Hi, I've done my research on Amazon interviews and I know how appsec interviews play out. How different will pentesting interview be? Where will these differences show up? It's two parts: - tech phone screening - onsite Thanks! Tc: 100k - offsec consultant 4 yoe
It is similar to appsec interviews. It may contain code review as well. Be prepared to internals of nmap. Go through this: https://nmap.org/book/man.html. Also be prepared to pentest lifecycle, TTPs etc. Job description is very important. Cover all the stuff in the JD. Be prepared to general domain knowledge in security (https://github.com/gracenolan/Notes/blob/master/interview-study-notes-for-security-engineering.md). It will be pretty much similar from my experience but it varies depending on the interviewer. They may ask anything. Prepare 2-3 examples for each LP.
Thanks IBM! To clarify, do they ever ask LP questions during the technical rounds? My recruiter said they can, but its likely not in-depth as it's team dependent.
Yes they can ask and it is up to the interviewer. If they want they can ask a leetcode question or sometimes they may ask a kind of modified versions of them. If you solve easy/medium array manipulation questions that would be fine as long as it is not a security swe. If it is they may ask other DS questions as well as they ask for regular SWE.
Thank you Microsoft :)