This website uses cookies to ensure you get the best experience.

StrangeBee and our selected partners use cookies and similar technologies (together “cookies”) that are necessary to present this website, and to ensure you get the best experience of it. If you consent to it, we will also use cookies for analytics purposes.

See our Cookie Policy to read more about the cookies we set.

You can withdraw and manage your consent at any time, by clicking “Manage cookies” at the bottom of each website page.

Select which cookies you accept

On this site, we always set cookies that are strictly necessary, meaning they are necessary for the site to function properly.

If you consent to it, we will also set other types of cookies. You can provide or withdraw your consent to the different types of cookies using the toggles below. You can change or withdraw your consent at any time, by clicking the link “Manage Cookies”, that is always available at the bottom of the site.

To learn more about what the different types of cookies do, how your data is used when they are set etc, see our Cookie Policy.

These cookies are necessary to make the site work properly, and are always set when you visit the site.

Vendors Teamtailor

These cookies collect information to help us understand how the site is being used.

Vendors Teamtailor
Skip to main content
Platform · France · Hybrid

AI Software Engineer (LLM, MCP...)

About us

StrangeBee is a European cybersecurity software company specializing in Incident Response.

Founded in 2018 by the creators of TheHive and Cortex, StrangeBee was built on the success of tools that quickly became widely adopted within the cybersecurity community. What started as open-source initiatives evolved into enterprise-grade solutions trusted by organizations worldwide.

Today, TheHive is recognized as a leading incident response platform, empowering thousands of security analysts to detect, investigate, and respond to cyber threats efficiently.

StrangeBee now operates as a fully commercial software vendor, focused on delivering robust, scalable, and continuously evolving solutions tailored to the needs of modern security teams.

Our ambition is clear: strengthen our product ecosystem, meet the fast-growing demands of the cybersecurity market, and establish StrangeBee as a global leader in incident response platforms.

We are growing fast — and we’re looking for people who want to grow with us.

Job description

Join StrangeBee to build the future of AI-powered incident response. As an AI Software Engineer (LLM, MCP, AI Agents), you will be at the forefront of innovation, designing and deploying AI capabilities directly embedded into TheHive and Cortex.

Your mission is to transform how SOC analysts work by integrating advanced LLM-driven features, intelligent agents, and automation into mission-critical cybersecurity workflows. You will bridge cutting-edge AI research with production-grade software used by thousands of security professionals worldwide.

Responsibilities

AI Solutions Development

  • Design and build integrations between TheHive and Large Language Models (LLMs), embedding AI capabilities directly into analysts’ workflows.

  • Design and implement AI agents to automate incident triage, observable enrichment, and customer feedback analysis.

  • Integrate LLM-powered features into TheHive and Cortex to enhance user experience and analyst productivity.

  • Contribute to the architecture of scalable, secure AI systems embedded within enterprise-grade products.

Innovation & Production

  • Rapidly prototype and evaluate new AI use cases in cybersecurity (log analysis, pattern detection, report generation, knowledge assistance).

  • Deploy and maintain AI services and models in production environments (Docker, CI/CD, cloud infrastructure).

  • Ensure monitoring, observability, performance optimization, and cost control of AI systems.

  • Implement automated evaluation frameworks (LLM evals) to ensure reliability, quality, and continuous improvement.

  • Document your work and share knowledge internally to strengthen AI expertise across the company.

Success in the First 6–12 Months

  • AI integrations with TheHive are deployed, stable, and actively used by customers.

  • LLM-driven features significantly improve analyst efficiency and product experience.

  • A robust automated evaluation system ensures output quality and reliability.

  • You actively contribute to internal knowledge sharing (technical talks, documentation, best practices).

Requirements

AI & LLM Expertise

  • Strong understanding of Large Language Models: architecture, training principles, fine-tuning, prompt engineering.

  • Experience building AI-powered applications in production.

  • Knowledge of Model Context Protocol (MCP) or ability to ramp up quickly.

  • Understanding of AI security risks (prompt injection, data leakage, model misuse).

Software Engineering

  • Minimum 5 years of experience in software development.

  • Strong proficiency in Go (or equivalent such as Python, Rust, Java) with the ability to quickly contribute to Go-based systems.

  • Experience designing clean, maintainable, production-ready architectures.

  • Solid understanding of testing practices (unit, integration, end-to-end).

Infrastructure & DevOps

  • Strong experience with Docker and Docker Compose.

  • Experience with CI/CD pipelines (GitHub Actions or equivalent).

  • Familiarity with cloud environments (AWS or other providers).

Bonus

  • Interest in or experience with cybersecurity.

  • Experience with vector databases and Retrieval-Augmented Generation (RAG) systems.

  • Experience working on AI agent architectures.

  • Experience optimizing LLM performance, latency, and cost in production.

You might feel hesitant to apply if you don’t match 100% of the requirements. This list is a guide, we encourage you to apply even if you are a partial match. We are building teams that innovate, not teams that simply tick every box.

Why join us

At StrangeBee, you won’t just join a company — you’ll help shape a growing European cybersecurity leader.

What makes us different is not only what we build, but how we build it.

Customer Centric
Everything we do starts with impact. We build for real security teams facing real threats. We listen carefully, challenge assumptions, and aim to deeply understand the “why” behind every need. If you care about delivering meaningful value — not just shipping features — you’ll feel at home here.

Quest for Excellence
“Good enough” is not our standard. We continuously question how we work, how we collaborate, and how we improve our product. Excellence for us means rigor, accountability, and pride in craftsmanship — whether in code, sales conversations, customer support, or internal processes.

Embrace Change
Cybersecurity evolves constantly — so do we. We encourage initiative, ideas, and constructive challenge. If you see something that could be better, you’re expected to speak up and help drive improvement. Change is not something we endure; it’s something we actively shape.

One Team
We believe performance comes from trust. We foster open communication, mutual respect, and psychological safety. Everyone’s voice matters, and collaboration goes beyond titles or departments. We succeed together.

Joining StrangeBee means working in an environment where ownership is real, standards are high, and impact is visible — while being part of a team that genuinely supports each other.

Hiring process

We aim to keep our process transparent, structured, and respectful of your time.

  1. Discovery call with the hiring team (30 minutes)
    A first conversation to understand your background, motivations, and answer your initial questions.

  2. Technical (IA) interview with the tech team (90 minutes)
    Deep dive into your experience, skills, and the role expectations.

  3. Technical (Dev) interview with the tech team (1 hour)
    Deep dive into your experience, skills, and the role expectations.

  4. Interview with the CTPO and the Head of HR (45 minutes)
    Discussion around vision, culture fit, and long-term alignment.

  5. Final discussion and offer (15 minutes)
    Alignment on expectations, compensation, and next steps.

Please note we may conduct a reference check before finalizing the offer.

Département
Platform
Locations
France
Remote status
Hybrid
Employment type
Full-time

About StrangeBee

StrangeBee is a French cybersecurity company and the creator of TheHive and Cortex, widely trusted by SOCs, CERTs, and CSIRTs around the world. Since 2018, we’ve been building powerful and scalable incident response solutions that help security teams investigate and respond to threats with confidence. Driven by real-world feedback and a strong open-source heritage, our team is passionate about innovation, collaboration, and making the digital world safer — together.

Platform · France · Hybrid

AI Software Engineer (LLM, MCP...)

Loading application form

Already working at StrangeBee?

Let’s recruit together and find your next colleague.

Applicant tracking system by Teamtailor