitness activities

Privacy Policy

Your privacy matters to us. You can learn more about how we handle your personal data in our Applicant Privacy Policy.

About Mistral

**About Mistral **

At Mistral AI, we believe in the power of AI to simplify tasks, save time, and enhance learning and creativity. Our technology is designed to integrate seamlessly into daily working life.

We are a dynamic, collaborative team passionate about AI and its potential to transform society.

Join us to be part of a pioneering company shaping the future of AI. Together, we can make a meaningful impact. See more about our culture on https://mistral.ai/careers.

Role summary

Reporting line: Reports to the Chief Information Security Officer.

Location: Paris (on-site hybrid).

What you will do

• Oversee the identification, prioritization, and remediation of vulnerabilities across both On-Prem and Cloud infrastructures as well as internal applications.

• Select, deploy, and maintain the tools needed for visibility and protection, including CNAPP, CSPM, SAST/DAST, secret scanning, and SBOM/CVE tracking.

• Integrate security controls and automated gates directly into CI/CD pipelines to catch vulnerabilities before deployment (Shift Left).

• Partner with engineering teams to interpret findings and "ease the fix," providing patches, code snippets, or architectural advice to resolve issues quickly.

• Define and maintain rigorous security guidelines and best practices for developers and system administrators.

• Design and lead security awareness programs and technical training tailored for developers and admins to reduce human risk.

• Track and define key security metrics (MTTR, coverage, vulnerability density) to visualize posture and progress to leadership.

Who you are

• 6+ years of experience in Information Security, with a specific focus on Application Security, Cloud Security, or DevSecOps.

• Strong scripting skills (Python, Go, or Bash) to automate security tasks and integrate tools.

• Deep understanding of CI/CD ecosystems and container orchestration (Kubernetes/Docker).

• Hands-on experience with modern security tooling (e.g., Wiz, Snyk, SonarQube, Prisma, or similar enterprise tools).

• Collaborative mindset: you view developers as partners, not adversaries, and focus on enabling them to code securely.

• Clear communication, autonomous, and capable of translating technical security risks into actionable engineering tasks.

It would be ideal if you also have:

• Industry certifications such as CISSP, CCSP, OSCP, or cloud-specific security certifications.

• Strong Infrastructure as Code (IaC) experience with Terraform or Ansible.

• Experience in offensive security (Penetration Testing) to better understand attacker mindsets.

• Prior experience securing large-scale AI or Machine Learning infrastructure.

Recruitment process

• Introduction call (30 min)

• Hiring Manager (30 min)

• Technical Rounds:

Technical Round (75 min)

• Value talk / Culture fit (30 min)

• References

By applying, you agree to our Applicant Privacy Policy.

What do we offer?

We support our employees’ well-being, growth, and work-life balance, with a range of global benefits designed to meet the diverse needs of our team members worldwide.

Health & Family

Healthcare Coverage 100% employer-sponsored premium plans for medical, dental, and vision care for you and your dependents.
Parental Leave 20 weeks of paid leave for all primary parents.
Childcare Support Reserved daycare seats or financial assistance for working parents.

Financial & Career Planning

Retirement Plans Competitive employer-matched contributions in applicable markets (e.g., 6% 401k match in the US, 5% pension contribution in the UK) to secure your financial future.
Relocation Support Financial assistance for moving expenses, visa sponsorship, and settling-in services for you and your family.

Daily Life & Wellness

Meal Allowances Monthly stipends, vouchers, or catered in-office meals, depending on your office location.
Transportation Support Monthly allowances for public transport, parking, or sustainable mobility
Fitness & Wellness Subsidies or memberships for gyms, wellness programs, or fitness activities

Privacy Policy

Your privacy matters to us. You can learn more about how we handle your personal data in our Applicant Privacy Policy.

Cybersecurity Team Lead, Infrastructure and Application

What you'd actually do

Skills

Required

Nice to have

What the JD emphasized

About Mistral

What do we offer?

About Mistral

What do we offer?