5 jobs found

About Mistral At Mistral AI, we believe in the power of AI to simplify tasks, save time, and enhance learning and creativity. Our technology is designed to integrate seamlessly into daily working life. We democratize AI through high performance, optimized, open source and cutting edge models, products and solutions. Our comprehensive AI platform is designed to meet enterprise needs, whether on premises or in cloud environments. Our offerings include le Chat, the AI assistant for life and work. We are a dynamic, collaborative team passionate about AI and its potential to transform society. Our diverse workforce thrives in competitive environments and is committed to driving innovation. Our teams are distributed between France, USA, UK, Germany and Singapore. We are creative, low ego and team spirited. Join us to be part of a pioneering company shaping the future of AI. Together, we can make a meaningful impact. See more about our culture on Role summary At Mistral AI, we're pushing the boundaries of what's possible with agentic systems-building products like Mistral Studio and Mistral Vibe that redefine how users interact with AI. As a Security Researcher, you'll play a pivotal role in safeguarding these innovations by anticipating, identifying, and mitigating risks before they materialize. This isn't just about finding vulnerabilities; it's about shaping the future of secure AI by embedding an attacker's mindset into everything we build. You'll work at the intersection of offensive security, AI safety, and product development, collaborating with cross functional teams to harden our systems against evolving threats. Your expertise will directly influence how we design, deploy, and protect our most critical assets-ensuring our agents remain resilient, trustworthy, and ahead of adversaries. This role is ideal for those who thrive in dynamic environments, where creativity, technical depth, and a passion for security converge to solve unprecedented challenges. What you will do Proactively hunt for vulnerabilities in the interactions between our agentic applications, cloud infrastructure, and foundational models, with a focus on realistic, high impact attack vectors. Design and execute red and purple team exercises, simulating sophisticated adversarial scenarios to stress test our defenses and refine our detection capabilities. Partner with defensive teams to translate offensive insights into actionable improvements, from detection engineering to incident response. Conduct in depth penetration testing across our product suite, including AI driven workflows, custom infrastructure, and user facing interfaces. Build and automate offensive tooling to scale your impact, leveraging cutting edge techniques to stay ahead of emerging threats. Communicate findings with clarity and conviction, ensuring technical and non technical stakeholders understand risks and prioritize mitigations effectively. Shape Mistral AI's security strategy by contributing attacker informed perspectives to threat modeling, risk assessment, and architectural decisions. About you You're likely a strong fit if you bring: 7+ years of offensive security experience, with a track record of identifying and exploiting subtle vulnerabilities in complex systems-or equivalent expertise demonstrated through exceptional achievements. Deep knowledge of AI/ML security risks, including prompt injection, data leakage, model manipulation, and abuses of dynamic UI components. Hands on experience assessing modern technology stacks, such as: Custom Kubernetes deployments and containerized environments Cloud native architectures (AWS, GCP, or Azure) CI/CD pipelines and GitHub security best practices macOS/Linux internals and Python/React based applications Data science toolchains and AI/ML infrastructure A builder's mindset: The ability to write robust tools, automate offensive workflows, and contribute to defensive solutions in complex codebases. Strong intuition for trust boundaries and risk assessment in fast moving, high stakes environments. Outstanding communication skills, with the ability to distill technical nuances into compelling narratives that drive change. A collaborative spirit, eager to work alongside engineers, researchers, and product teams to embed security into every phase of development. Now, it would be ideal if you had experience with: Background in AI, data science, or related fields, with an understanding of how security intersects with model behavior and system design. Experience in high growth startups or research driven organizations, where agility and innovation are paramount. Expertise in adjacent disciplines, such as software engineering, detection engineering, SRE, or security architecture. Location & Remote This role is based in one of our European offices (Paris, France and London, UK). We will only consider candidates who either reside or are open to relocating there. We strongly believe in the value of in person collaboration and we encourage going to the office as much as we can (at least 3 days per week) to create bonds and smooth communication. Our remote policy aims to provide flexibility, improve work life balance and increase productivity. What we offer Competitive salary and equity (stock options) ️ Health insurance Transportation allowance Sport allowance Meal vouchers Private pension plan Generous parental leave policy Visa sponsorship By applying, you agree to our Applicant Privacy Policy.

Tesco UK • Welwyn Garden City • Hybrid • Full-Time • Working hours 36 • Apply by 04-May-2026 As a Cyber Security Detection Engineer, you will lead the development, implementation, and continuous improvement of Tesco's cyber security detection capability. You will be required to understand the changing threat landscape, see opportunities for improvement in existing detections, establish new detections, and ensure appropriate detection coverage for the organisation. You will work closely with multiple teams, including security operations, engineering, and risk & compliance, in a fast paced and agile environment. What is in it for you We're all about the little helps. That's why we make sure our Tesco colleague benefits package takes care of you - both in and out of work. Click Here to find out more! Annual bonus scheme of up to 20% of base salary Holiday starting at 25 days plus a personal day (plus Bank holidays) Private medical insurance 26 weeks maternity and adoption leave (after 1 years' service) at full pay, followed by 13 weeks of Statutory Maternity Pay or Statutory Adoption Pay, we also offer 4 weeks fully paid paternity leave Free 24/7 virtual GP service, Employee Assistance Programme (EAP) for you and your family, free access to a range of experts to support your mental wellbeing You will be responsible for Responsible for developing and driving the cyber security detection capability both day-today and strategically for the Tesco Group. You are expected to seek out effective and comprehensive detection logic and capability, ensuring detections are robust and not brittle, thoroughly tested, and that alerts and supporting information is available to and understood by operational cyber security teams. You are expected to put the needs of operational teams and incident responders at the centre of your development work, ensuring detections and alerts are relevant, of value, and have practical response steps. You will need to ensure detection capability is fit for both onpremises, private and public cloud environments, working at significant scale, and across a diverse range of asset types. In addition, you may provide support during cyber security incidents, participate in threat hunts, and work with other security teams to deliver automation and standardisation to improve efficiency and response. You will need Relevant Operational skills: Ability to assess and validate information from various sources on cyber and informational security threats to business Ability to analyse and identify significance of processed intelligence to identify trends, threat actor TTPs and potential capabilities Ability to break down and translate information into tangible actionable data Secure & Test-Driven Engineering: Understanding of cyber security threat frameworks such as MITRE ATT&CK, Lockheed Martin Killchain etc. 2 Ability to specify/implement processes to maintain required level of security for a component/product/system during its lifecycle Proficient at detection development lifecycle covering all reasonable positive and negative test cases Ability to conduct code reviews of existing content and processes to identify and enhance or mitigate security issues Contribute to security evaluation of or testing of threat/vulnerabilities faced by systems Applies recognised evaluation/testing methodologies, tools and techniques to signature development / reviews, suggesting new ones where appropriate Research: Ability to quantify and define research goals to generate worthwhile relevant detection ideas for further testing and exploration Ability to summarise findings or technical information to be disseminated with wider teams, factoring in business knowledge and summaries Experience relevant for this role: Ability to develop queries and enable robust detection of threats Working knowledge of Windows, macOS or Linux operating systems Ability to work independently as well as part of a team Understanding of modern attacker TTPs Translate threat intelligence into actionable detection logic Solid grasp of detection technologies A broad understanding of security concepts; an interest and passion for cyber security An analytical approach; ability in problem solving and comfortable working on production systems at scale Query languages such as KQL or SPL Experience developing and maintaining basic automation scripts (e.g., Bash, Python, Batch, PowerShell etc.) Desirable Skills and Experience: Knowledge of cloud infrastructure, cloud security and cloud APIs a plus Knowledge of attacker tools and evasion techniques within offensive engineering Working knowledge of at least one major programming language, including scripting languages like Python and PowerShell Experience of developing detections as code Desirable Certifications: One or more from: CompTIA Security+, GIAC, CEH, SSCP. Where appropriate other industry relevant certifications will be considered About us Our vision at Tesco is to become every customer's favourite way to shop, whether they are at home or out on the move. Our core purpose is 'Serving our customers, communities and planet a little better every day'. Serving means more than a transactional relationship with our customers. It means acting as a responsible and sustainable business for all stakeholders, for the communities we are part of and for the planet. We are proud to have an inclusive culture at Tesco where everyone truly feels able to be themselves. At Tesco, we not only celebrate diversity, but recognise the value and opportunity it brings. We're committed to creating a workplace where differences are valued, and make sure that all colleagues are given the same opportunities. We're proud to have been accredited Disability Confident Leader and we're committed to providing a fully inclusive and accessible recruitment process. For further information on the accessibility support we can offer, please click here. We're a big business and we can offer a range of diverse full-time & part-time working patterns across our many business areas, which means that we can find something that works for you. We work in a more blended pattern - combining office and remote working. Our offices will continue to be where we connect, collaborate and innovate. If you are applying internally, please speak to the Hiring Manager about how this can work for you - Everyone is welcome at Tesco.