security
Posted Feb 12CyberSecurity Team Lead, Infrastructure and Application
at Mistral AI
Paris, FranceOn-site
You are nearing today's limit. Upgrade for unlimited access.
Responsibilities
- Oversee the identification, prioritization, and remediation of vulnerabilities across both On-Prem and Cloud infrastructures as well as internal applications.
- Select, deploy, and maintain the tools needed for visibility and protection, including CNAPP, CSPM, SAST/DAST, secret scanning, and SBOM/CVE tracking.
- Integrate security controls and automated gates directly into CI/CD pipelines to catch vulnerabilities before deployment (Shift Left).
- Define and maintain rigorous security guidelines and best practices for developers and system administrators.
- Design and lead security awareness programs and technical training tailored for developers and admins to reduce human risk.
- Track and define key security metrics (MTTR, coverage, vulnerability density) to visualize posture and progress to leadership. Who you are 6+ years of
Requirements
- About Mistral At Mistral AI, we believe in the power of AI to simplify tasks, save time, and enhance learning and creativity.
- We democratize AI through high-performance, optimized, open-source and cutting-edge models, products and solutions.
- Our comprehensive AI platform is designed to meet enterprise needs, whether on-premises or in cloud environments.
- Our offerings include le Chat, the AI assistant for life and work.
- We are a dynamic, collaborative team passionate about AI and its potential to transform society.
- Join us to be part of a pioneering company shaping the future of AI.
- See more about our culture on https://mistral.ai/careers.
- experience in Information Security, with a specific focus on Application Security, Cloud Security, or DevSecOps.
- Strong scripting skills (Python, Go, or Bash) to automate security tasks and integrate tools.
- Deep understanding of CI/CD ecosystems and container orchestration (Kubernetes/Docker). Hands-on
- experience with modern security tooling (e.g., Wiz, Snyk, SonarQube, Prisma, or similar enterprise tools).
- Industry certifications such as CISSP, CCSP, OSCP, or cloud-specific security certifications.
- experience with Terraform or Ansible.
- Experience in offensive security (Penetration Testing) to better understand attacker mindsets. Prior