security
Posted 2 weeks agoCyberSecurity Engineer, Incident Response Lead
at Mistral AI
Paris, FranceHybrid
Responsibilities
- Build, maintain, and test incident response runbooks covering Mistral’s most important risk scenarios.
- Develop and operate forensic capabilities across cloud, containerized, on-premises, and endpoint environments.
- Preserve, collect, and analyze digital evidence using rigorous and repeatable forensic methodologies.
- Design and facilitate tabletop exercises with engineering, legal, communications, and leadership stakeholders.
- Lead blameless post-mortems and ensure lessons learned translate into durable technical and organizational improvements.
- Define clear incident communication and escalation practices for both technical and non-technical stakeholders.
Requirements
- About Mistral At Mistral AI, we believe in the power of AI to simplify tasks, save time, and enhance learning and creativity.
- We democratize AI through high-performance, optimized, open-source and cutting-edge models, products and solutions.
- Our comprehensive AI platform is designed to meet enterprise needs, whether on-premises or in cloud environments.
- Our offerings include le Chat, the AI assistant for life and work.
- We are a dynamic, collaborative team passionate about AI and its potential to transform society.
- Join us to be part of a pioneering company shaping the future of AI.
- See more about our culture on https://mistral.ai/careers.
- Role Summary Mistral AI is looking for a senior Incident Response and Digital Forensics specialist to lead our incident response capability across a complex, rapidly evolving AI ecosystem.
- experience leading complex incident response and digital forensics investigations in cloud-native, technology, or similarly high-stakes environments.
- Demonstrated ability to take command during critical incidents and coordinate multidisciplinary teams under pressure.
- Strong knowledge of cloud and container forensics, including environments such as AWS, GCP, Kubernetes, and on-premises infrastructure. Hands-on
- experience with endpoint forensics, ideally including macOS environments. Strong understanding of attacker behaviors, investigation methodologies, evidence handling, and the MITRE ATT&CK framework.
- Experience building incident response runbooks, forensic workflows, tabletop exercises, and post-incident review practices.
- Ability to automate investigative or response workflows using Python, Go, or similar languages.
- Excellent written and verbal communication skills, with the ability to communicate clearly with engineers, legal teams, executives, and other stakeholders.
- A calm, methodical, and pragmatic approach, combined with a strong sense of ownership.
Additional details
- Our technology is designed to integrate seamlessly into daily working life.
- Our diverse workforce thrives in competitive environments and is committed to driving innovation.
- Our teams are distributed between France, USA, UK, Germany and Singapore.
- Reporting to the SOC Lead, you will take end-to-end ownership of major security incidents, from initial investigation and containment through remediation and post-incident improvement.
- During critical events, you will act as the incident commander, bringing structure, sound judgment, and calm leadership to high-pressure situations.
- This is a hands-on, player-coach position combining deep technical investigations with capability building.
- You will help define our incident response methodology, forensic tooling, runbooks, exercises, and post-mortem practices.
- As the organization grows, the role may also offer opportunities to build and lead a dedicated incident response team.
- What You Will Do Own the incident response lifecycle for high-severity security events, including triage, investigation, containment, remediation, recovery, and post-incident review.
- Act as incident commander, coordinating technical teams and key stakeholders during complex security incidents.