Detection Development Intern, Fall 2026

What does it take to detect real threats across a large SaaS environment?

Are you curious about how enterprise security teams identify suspicious activity, build detections, and improve visibility across modern cloud and Software as a Service (SaaS) platforms? Coveo is looking for a Detection Engineering Intern to join our Security Operations Center (SOC) team. Your mission? Help us strengthen our detection coverage by building and tuning threat detection rules for the technologies that support Coveo’s production environment.

The SOC team plays a key role in protecting Coveo by monitoring security activity, investigating alerts, and continuously improving our ability to detect threats across our SaaS and infrastructure footprint. As an intern, you’ll contribute to initiatives that expand our detection capabilities while gaining hands-on experience with real enterprise threat detection tools in a production environment.

Your impact, day to day: 

• Participate in daily stand-up meetings to discuss progress, roadblocks, and priorities. Collaborate with team members to ensure alignment and effective communication.
• Build and tune detection rules in XSIAM for different technologies, SaaS platforms, and log sources.
• Research how services and tools could be abused by threat actors in order to identify realistic detection opportunities.
• Contribute to detection coverage for platforms such as 1Password, AWS, Cortex XDR logs, and other more.
• Analyze logs and security telemetry to better understand user activity, system behavior, and potential indicators of suspicious activity.
• Take an active role in discussions around detection quality. Share your thinking, ask questions, and receive feedback to strengthen your analytical approach and technical skills.
• Develop your skills by drawing on your coach’s expertise. Watch, learn, and apply best practices used in security monitoring, threat detection, and detection engineering.

The Essentials:

• You are currently studying Software Engineering or Computer Science in a Bachelors degree or higher in the province of Québec.
• You can be present at the office at least two days a week. Our hybrid work model offers flexibility, you can benefit from face-to-face learning from your team on office days while home days allow you to focus and complete complex work. 
• You are available to work full-time for 15 weeks and are legally entitled to do so in Canada.

Think you've got what it takes? Let's see! 

• You are curious, eager to learn, and motivated to understand how security tools and systems work.
• You are able to think analytically and consider the broader context behind security events, instead of focusing only on isolated details.
• You have an interest in threat detection, security monitoring, incident response, or detection engineering.
• You have some familiarity with security information and event management (SIEM), core concepts of security tooling.
• You have participated in some Capture The Flag competitions and/or have a few personal projects.
• You have a strong sense of ownership and are proud of what you create.

Join the Coveolife! 

Do you think you can bring this role to life? Send us your application, we want to hear from you!

We encourage all qualified candidates to apply regardless of, for example, age, gender, disability, gaps in CV, national or ethnic background.

This job description was written by humans, assisted by AI. We may leverage technology in our hiring process to help us see the person behind the resume.

Coveo is committed to providing accessible employment practices. If you require accommodation due to a disability at any point during the recruitment process, please contact HR@Coveo.com to discuss your needs.