Job Specifications
About Mistral
At Mistral AI, we believe in the power of AI to simplify tasks, save time, and enhance learning and creativity. Our technology is designed to integrate seamlessly into daily working life.
We democratize AI through high-performance, optimized, open-source and cutting-edge models, products and solutions. Our comprehensive AI platform is designed to meet enterprise needs, whether on-premises or in cloud environments. Our offerings include le Chat, the AI assistant for life and work.
We are a dynamic, collaborative team passionate about AI and its potential to transform society.
Our diverse workforce thrives in competitive environments and is committed to driving innovation. Our teams are distributed between France, USA, UK, Germany and Singapore. We are creative, low-ego and team-spirited.
Join us to be part of a pioneering company shaping the future of AI. Together, we can make a meaningful impact. See more about our culture on https://mistral.ai/careers.
Role Summary
As an Information & Security Officer, you will be responsible for ensuring the security and compliance of our infrastructure, with a strong focus on ISO 27001 certification and Kubernetes security. You will take ownership of security policies, technical controls, and documentation, ensuring the company adheres to best practices while maintaining an efficient security posture. This is a highly operational role where autonomy, initiative, and technical expertise are key. The role reports to the VP of Engineering.
What you will do
Security Governance & Compliance
Lead and oversee the certification processes (ISO27001, ISO27701, SOC2, …)
Ensure security policies align with compliance requirements
Document security controls and maintain compliance records
Enable internal teams to fill security questionnaires and answer questions on our posture and practices
Cloud Security & Technical Oversight
Review cloud providers controls and security configurations
Ensure proper access management and security enforcement
Work with engineering teams to implement secure development practices
Security Policy & Documentation
Draft, maintain, and enforce security policies
Conduct security risk assessments and propose mitigation strategies
Create internal security guidelines and best practices
Security Operations & Incident Response
Monitor security incidents and ensure proper response procedures
Conduct regular security audits and penetration testing coordination
Recommend security tools, automation processes and frameworks to enhance security processes
Be very proactive in ensuring our security posture remains at the forefront of AI leaders
About You
You have 5+ years of experience in security roles (Security Officer, Security Engineer, Compliance & Security Manager)
You have a strong expertise in ISO 27001 certification and compliance frameworks
You have a solid understanding of cloud security and best practices in a scale-up environment
You are experienced with writing and implementing security policies
You take initiative and drive security improvements proactively
You don’t wait for instructions—you solve problems and take action
You ensure security policies are meticulously documented and enforced
You can explain security best practices clearly to both technical and non-technical teams
You collaborate effectively with engineers, compliance officers, and leadership
Now it would be ideal if you :
Have experience with AI security frameworks or upcoming AI-related security certifications
Have worked in fast-growing scale-ups where security was built from the ground up
Are familiar with security automation tools to streamline compliance processes
Have experience in incident response planning and crisis management
Speak French (nice to have, but not required)
Benefits
Competitive cash salary and equity
Food : Daily lunch vouchers
Sport : Monthly contribution to a Gympass subscription
Transportation : Monthly contribution to a mobility pass
Health : Full health insurance for you and your family
Parental : Generous parental leave policy
Visa sponsorship