Research Intern - Firmware Security

Microsoft•Redmond, WA

2d•Onsite

About The Position

Research Internships at Microsoft provide a dynamic environment for research careers with a network of world-class research labs led by globally-recognized scientists and engineers, who pursue innovation in a range of scientific and technical disciplines to help solve complex challenges in diverse fields, including computing, healthcare, economics, and the environment. Come build community, explore your passions, and do your best work at Microsoft with thousands of Research Interns from every corner of the world. The Systems Planning and Architecture (SPARC) organization within Azure Hardware Systems & Infrastructure (AHSI) manages Azure’s hardware roadmap from architecture concept through production, helping power Microsoft’s “Intelligent Cloud” mission. During this Research Internship, you’ll focus on applied research and prototyping: how to use large language models (LLMs) to improve firmware code reviews and static analysis workflows. You’ll explore techniques that combine traditional static analysis outputs with LLM reasoning, including approaches that correlate findings across multiple tools, deduplicate results, and help engineers prioritize issues with better explanations and context.

Requirements

Currently pursuing a master’s or PhD in Computer Science, Computer Engineering, Electrical Engineering, or a related field.
At least one semester/quarter remaining after the completion of the internship.
Experience with programming in at least one of the following: Python, C/C++, Rust, or similar, and comfort reading systems-level code (firmware/OS/hardware-adjacent code).
Research Interns are expected to be physically located in their manager’s Microsoft worksite location for the duration of their internship.
In addition to the qualifications below, you’ll need to submit a minimum of two reference letters for this position as well as a cover letter and any relevant work or research samples. After you submit your application, a request for letters may be sent to your list of references on your behalf. Note that reference letters cannot be requested until after you have submitted your application, and furthermore, that they might not be automatically requested for all candidates. You may wish to alert your letter writers in advance, so they will be ready to submit your letter.

Nice To Haves

Familiarity with static analysis concepts and outputs (findings, taint/dataflow, call graphs, rule-based detections) and an interest in improving developer experience and review quality.
Exposure to firmware or embedded systems development, secure boot/update pipelines, or security review methods used for privileged code.
Interest in applying LLMs to security engineering problems, including vulnerability discovery and remediation workflows.

Responsibilities

Research and prototype ways to apply LLMs to firmware-focused code review, including summarization of findings, reasoning over call stacks, and generating actionable reviewer guidance.
Integrate and evaluate LLM-driven approaches alongside existing static analysis tools used in firmware pipelines, with attention to false positives, deduplication, and explainability.
Experiment with “agentic” or multi-step workflows that combine tool outputs (e.g., static analysis) with LLM reasoning to verify or refute findings and improve signal quality.
Collaborate with firmware, security, and systems engineers to define success metrics and validate prototypes on representative firmware codebases and workflows.
Document results and present recommendations that help scale secure firmware development and review practices.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume