Research Intern - Firmware Security

Research Internships at Microsoft provide a dynamic environment for research careers with a network of world-class research labs led by globally-recognized scientists and engineers, who pursue innovation in a range of scientific and technical disciplines to help solve complex challenges in diverse fields, including computing, healthcare, economics, and the environment.

Come build community, explore your passions, and do your best work at Microsoft with thousands of Research Interns from every corner of the world.

The Systems Planning and Architecture (SPARC) organization within Azure Hardware Systems & Infrastructure (AHSI) manages Azure’s hardware roadmap from architecture concept through production, helping power Microsoft’s “Intelligent Cloud” mission.

During this Research Internship, you’ll focus on applied research and prototyping: how to use large language models (LLMs) to improve firmware code reviews and static analysis workflows. You’ll explore techniques that combine traditional static analysis outputs with LLM reasoning, including approaches that correlate findings across multiple tools, deduplicate results, and help engineers prioritize issues with better explanations and context. 

Research Interns put inquiry and theory into practice. Alongside fellow doctoral candidates and some of the world’s best researchers, Research Interns learn, collaborate, and network for life. Research Interns not only advance their own careers, but they also contribute to exciting research and development strides. During the 12-week internship, Research Interns are paired with mentors and expected to collaborate with other Research Interns and researchers, present findings, and contribute to the vibrant life of the community. Research internships are available in all areas of research, and are offered year-round, though they typically begin in the summer.

Additional Responsibilities

• Research and prototype ways to apply LLMs to firmware-focused code review, including summarization of findings, reasoning over call stacks, and generating actionable reviewer guidance.
• Integrate and evaluate LLM-driven approaches alongside existing static analysis tools used in firmware pipelines, with attention to false positives, deduplication, and explainability.
• Experiment with “agentic” or multi-step workflows that combine tool outputs (e.g., static analysis) with LLM reasoning to verify or refute findings and improve signal quality.
• Collaborate with firmware, security, and systems engineers to define success metrics and validate prototypes on representative firmware codebases and workflows.
• Document results and present recommendations that help scale secure firmware development and review practices.

Required Qualifications

• Currently pursuing a master’s or PhD in Computer Science, Computer Engineering, Electrical Engineering, or a related field.
• At least one semester/quarter remaining after the completion of the internship.
• Experience with programming in at least one of the following: Python, C/C++, Rust, or similar, and comfort reading systems-level code (firmware/OS/hardware-adjacent code).

Other Requirements

• Research Interns are expected to be physically located in their manager’s Microsoft worksite location for the duration of their internship.
• In addition to the qualifications below, you’ll need to submit a minimum of two reference letters for this position as well as a cover letter and any relevant work or research samples. After you submit your application, a request for letters may be sent to your list of references on your behalf. Note that reference letters cannot be requested until after you have submitted your application, and furthermore, that they might not be automatically requested for all candidates. You may wish to alert your letter writers in advance, so they will be ready to submit your letter. 

Preferred Qualifications

• Familiarity with static analysis concepts and outputs (findings, taint/dataflow, call graphs, rule-based detections) and an interest in improving developer experience and review quality.
• Exposure to firmware or embedded systems development, secure boot/update pipelines, or security review methods used for privileged code.
• Interest in applying LLMs to security engineering problems, including vulnerability discovery and remediation workflows. 

Applied Sciences IC2 - The base pay range for this internship is USD $5,610 - $11,010 per month.

There is a different range applicable to specific work locations, within the San Francisco Bay area and New York City metropolitan area, and the base pay range for this role in those locations is USD $7,270 - $12,030 per month.

Applied Sciences IC3 - The base pay range for this internship is USD $6,710 - $13,270 per month.

Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here: https://careers.microsoft.com/us/en/us-intern-pay

Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.

This position will be open for a minimum of 5 days, with applications accepted on an ongoing basis until the position is filled.

Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance with religious accommodations and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations.