Security Engineer Interview at Google
Hi! For anyone who has gone through the security engineer interview at Google, could you tell me what to expect? Thanks! #cybersecurity #interview #security TC: 120k YoE: 2
I had a technical screening with them recently. DM me.
can you share your experience with everyone?
DM'd you. Please share your experience
Probably 3 domain knowledge/coding rounds, one role-related knowledge, and one googleyness (culture fit) round. Coding bar is lower for seceng and shouldn't be leetcode, but be versed in data structures and have a passing knowledge of coding. Domain knowledge varies a lot based on interviewer. I always use code review questions but others use more scenario-based or open-ended questions.
Getting asked open ended and scenario based questions is for only security engineer roles (where they look at app vulnerabilities etc), or even for a software engineer role in security org, for eg, building security products for encryption, data security, authentication, dB security etc ?
You probably still get at least one security round with open ended questions for SWE security loops too
[Blind] Security Engineer Interview Resources Megathread https://us.teamblind.com/s/Fp1izvtL
Thank you!
I just did a full loop with Google security in detection and response org as well as EIP …probably did like 9 interviews at this point, I lost count because I had to reinterview after changing orgs. (Still pending offer). Expect at least three rounds to have 1 coding question mixed in with open ended questions regarding scenarios or your resume experience. Half the interview is coding. I had exactly 1 Googliness interview. Expect some rounds where they ask you security trivia questions like tell me what happens when you visit Google.com or what is the difference between encoding, encryption, and hashing. Some rounds, the interviewer will pick up a random topic from what you speak about and ask you to elaborate and how to attack the protocol. What they ask depends on the engineer’s work experience. They will grill you based on some real life scenario or project they worked on and are expecting you to come up with an answer similar to how they solved the problem for their job. I was asked about crypto miners and ransomware running on a user’s machine and how I would respond to it. I was asked about how to secure VPN and attacks against it. I was asked what are some of the things I look for when conducting a risk assessment. I was asked if I saw a well known CEO at a coffee shop how would I hack into his email. These are just some examples, not sure if you would get these topics in your loop. The questions you get asked are loosely related to domain knowledge but anything is fair game. There were no repeat questions (it seems due to detailed notes being taken by every interviewer) but I have a feeling engineers make up their own questions as they wish.
I can’t find the original thread that referenced this guide. But this repo has a ton of resources on this topic. https://github.com/gracenolan/Notes/blob/master/interview-study-notes-for-security-engineering.md
This is great resource! Thank you so mich