DetectionDevelopmentIntern,Fall2026

What does it take to detect real threats across a large SaaS environment? Are you curious about how enterprise security teams identify suspicious activity, build detections, and improve visibility across modern cloud and Software as a Service (SaaS) platforms? Coveo is looking for a Detection Engineering Intern to join our Security Operations Center (SOC) team. Your mission? Help us strengthen our detection coverage by building and tuning threat detection rules for the technologies that support Coveo’s production environment. The SOC team plays a key role in protecting Coveo by monitoring security activity, investigating alerts, and continuously improving our ability to detect threats across our SaaS and infrastructure footprint. As an intern, you’ll contribute to initiatives that expand our detection capabilities while gaining hands-on experience with real enterprise threat detection tools in a production environment. Your impact, day to day: Participate in daily stand-up meetings to discuss progress, roadblocks, and priorities. Collaborate with team members to ensure alignment and effective communication. Build and tune detection rules in XSIAM for different technologies, SaaS platforms, and log sources. Research how services and tools could be abused by threat actors in order to identify realistic detection opportunities. Contribute to detection coverage for platforms such as 1Password, AWS, Cortex XDR logs, and other more. Analyze logs and security telemetry to better understand user activity, system behavior, and potential indicators of suspicious activity. Take an active role in discussions around detection quality. Share your thinking, ask questions, and receive feedback to strengthen your analytical approach and technical skills. Develop your skills by drawing on your coach’s expertise. Watch, learn, and apply best practices used in security monitoring, threat detection, and detection engineering. The Essentials: You are currently studying Software Engineeri