# CyberSecurity Team Lead, Infrastructure and Application

**Company**: Mistral AI
**Location**: Paris
**Work arrangement**: hybrid
**Experience**: senior
**Job type**: full-time
**Category**: Engineering
**Industry**: Technology
**Wikidata**: https://www.wikidata.org/wiki/Q119718658

**Apply**: https://jobs.lever.co/mistral/c9b75928-dd48-4432-b6f1-fc0b24e51657
**Canonical**: https://yubhub.co/jobs/job_08f992cf-0e9

## Description

About Mistral AI

Mistral AI is a technology company that develops and provides AI-powered solutions and platforms for enterprise use. Our technology is designed to integrate seamlessly into daily working life.

Role Summary

As a CyberSecurity Team Lead, you will be responsible for architecting and enforcing the security posture of our entire technical stack, from on-premise foundations to cloud-native deployments. You will oversee the identification, prioritization, and remediation of vulnerabilities across both On-Prem and Cloud infrastructures as well as internal applications.

Responsibilities

* Oversee the identification, prioritization, and remediation of vulnerabilities across both On-Prem and Cloud infrastructures as well as internal applications.
* Select, deploy, and maintain the tools needed for visibility and protection, including CNAPP, CSPM, SAST/DAST, secret scanning, and SBOM/CVE tracking.
* Integrate security controls and automated gates directly into CI/CD pipelines to catch vulnerabilities before deployment (Shift Left).
* Partner with engineering teams to interpret findings and 'ease the fix,' providing patches, code snippets, or architectural advice to resolve issues quickly.
* Define and maintain rigorous security guidelines and best practices for developers and system administrators.
* Design and lead security awareness programs and technical training tailored for developers and admins to reduce human risk.
* Track and define key security metrics (MTTR, coverage, vulnerability density) to visualize posture and progress to leadership.

Requirements

* 6+ years of experience in Information Security, with a specific focus on Application Security, Cloud Security, or DevSecOps.
* Strong scripting skills (Python, Go, or Bash) to automate security tasks and integrate tools.
* Deep understanding of CI/CD ecosystems and container orchestration (Kubernetes/Docker).
* Hands-on experience with modern security tooling (e.g., Wiz, Snyk, SonarQube, Prisma, or similar enterprise tools).
* Collaborative mindset: you view developers as partners, not adversaries, and focus on enabling them to code securely.
* Clear communication, autonomous, and capable of translating technical security risks into actionable engineering tasks.

Benefits

* Competitive salary
* Comprehensive health insurance
* Flexible working hours
* Professional development opportunities

Note: The company may offer additional benefits not listed here.

## Skills

### Required
- Application Security
- Cloud Security
- DevSecOps
- CI/CD ecosystems
- Container orchestration
- Modern security tooling
- Scripting skills
- Collaborative mindset
- Clear communication

### Nice to have
- Industry certifications
- Infrastructure as Code
- Offensive security
- Prior experience securing large-scale AI or Machine Learning infrastructure