CyberSecurity Engineer, DevSecOps

Mistral AI

Job Overview

Location

Paris

Job Type

Full-time

Full Job Description

📋 Description

• As a CyberSecurity Engineer specializing in DevSecOps at Mistral AI, you will play a critical role in safeguarding the company’s rapidly expanding AI infrastructure by embedding security into every layer of the development lifecycle, ensuring that innovation proceeds without compromising safety or compliance.
• You will act as a trusted security partner to research and engineering teams, enabling them to move fast while maintaining rigorous security standards across cloud-native environments, CI/CD pipelines, and containerized workloads.
• Your day-to-day responsibilities will include driving threat modeling and risk prioritization exercises for core infrastructure and new product features, serving as the security expert during system-design reviews to identify and mitigate risks early.
• You will own end-to-end vulnerability management across CI/CD pipelines and runtime environments, continuously scanning, assessing, and remediating vulnerabilities in both infrastructure and application layers using automated tooling and manual analysis.
• You will secure Kubernetes deployments and containerized workloads by implementing pod and node hardening techniques, network policies, runtime protection, and admission controls to prevent lateral movement and privilege escalation.
• You will define and enforce Infrastructure-as-Code security by creating Terraform guardrails, writing Sentinel or OPA policies, and integrating policy-as-code checks directly into GitHub Actions or similar CI/CD pipelines to block insecure configurations before deployment.
• You will design and execute a comprehensive security tooling strategy, managing and optimizing solutions for CNAPP, CSPM, SAST, SCA, secrets management (e.g., HashiCorp Vault), and SBOM-CVE tracking to ensure full visibility and control over the software supply chain.
• You will champion developer enablement by building secure defaults, creating self-service security workflows, automating remediation where possible, and drafting clear, actionable security guidelines that reduce friction and promote adoption.
• You will build foundational security automation to scale with hyper-growth, reducing manual toil through scripting and integration, while fostering a pragmatic, security-aware culture that empowers teams rather than hinders them.
• Mistral AI is a dynamic, international team passionate about democratizing AI through open-source, high-performance models and products like le Chat, with operations spanning France, the USA, UK, Germany, and Singapore, and a culture rooted in collaboration, low ego, and innovation.
• The company values creativity, technical excellence, and real-world impact, offering you the opportunity to shape the security foundation of a pioneering AI company at the forefront of technological advancement.
• In this role, you will gain deep expertise in securing cutting-edge AI infrastructure at scale, develop leadership in DevSecOps practices, and have the autonomy to build security programs from the ground up, positioning yourself as a key enabler of safe, responsible AI innovation.

🎯 Requirements

• 5+ years of experience in DevSecOps, Security Engineering, or Cloud Security, preferably as an early security hire in a fast-paced or hyper-scale environment.
• Deep expertise in Kubernetes and container security, including hands-on experience securing workloads, configuring network policies, and implementing runtime protection across major cloud providers (AWS, GCP, Azure).
• Strong proficiency in Infrastructure-as-Code, particularly Terraform, with proven ability to write secure modules, implement policy-as-code (OPA/Sentinel), and integrate security checks into CI/CD pipelines.
• Advanced programming and scripting skills in Python, Go, or similar languages to build custom security automation, tool integrations, and remediation workflows.
• Extensive experience deploying, configuring, and optimizing modern security tooling such as CNAPP, CSPM, SAST, SCA, secrets managers, and SBOM generators, with a pragmatic approach to vulnerability prioritization and threat modeling.
• Excellent communication and collaboration skills, with a demonstrated ability to partner effectively with software developers and researchers to embed security without creating bottlenecks or friction.

🏖️ Benefits

• Opportunity to work on cutting-edge AI infrastructure at a rapidly growing, innovative company shaping the future of artificial intelligence.
• Fully remote-friendly or hybrid work options with offices in Paris and global team distribution across the USA, UK, Germany, and Singapore.
• Access to advanced security tooling and cloud platforms, enabling hands-on experience with the latest DevSecOps technologies and practices.
• Collaborative, low-ego culture that values innovation, technical excellence, and work-life balance, with strong emphasis on learning and professional growth.
• Competitive compensation package including equity, comprehensive health benefits, and support for continuous learning and certifications.
• Chance to build and scale a security function from the ground up, making a lasting impact on the security posture of a pioneering AI organization.

Skills & Technologies

Python

Node.js

Kubernetes

Terraform

Onsite

Ready to Apply?

Apply Externally

You will be redirected to an external site to apply.

Mistral AI

Visit Website

About Mistral AI

Mistral AI is a Paris-based artificial intelligence company founded in 2023 that develops large language models and generative AI systems. The company creates open-source and commercial models optimized for performance, efficiency, and multilingual capabilities, serving enterprises and developers through APIs and cloud platforms. Its research focuses on advancing frontier AI while emphasizing safety, transparency, and European technological sovereignty.

View Company Profile

Get more remote jobs like this

Subscribe to the weekly newsletter for similar remote roles and curated hiring updates.

Weekly remote jobs and featured talent.

No spam. Only curated remote roles and product updates. You can unsubscribe anytime.