security
Posted Mar 25CyberSecurity Engineer, DevSecOps
at Mistral AI
Paris, FranceOn-site
Responsibilities
- Drive threat modeling and risk prioritization exercises, serving as the security counterpart to system-design reviews for our core infrastructure and new products.
- Own end-to-end vulnerability management across CI/CD pipelines and runtime environments, covering both underlying infrastructure and applications.
- Define and enforce Infrastructure-as-Code security by building robust Terraform guardrails and integrating policy-as-code directly into deployment pipelines.
- Design and execute a comprehensive security tooling strategy, managing solutions for CNAPP, CSPM, SAST, SCA, secrets management, and SBOM-CVE tracking.
- Champion developer enablement by building secure defaults, streamlining remediation workflows, and drafting actionable security guidelines.
- Build foundational security automation to scale alongside hyper-growth, minimizing manual overhead while establishing a pragmatic security culture from the ground up. About you 5+ years of
Requirements
- About Mistral At Mistral AI, we believe in the power of AI to simplify tasks, save time, and enhance learning and creativity.
- We democratize AI through high-performance, optimized, open-source and cutting-edge models, products and solutions.
- Our comprehensive AI platform is designed to meet enterprise needs, whether on-premises or in cloud environments.
- Our offerings include le Chat, the AI assistant for life and work.
- We are a dynamic, collaborative team passionate about AI and its potential to transform society.
- Join us to be part of a pioneering company shaping the future of AI.
- See more about our culture on https://mistral.ai/careers.
- Role summary Mistral AI is looking for a DevSecOps Engineer to architect and maintain the security posture of our rapidly scaling AI infrastructure and application lifecycle.
- Secure our Kubernetes deployments and containerized workloads, implementing advanced pod and node hardening to prevent lateral movement across distributed systems.
- experience in DevSecOps, Security Engineering, or Cloud Security, ideally acting as an early security hire in a fast-paced or hyper-scale environment.
- Deep understanding of Kubernetes and container security, alongside strong