The Role
The SOC Analyst will monitor and respond to security threats across Mistral's environments, ensuring robust detection and rapid incident resolution. Responsibilities include partnering with teams for log centralization, designing high-fidelity alerts, conducting investigations, and managing security incidents.
Summary Generated by Built In
About Mistral
At Mistral AI, we believe in the power of AI to simplify tasks, save time, and enhance learning and creativity. Our technology is designed to integrate seamlessly into daily working life.
We democratize AI through high-performance, optimized, open-source and cutting-edge models, products and solutions. Our comprehensive AI platform is designed to meet enterprise needs, whether on-premises or in cloud environments. Our offerings include le Chat, the AI assistant for life and work.
We are a dynamic, collaborative team passionate about AI and its potential to transform society.
Our diverse workforce thrives in competitive environments and is committed to driving innovation. Our teams are distributed between France, USA, UK, Germany and Singapore. We are creative, low-ego and team-spirited.
Join us to be part of a pioneering company shaping the future of AI. Together, we can make a meaningful impact. See more about our culture on https://mistral.ai/careers.
Role summary
Mistral AI is looking for a Security Operations Center (SOC) Analyst to monitor, defend and respond to threats accros our rapidly evolving AI ecosystem
You will treat security telemetry as the core of our active defense. Your objective is to ensure the continuous security of our diverses environment, spanning IT, Engineering, Science, Compute and Infrastructure by building robust detection mechanisms and moving swiftly from alert to automated response.
What you will do
•Partner with engineering and platform teams to ensure the comprehensive centralization of security logs across all Mistral environments.
• Design, test, and continuously tune high-fidelity alert scenarios and correlation rules to detect anomalous behavior while minimizing alert fatigue.
• Operationalize Cyber Threat Intelligence (CTI), monitoring the landscape for threats specific to AI and cloud infrastructure, and integrating actionable intel directly into our detection pipelines.
• Conduct rigorous, deep-dive investigations into security alerts, tracking root causes, identifying potential lateral movement, and determining impact.
• Drive the lifecycle of security incidents from containment to remediation, and coordinate cross-functional crisis management during high-severity events.
About you
• 3+ years of experience in a Security Operations Center (SOC), Incident Response, or Threat Hunting role, ideally within a cloud-native or fast-paced tech environment.
• Deep understanding of the threat landscape, the MITRE ATT&CK framework, and the methodologies required to protect high-value infrastructure and intellectual property.
• Strong experience writing complex queries (e.g., KQL, Splunk SPL, or similar) and leveraging SIEM platforms to build out correlation rules and detection logic.
• Ability to write practical automation scripts in Python or Go to interact with security APIs, enrich alert context, and streamline response workflows.
• Proven experience participating in or leading incident response efforts, demonstrating a calm, methodical approach to high-pressure crisis management..
Hiring Process
• Introduction call - 30 min
• Hiring Manager interview - 30 min
• Technical Rounds
- Deep-Dive interview - 55 min
- Panel interview - 1h15
• Culture-fit discussion - 30 min
• References
By applying, you agree to our Applicant Privacy Policy.
Location & Remote
The position is based in our Paris HQ offices and we encourage going to the office as much as we can (at least 3 days per week) to create bonds and smooth communication. Our remote policy aims to provide flexibility, improve work-life balance and increase productivity. Each manager can decide the amount of days worked remotely based on autonomy and a specific context (e.g. more flexibility can occur during summer). In any case, employees are expected to maintain regular communication with their teams and be available during core working hours.
What we offer
💰 Competitive salary and equity package
🧑⚕️ Health insurance
🚴 Transportation allowance
🥎 Sport allowance
🥕 Meal vouchers
💰 Private pension plan
🍼 Generous parental leave policy
By applying, you agree to our Applicant Privacy Policy.
Skills Required
- 3+ years of experience in SOC, Incident Response, or Threat Hunting
- Deep understanding of threat landscape and MITRE ATT&CK framework
- Strong experience writing complex queries (KQL, SPL, etc.)
- Ability to write automation scripts in Python or Go
- Proven experience in incident response and crisis management
Am I A Good Fit?
Get Personalized Job Insights.
Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.
Success! Refresh the page to see how your skills align with this role.
The Company
What We Do
Fast, open-source and secure language models. Facilitated specialisation of models on business use-cases, leveraging private data and usage feedback. Built from a world-class team in Europe, targeting global market. Join the team ! https://jobs.lever.co/mistral/
.png)
