Tech Industry
Yesterday
511
Is The Great Salary Reset of 2024 Upon Us?
Tech Industry
Yesterday
1029
Update: Trans Coworker Stealing Breast Milk
Tech Industry
Yesterday
3202
The job market is absolutely brutal right now
Tech Industry
Yesterday
2639
Crossed a line with my boss
Tech Industry
Yesterday
702
Modi is the worst dictator!
I have a phone screen coming up for the InfoSec Eng position at Google. I have beem working on and off in InfoSec for 7 years and hold a masters degree. Anyone here who wants to share general advise without going into specifics?
leetcode and memorize the man page of everything in /usr/bin
Depends on what aspects of infosec you have experience with. Interview for me was partly coding/part about your security skills. Also get back with your experience please.
Mainly product security focussed on web apps and services. Threat model, sdr, manual code reviews (managed code), pentests. I did work on malware based IR and infra sec but in a limited way
Probably old but for the love of Blind. HMACs vs. MACs. Why it's used in the first place. WiFi vs. Wired. How a device connects to a network. Recursive vs. Authoritative DNS and workings. Read a bit about Kaminsky DNS bug and get an understanding of the threats to DNS. 802.1X and how it helps. Identity aware proxy or zero trust network. Kerberos and its working. Where's the trust of web residing (CSP, probably as per a Google post). Read the issues in CSP. Capabilities (Linux thing). Probably skip. Server side attacks. Example: SSRF and protections. Masters degree doesn't do a lot. Probably projects will matter.
They're probably going to ask you to code in Google docs or something *sigh* Interview with Salesforce instead
Hi, can you please post your interview experience here?
Browser security model is an important area for Google. Go through that.
I second that