I appeared for interview at Facebook, London for the post of Security Analyst once your resume is selected by the talent sourcer you will be getting an email that asks you to finalize your time and day for the interview.
It is usually a pretty basic round in which you need to provide some background about yourself for me the questions were like :
- How you got started in Security?
- What you do in Security?
- What are your interest areas?
Towards the end of the interview the person who was conducting my interview went slightly technical and asked me few basic questions like :
- What is XSS?
- What is SQL injection?
- Define both in one line with no technical terms.
This is where you get to know about the teams which are working at the office and roles they are playing along with a pretty in-depth technical interview like :
How would you test for SQL injections?
How would you test for XSS?
How would you patch them both?
What would you do if you get an email saying there’s a bug in the application?
At round 3 you get to go to the office in London for last 4 rounds of the interview and perform some coding questions / basic hands on test or look for bugs and patch them in some applications (tasks usually varies depending on the role and requirements).
- Know when to stop and be very careful with your methodology.
- Be yourself.
- Don’t get overwhelmed and feel pressured.
- Review basics from OWASP wiki before appearing for the interview.