They reached out to me as a Staff Engineer and put me in an interview with someone that asked me the most basic questions. It was like, what types of XSS is there? Why can't I use javascript to perform xss on another site? Very junior questions.
Then they asked me one of those leet code questsions because they said I would need to know how to code in order to patch vulnerabilities.
Anyway, I messaged them back before I got a yes or no and told them I wasn't interested.
My guess is I probably wouldn't have moved forward because of the coding question even though I've architected entire systems and solely maintained them in production for years.
When they asked me the Big O question I kind of shut down because it just told me that they dont have the capability to ask practical questions that relate to the role and just lazily throw in a question someone read in CTO magazine.
The security questions show me that this was either an entry level role or the interviewer thought that low hanging fruit is the biggest threat to web applications.
A more practical example would be showing me a crypto implementation, asking me what the threats are, is it implemented correctly, how would I fix it, and then have me actually fix it with an API provided. Instead I was being asked about why logins shouldn't be in a GET request.
The current process will produce candidates that have had a lot of schooling and little practical experience in truly securing organizations.
So, overall the experience was pretty negative. The interviewer also didn't have a personality. I felt like I was talking to a robot. I suppose its better to stick with Security companies when you are in the security industry I'm learning.