I went through three interviews: initial HR screening, a short chat on the phone with one of the security engineers, and a conference call with the same engineer plus another one. All the interviews were pleasant. The two security engineers were very friendly and I can immediately tell that I would enjoy working with one or both of them. The technical questions were easy. I was asked to explain object-oriented programming and there was also a question on design patterns. Another one was more about discerning the candidate's creativity — what would you do to break into a person's laptop if that person left his/her laptop unattended in a room for a period of time. I was a bit surprised, though, of the lack of an on-site technical interview consisting of algorithmic and design challenges that a lot of bay area companies do. Despite the Java coding requirement for the position, they explained that the position doesn't really require much coding. It is an entry-level position that primarily deals with research of the many web application frameworks (mainly Java) and their vulnerabilities. I was offered the position a few days after the conference call. Unfortunately, the compensation package was very disappointing. I tried to negotiate for a higher base salary but was only able to get about a couple of grand extra. I eventually declined since my other offers were at least 50% more! This is too bad since their office is within biking distance of where I live now and I probably would have enjoyed working with them.