Meta Security is looking for Security Engineer Interns with experience in Incident Response and Threat Intelligence research. You’ll work along-side Incident Responders, Intelligence Researchers and Offensive Security Engineers to identify and respond to internal and external attacks against Meta Systems. You will be working across engineering teams supporting the development of incident response automation, and threat tracking systems leveraging both industry-standard solutions as well as custom in-house tooling and datasets. Security Engineer Interns will also gain hands-on experience with tracking and responding to threats targeting Meta’s employees and infrastructure. This internship, starting Summer 2026, offers a wealth of challenging and technically stimulating security problems. We encourage self-starters and passionate security enthusiasts to apply and contribute to our mission. Teams You May Join: Security Operations - Threat Intelligence Security Operations - Incident Response

Detection & Response Security Engineer, Intern Responsibilities

Triage security alerts and support incident response in a cross-functional environment, driving incident resolution for internal and external threats.

Work on cross-functional projects to improve our capabilities to effectively detect and respond to security incidents.

Analyze and hunt for attacker techniques (through log analysis from various sources such as host and network logs) to identify potential threats and detection ideas.

Develop actions and workflows in our automation systems to improve the alert triage process (Python, SQL).

Perform TTP-based Threat Modeling for a wide variety of assets including endpoints, mobile, servers, internal services, public & private cloud environments and networking equipment.

Design and implement attack testing automation to validate detection coverage.

Track threat clusters posing threats to Meta’s infrastructure and employees.

Improve the tooling of threat cluster tracking and intelligence data integration to existing systems and various intelligence feeds.

Minimum Qualifications

Currently has, or is in the process, of obtaining a Bachelor's degree or equivalent experience in Computer Science or related field

Experience analyzing network and host-based security events

Knowledge of networking technologies, specifically TCP/IP and the related protocols

Knowledge of operating systems, file systems, and memory structures on Windows, MacOS and Linux

Coding/scripting experience in one or more general purpose languages

Experience with attacker tactics, techniques, and procedures

Must obtain work authorization in country of employment at the time of hire, and maintain ongoing work authorization during employment

Intent to return to full-time degree program after completion of the internship

Preferred Qualifications

Experience in Detection & Response Engineering or similar Security Engineering role

Experience designing systems used for responding to external and/or insider threats

Experience building automations and integrations using SOAR platforms

Background in security-focused software engineering, designing large scale systems and data pipelines, or offensive security

Experience in threat hunting including leveraging intelligence data to proactively identify and iteratively investigates suspicious behavior across networks and systems

Experience with anomaly detection applicable to the insider threat detection space

Familiarity with campaign tracking techniques and skills to convert the tracking results to long term countermeasures

Familiarity with threat modeling framework, such as Diamond Model and/or MITRE ATT&CK framework

Experience with intelligence-driven threat hunting to spot suspicious activities and identify potential risks, and experience with building notebooks to automate such hunts

Broad knowledge across the Security domain, as well as deep focus in one (or more) areas such as Logs and events processing, Incident Management, Digital Forensics, Offensive Security Testing, Detection and/or Response tooling development

About Meta

Meta builds technologies that help people connect, find communities, and grow businesses. When Facebook launched in 2004, it changed the way people connect. Apps like Messenger, Instagram and WhatsApp further empowered billions around the world. Now, Meta is moving beyond 2D screens toward immersive experiences like augmented and virtual reality to help build the next evolution in social technology. People who choose to build their careers by building with us at Meta help shape a future that will take us beyond what digital connection makes possible today—beyond the constraints of screens, the limits of distance, and even the rules of physics.

Equal Employment Opportunity

Meta is proud to be an Equal Employment Opportunity employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, reproductive health decisions, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, genetic information, political views or activity, or other applicable legally protected characteristics. You may view our Equal Employment Opportunity notice here.

Meta is committed to providing reasonable accommodations for qualified individuals with disabilities and disabled veterans in our job application procedures. If you need assistance or an accommodation due to a disability, fill out the Accommodations request form.

Detection & Response Security Engineer – Intern

Security Operations, Incident Response

Meta