MSTIC Cyber Security Apprenticeship

Microsoft Threat Intelligence Center provides unique insight on threat to protect Microsoft and our customers. We have unique optics into end-to-end cyber-attacks: we connect the dots and show the art of the possible. Our analysis is underpinned by a range of talented people and disciplines. That is what is needed to take advantage of the breadth of threat intelligence-related signals that we have to deliver protection at global scale. 

You will have the opportunity to track sophisticated actors who conduct cyber-attacks against Microsoft and our customers. You will

• Apply technical knowledge of their capabilities, infrastructure, and techniques to enhance detections and provide actionable intelligence to partner teams.
• Partner closely with internal security teams as well as our product security research and engineering team to ensure intelligence is used to best effect to protect Microsoft and customers. 

You will identify new data sources for threat hunting to fill gaps and increase visibility. Security is truly a team sport and you will understand the value of partnerships and information sharing to further investigations and threat hunting. 

This role is an opportunity to combine earning a Cyber Security Level 6 degree with hands-on cyber threat intelligence experience as part of a team with worldwide recognition. Intelligence assessment, malware analysis, security research, program management, software engineering, large scale data analysis, machine learning & AI, … provide an immense variety of challenges and opportunities as part of our work. 

Responsibilities

• Provide threat intelligence to protect Microsoft and our customers. 
• Develop novel ways to derive intelligence value. 
• Accelerate analyst insights through cutting-edge malware and other analysis tooling run at cloud scale. 
• Build systems and pipelines to ensure that our intelligence leads to global real-world protection impact.  

Being a Microsoft Apprentice
As a Microsoft Apprentice, you will have the opportunity to start your career early, earn while you learn, and gain valuable experience. We believe in providing real responsibility from the outset, with an employment contract for the full duration of your apprenticeship. You will be an integral part of the team, contributing to meaningful projects and initiatives to drive impact.

What to Expect:
Support and Guidance: You will be fully supported by an apprentice buddy, your manager, and fellow team members. Our managers are trained and ready to support you throughout your apprenticeship programme.

Learning and Development: You will spend time away from your job training and growing your knowledge, which you will then apply to your day-to-day role. You will complete work-based assignments and participate in modules aligned with your job responsibilities.

Community and Inclusion: You will be part of a vibrant and inclusive apprentice community. You will have opportunities to give back through our community programmes through our Employee Resource Groups

Career Growth: At Microsoft, we are committed to your growth and development. You will have access to industry-leading innovation and resources to help you succeed in your role and beyond.

Qualifications

Required Qualifications

To be eligible for this apprenticeship you must not have a degree. However, you should have:

• Level 3 qualifications by 31st August 2025 (3 A-levels grade A*-C, BTEC Nationals, T Levels or equivalent).
• Obtained 5 GSCEs including Maths and English grades A*-C or 9-4 on the new grading system.
• You need to be legally authorised (have citizenship or a valid visa/work permit) to work in the UK to be eligible for this role. 
• Curiosity and passion for problem solving; ability to learn new skills quickly and apply them to threat tracking problems in MSTIC.

Start Date: September 2025

Preferred Qualifications

• Knowledge of security/threat landscape. 
• Threat intelligence investigation techniques 
• Network and host defence.
• Understanding of cyber espionage motivations, tools and infrastructure. 
• Attribution of activity to specific threat groups 
• Assessing connections between established threat groups and communicating attribution assessments to internal stakeholders and customers in a timely manner.  
• Finding new threat actor intrusions previously undetected by defence teams and tools 
• Deep understanding of endpoint, cloud, network, and identity-based attacks and datasets. 
• Reverse engineering 
• Azure DevOps or similar cloud-based development experience. 
• Development skills with C, C++, C# and scripting languages (Python/PowerShell/JS). 
• Cloud (services, serverless, SQL/NOSQL)  
• Backend development  
• Architecture and Design for scalable, distributed systems  
• Big data, data pipelines  
• Excellent interpersonal skills, with the ability to articulate the business need for security and technical improvements. 

Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request via the Accommodation request form.

Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.