CyberSecurity, Offensive Security Engineer

About Mistral

At Mistral AI, we believe in the power of AI to simplify tasks, save time, and enhance learning and creativity. Our technology is designed to integrate seamlessly into daily working life. We democratize AI through high‑performance, optimized, open‑source and cutting‑edge models, products and solutions. Our comprehensive AI platform is designed to meet enterprise needs, whether on‑premises or in cloud environments. Our offerings include le Chat, the AI assistant for life and work. We are a dynamic, collaborative team passionate about AI and its potential to transform society. Our diverse workforce thrives in competitive environments and is committed to driving innovation. Our teams are distributed between France, USA, UK, Germany and Singapore. We are creative, low‑ego and team‑spirited. Join us to be part of a pioneering company shaping the future of AI. Together, we can make a meaningful impact.

Role summary

At Mistral AI, we’re pushing the boundaries of what’s possible with agentic systems—building products like Mistral Studio and Mistral Vibe that redefine how users interact with AI. As a Security Researcher, you’ll play a pivotal role in safeguarding these innovations by anticipating, identifying, and mitigating risks before they materialize. This isn’t just about finding vulnerabilities; it’s about shaping the future of secure AI by embedding an attacker’s mindset into everything we build. You’ll work at the intersection of offensive security, AI safety, and product development, collaborating with cross‑functional teams to harden our systems against evolving threats. Your expertise will directly influence how we design, deploy, and protect our most critical assets—ensuring our agents remain resilient, trustworthy, and ahead of adversaries. This role is ideal for those who thrive in dynamic environments, where creativity, technical depth, and a passion for security converge to solve unprecedented challenges.

What you will do

• Proactively hunt for vulnerabilities in the interactions between our agentic applications, cloud infrastructure, and foundational models, with a focus on realistic, high‑impact attack vectors.
• Design and execute red and purple team exercises, simulating sophisticated adversarial scenarios to stress‑test our defenses and refine our detection capabilities.
• Partner with defensive teams to translate offensive insights into actionable improvements, from detection engineering to incident response.
• Conduct in‑depth penetration testing across our product suite, including AI‑driven workflows, custom infrastructure, and user‑facing interfaces.
• Build and automate offensive tooling to scale your impact, leveraging cutting‑edge techniques to stay ahead of emerging threats.
• Communicate findings with clarity and conviction, ensuring technical and non‑technical stakeholders understand risks and prioritize mitigations effectively.
• Shape Mistral AI’s security strategy by contributing attacker‑informed perspectives to threat modeling, risk assessment, and architectural decisions.

About you

You’re likely a strong fit if you bring:

• 7+ years of offensive security experience, with a track record of identifying and exploiting subtle vulnerabilities in complex systems—or equivalent expertise demonstrated through exceptional achievements.
• Deep knowledge of AI/ML security risks, including prompt injection, data leakage, model manipulation, and abuses of dynamic UI components.
• Hands‑on experience assessing modern technology stacks, such as:
• Custom Kubernetes deployments and containerized environments
• Cloud‑native architectures (AWS, GCP, or Azure)
• CI/CD pipelines and GitHub security best practices
• macOS/Linux internals and Python/React‑based applications
• Data science toolchains and AI/ML infrastructure
• A builder’s mindset: The ability to write robust tools, automate offensive workflows, and contribute to defensive solutions in complex codebases.
• Strong intuition for trust boundaries and risk assessment in fast‑moving, high‑stakes environments.
• Outstanding communication skills, with the ability to distill technical nuances into compelling narratives that drive change.
• A collaborative spirit, eager to work alongside engineers, researchers, and product teams to embed security into every phase of development.

Now, it would be ideal if you had experience with:

• Background in AI, data science, or related fields, with an understanding of how security intersects with model behavior and system design.
• Experience in high‑growth startups or research‑driven organizations, where agility and innovation are paramount.
• Expertise in adjacent disciplines, such as software engineering, detection engineering, SRE, or security architecture.

Location & Remote

This role is based in one of our European offices (Paris, France and London, UK). We will only consider candidates who either reside or are open to relocating there. We strongly believe in the value of in‑person collaboration and we encourage going to the office as much as we can (at least 3 days per week) to create bonds and smooth communication. Our remote policy aims to provide flexibility, improve work‑life balance and increase productivity.

What we offer

• Competitive salary and equity (stock‑options)
• Health insurance
• Transportation allowance
• Sport allowance
• Meal vouchers
• Private pension plan
• Generous parental leave policy
• Visa sponsorship

By applying, you agree to our Applicant Privacy Policy.