How often are new jobs added?

New internships are added continuously throughout the day. We monitor company career pages and hiring tools in real time, so most roles appear on InternshipsHQ shortly after they’re posted.

Why can I only view a limited number per day on the free plan?

The free plan is designed to let you explore the platform and see how fresh the listings are. Limits help us prioritize serious applicants and keep the signal high. Pro removes these limits and gives you full access.

What sources do you pull internships from?

We source internships directly from company career pages, startup hiring platforms, and applicant tracking systems like Greenhouse, Lever, Ashby, Workable, and others. This helps us surface roles earlier and avoid repost-heavy job boards.

Are these internships legitimate?

Yes. We actively filter out expired, duplicate, misleading, and low-quality listings. Each role is checked for legitimacy and posting freshness so you’re not wasting time on dead or fake opportunities.

Can I filter by location, experience level, remote, or salary?

Yes. You can filter internships by role, location, experience level, remote or hybrid status, and pay when available. Pro users get access to more advanced and saved filters.

Why are early alerts so important?

For internships, timing matters more than volume. Most callbacks happen when roles are still new and applicant pools are small. Early alerts help you apply before listings get flooded.

Do you show salary or pay information?

When companies include pay information, we display it clearly. Not all internships list salary upfront, but we prioritize transparency whenever the data is available.

Is InternshipsHQ suitable for senior or experienced roles?

InternshipsHQ is primarily built for internships, entry-level, and early-career roles. If you’re looking for senior or leadership positions, you may find limited results here.

INTERNSHIP DETAILS

Security Research Intern

CompanyMicrosoft

LocationIsrael

Work ModeOn Site

PostedMay 6, 2026

Internship Information

Core Responsibilities

Investigate advanced attacker tactics and techniques to develop high-fidelity protection logic across complex kill-chains. Collaborate with engineering teams to translate research insights into automated, production-ready code that disrupts threats in real-time.

Internship Type

full time

Company Size

230427

Visa Sponsorship

Language

English

Working Hours

40 hours

Apply Now →

You'll be redirected to
the company's application page

About The Company

Every company has a mission. What's ours? To empower every person and every organization to achieve more. We believe technology can and should be a force for good and that meaningful innovation contributes to a brighter world in the future and today. Our culture doesn’t just encourage curiosity; it embraces it. Each day we make progress together by showing up as our authentic selves. We show up with a learn-it-all mentality. We show up cheering on others, knowing their success doesn't diminish our own. We show up every day open to learning our own biases, changing our behavior, and inviting in differences. Because impact matters. Microsoft operates in 190 countries and is made up of approximately 228,000 passionate employees worldwide.

About the Role

Overview

Come build community, explore your passions and do your best work at Microsoft with thousands of University interns from every corner of the world. This opportunity will allow you to bring your aspirations, talent, potential—and excitement for the journey ahead.  

As a Security Research Intern in the Autonomous Attack Disruption team, you will join the frontlines of Microsoft Defender’s mission to stop attacks in near real-time. Under the mentorship of experienced researchers, you will analyze real-world attacker TTPs (Tactics, Techniques, andProcedures), reasoning over large-scale datasets to write logic that autonomously identifies and disrupts attackers before they can achieve their objectives. You will investigate nation state attacks, from triage through full investigation to identify gaps in our detection and autonomous protection, extracting relevant TTPs and identifying new techniques used by nation state.

This role requires threat research expertise, attack investigation and analysis capabilities, with specific focus on sophisticated threats. This is your chance to identify the next nation state attack, and see your research findings transformed into live defense logic that protects millions of users. For doing that – you'll use all of reach data and platforms – frontier AI tools and flows to also build methodologies and tools to improve and automate invesitigation research.

At Microsoft, interns are embedded directly into research cycles, working on high-stakes projects that solve real-world security challenges. You will collaborate with global teams to translate complex research into automated protection logic that stops attackers in near real-time. You’ll be empowered to build community, explore your passions, and achieve your goals. This is yourchance to bring your solutions and ideas to life while working on cutting-edge technology.

Responsibilities

Investigate real-world nation state attacks to support the development of high-fidelity protection logic across complex cross-domain kill-chains.

Apply security expertise to analyze massive telemetry sets using big-data query languages (KQL), reasoning over data to identify novel malicious patterns and engineer evidence-based detection rules.

Contribute to the implementation and coding of automated capabilities that autonomously investigate nation state threats, using AI assisted tooling and agentic flows.

Assist in the refinement of protection coverage by analyzing real-world attack telemetry to improve the accuracy and performance of existing detection logics.

Contribute to a strategic feedback loop by documenting findings from attack data analysis to improve overall protection logic and system-wide security posture.

Partner with engineering and product teams to translate research insights into production-ready code, helping to validate protection concepts and ship them at a global scale.

Qualifications

Required Qualifications

Must have at least 3 additional semesters before graduation – graduation date Summer 27 or later.

Proven hands-on experience in security research, threat hunting, or detection engineering roles (e.g., from specialized military service, previous internships, or a significant portfolio of independent research/investigation).
A proven "Hunter" mindset with a track record of identifying novel malicious patterns.

Basic proficiency in Python, C# or similar languages, with a focus on writing clean, functional, and scalable code.
Basic knowledge in query languages such as KQL, SQL or similar, as well as data analysis tools such as dashboards, pandas and similar.

Preferred Qualifications

Currently pursuing a Bachelor's or Masters Degree in Statistics, Mathematics, Computer Science or related field.

Deep understanding of the modern threat landscape, including hands-on familiarity with lateral movement techniques, credential theft, or cloud-native attack vectors.

Previous experience reasoning over large-scale datasets using big-data query languages (KQL/Kusto, SQL, or similar) to identify novel malicious patterns and drive evidence-based research decisions.

This position will be open for a minimum of 5 days, with applications accepted on an ongoing basis until the position is filled.

Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance with religious accommodations and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations.

Key Skills

Security ResearchThreat HuntingDetection EngineeringPythonC#KQLBig Data AnalysisTelemetry AnalysisMalware AnalysisCloud-native Attack VectorsLateral Movement TechniquesCredential TheftAutomated Protection LogicKill-chain Analysis