February 4, 2026
Microsoft Logo

Firmware Security Research Intern - Microsoft- 2026

Microsoft,

Remote
$6k/mo - $11k/mo

Duration

  • 12-week internship.

The Position

During this Research Internship, you’ll focus on applied research and prototyping: how to use large language models (LLMs) to improve firmware code reviews and static analysis workflows. You’ll explore techniques that combine traditional static analysis outputs with LLM reasoning, including approaches that correlate findings across multiple tools, deduplicate results, and help engineers prioritize issues with better explanations and context. 

Responsibilities

  • Research and prototype ways to apply LLMs to firmware-focused code review, including summarization of findings, reasoning over call stacks, and generating actionable reviewer guidance.
  • Integrate and evaluate LLM-driven approaches alongside existing static analysis tools used in firmware pipelines, with attention to false positives, deduplication, and explainability.
  • Experiment with “agentic” or multi-step workflows that combine tool outputs (e.g., static analysis) with LLM reasoning to verify or refute findings and improve signal quality.
  • Collaborate with firmware, security, and systems engineers to define success metrics and validate prototypes on representative firmware codebases and workflows.
  • Document results and present recommendations that help scale secure firmware development and review practices.

Requirements

  • Currently pursuing a master’s or PhD in Computer Science, Computer Engineering, Electrical Engineering, or a related field.
  • At least one semester/quarter remaining after the completion of the internship.
  • Experience with programming in at least one of the following: Python, C/C++, Rust, or similar, and comfort reading systems-level code (firmware/OS/hardware-adjacent code).

Nice To Haves

  • Familiarity with static analysis concepts and outputs (findings, taint/dataflow, call graphs, rule-based detections) and an interest in improving developer experience and review quality.
  • Exposure to firmware or embedded systems development, secure boot/update pipelines, or security review methods used for privileged code.
  • Interest in applying LLMs to security engineering problems, including vulnerability discovery and remediation workflows. 

 

Similar Jobs

Explore More jobs