Atlassian Interview Experience for Product Security Engineer (On-Campus)

Year- 2023, Role-Product security engg

So when i got shortlisted for interview, i didn’t get many experiences that could help me prepare and know what i may face.

Preparation:

I’d say this video was my lifesaver – https://youtu.be/GM9yGj5tdHc?feature=shared
Most of the question were in line with this video
Interview bit helped me alot, study topics from networks, cybersecurity etc
– How does vpn work

– How dns works

– Questions on symmetric and asymmetric encryption

– A situational question where you’re asked how you would defend a website – they want to know how you would approach this. Thinking like a hacker kinda helps here, you try to find vulnerabilities

– Some vulnerability types like XSS and SQL injection (v v imp)

– Difference between encryption and hashing

– How TLS handshake works

you can refer to this link – https://shareg.pt/HPZBEQ5

Interview Experience

I had 2 rounds :

• First was Technical and theory based {went on for ~1hr)
• Second round was HR ( went on for ~35mins)

So first i was asked for introduction, i made sure I mentioned that i already did a course on Info security(if u havent done it , its not a big deal), but make sure u mention it if u have done something along the lines of what the interviewer expects.

I was asked to share my screen and open a hackerrank link so that i could start coding

The Ques was that we are given an IP address and also given an array of blocked IP addresses, blocked prefixes, and blocked ports
we needed to return if the provided IP address works or not

So i stared coding in c++(it would have been simpler to code with python but im not that comfortable and confident), i told him a logic and was constantly making sure that we are on the same page, i debugged my code and tried to confirm if he is okay with the solution

After that we moved on to the security round, i was asked a lot of Ques from the set mentioned above, same i made sure he understood what i was saying (i was extremely nervous and was not understandable at some time :P)

Also i have done two projects one was on MERN stack and other was MySql, so i made sure i included and interconnected the question with my project in my MERN project I used Authentication and Authorization using JWT token, bycrypt lib(for hashing pass) and hence explained how i used it in my mysql project I interconnected it w SQL injections etc.

I got a call for round 2 and HR was pretty chill, he asked questions about, how will u work in a team, gave mayn situation,

My extracurricular side is quite active, so i gave examples from both my technical and non technical experience.

TIPS:

1. make sure u communicate
2. Ask questions, ask for feedback
3. u must have read about thinking aloud, do it as much as u can, there is nothing as such speaking more
4. for the coding ques, ask for testcases, contraints, verify logic, be interactive
5. Please be confident.

Thats all, i have been selected as a product security engg.

BEST WISHES, hope this was helpful