REQUIRED QUALIFICATIONS

To be eligible for this apprenticeship you must not have a degree. However, you should have:

• Level 3 qualifications by 31st August 2025 (3 A-levels grade A*-C, BTEC Nationals, T Levels or equivalent).
• Obtained 5 GSCEs including Maths and English grades A*-C or 9-4 on the new grading system.
• You need to be legally authorised (have citizenship or a valid visa/work permit) to work in the UK to be eligible for this role.
• Curiosity and passion for problem solving; ability to learn new skills quickly and apply them to threat tracking problems in MSTIC.

Start Date: September 2025

PREFERRED QUALIFICATIONS

• Knowledge of security/threat landscape.
• Threat intelligence investigation techniques
• Network and host defence.
• Understanding of cyber espionage motivations, tools and infrastructure.
• Attribution of activity to specific threat groups
• Assessing connections between established threat groups and communicating attribution assessments to internal stakeholders and customers in a timely manner.
• Finding new threat actor intrusions previously undetected by defence teams and tools
• Deep understanding of endpoint, cloud, network, and identity-based attacks and datasets.
• Reverse engineering
• Azure DevOps or similar cloud-based development experience.
• Development skills with C, C++, C# and scripting languages (Python/PowerShell/JS).
• Cloud (services, serverless, SQL/NOSQL)
• Backend development
• Architecture and Design for scalable, distributed systems
• Big data, data pipelines
• Excellent interpersonal skills, with the ability to articulate the business need for security and technical improvements.

• Provide threat intelligence to protect Microsoft and our customers.
• Develop novel ways to derive intelligence value.
• Accelerate analyst insights through cutting-edge malware and other analysis tooling run at cloud scale.
• Build systems and pipelines to ensure that our intelligence leads to global real-world protection impact.