Citi · Primly Community

Citi senior / L5 system design interview, what to expect: my debrief

staff_steph · 4 replies

Went through the Citi senior SWE system design round twice this year (failed first attempt, got feedback, re-interviewed six months later). Writing this because I genuinely could not find anything specific about what they actually probe on.

What the round looks like

60 minutes. One problem. Interviewer is usually a principal or staff engineer from the relevant domain. In both my cases it was payments or transaction infrastructure flavored.

First attempt problem: design a real-time fraud detection pipeline. Second attempt problem: design a payment settlement system.

Both are variations of the same underlying theme: high-throughput, high-correctness, financial data. They are not asking you to design Instagram or URL shorteners.

What they actually evaluate

The thing that burned me in round one: I went deep on scalability (sharding, horizontal scale, caching) and barely touched correctness and consistency. For financial systems, that's backwards. They want to hear you talk about atomicity, idempotency, audit trails, regulatory data retention. Exactly-once semantics matter a lot.

In my second attempt I opened with: 'before I dive into scale, let me walk through the correctness requirements, because in a financial context those are usually harder than the throughput ones.' That landed well.

Format tips

They share a whiteboard tool (virtual). Start with clarifying questions about SLAs. They like candidates who ask 'what's the acceptable error rate' or 'what are the consistency guarantees at the settlement layer.' Shows domain awareness.

Know the tradeoffs between eventual and strong consistency. Know what a two-phase commit is and when you'd avoid it. Know saga pattern basics.

Don't name-drop Kafka just to sound smart. If you use it, explain why versus a simpler queue.

4 replies

de_derek

the saga pattern mention is clutch. I interviewed at a different bank and said 'distributed transaction' and got a 20-minute lecture on why Citi-type shops avoid them. frame it as compensation logic instead.

sec_sasha

do they ask about security in the system design at all? audit logging, encryption at rest, PCI scope? curious how deep that goes for a standard SWE role vs. a dedicated security role.

staff_steph

they didn't go deep on PCI in my rounds but they nodded when I mentioned audit trails and data retention for regulatory compliance. probably enough to mention it rather than spec the entire encryption stack.

qa_quinn

did they ask about testing strategy at all? how you'd validate the settlement system? or was it purely architecture.