CyberSecurity Engineer, DevSecOps

About Mistral    At Mistral AI, we believe in the power of AI to simplify tasks, save time, and enhance learning and creativity. Our technology is designed to integrate seamlessly into daily working life.   We democratize AI through high-performance, optimized, open-source and cutting-edge models, products and solutions. Our comprehensive AI platform is designed to meet enterprise needs, whether on-premises or in cloud environments. Our offerings include le Chat, the AI assistant for life and work.   We are a dynamic, collaborative team passionate about AI and its potential to transform society. Our diverse workforce thrives in competitive environments and is committed to driving innovation. Our teams are distributed between France, USA, UK, Germany and Singapore. We are creative, low-ego and team-spirited.   Join us to be part of a pioneering company shaping the future of AI. Together, we can make a meaningful impact. See more about our culture on https://mistral.ai/careers.   Role summary   Mistral AI is looking for a DevSecOps Engineer to architect and maintain the security posture of our rapidly scaling AI infrastructure and application lifecycle. You will treat security as a seamless enabler for our research and engineering teams.   Your objective is to embed robust security controls into our CI/CD pipelines, infrastructure environments, and developer workflows, without compromising deployment velocity.       What you will do   • Drive threat modeling and risk prioritization exercises, serving as the security counterpart to system-design reviews for our core infrastructure and new products. • Own end-to-end vulnerability management across CI/CD pipelines and runtime environments, covering both underlying infrastructure and applications. • Secure our Kubernetes deployments and containerized workloads, implementing advanced pod and node hardening to prevent lateral movement across distributed systems. • Define and enforce Infrastructure-as-Code security by building robust Terraform guardrails and integrating policy-as-code directly into deployment pipelines. • Design and execute a comprehensive security tooling strategy, managing solutions for CNAPP, CSPM, SAST, SCA, secrets management, and SBOM-CVE tracking. • Champion developer enablement by building secure defaults, streamlining remediation workflows, and drafting actionable security guidelines. • Build foundational security automation to scale alongside hyper-growth, minimizing manual overhead while establishing a pragmatic security culture from the ground up.     About you   • 5+ years of experience in DevSecOps, Security Engineering, or Cloud Security, ideally acting as an early security hire in a fast-paced or hyper-scale environment.   • Deep understanding of Kubernetes and container security, alongside strong experience securing Infrastructure-as-Code (Terraform) across major cloud providers.   • Strong programming and scripting skills (Python, Go, or similar) to build security automation and seamlessly integrate diverse security tools into the developer workflow.   • Extensive experience deploying and tuning modern security tooling with a pragmatic approach to vulnerability management and threat modeling.    • Strong communication skills with a proven track record of partnering with developers and researchers to embed secure defaults without creating engineering friction.   Hiring Process   • Introduction call - 30 min • Hiring Manager interview - 30 min • Technical Rounds   - Scripting Interview - 45 min   - Dee-Dive interview - 55 min • Culture-fit discussion - 30 min • References   By applying, you agree to our Applicant Privacy Policy.