Applied for a Detection Engineer II role, remote. Five rounds total, not four like some posts I'd read. Here's the breakdown:
Round 1: Recruiter screen, 30 min. Standard background stuff. She asked what drew me to CrowdStrike specifically. Have an answer that goes beyond 'big name in security' because she will notice if you don't.
Round 2: Technical screen with a senior DE. We looked at sample telemetry data and I had to explain what I thought was happening. Not a coding test. More like: here's a weird process tree, tell me what you see. Comfortable territory if you've done any IR work.
Round 3-5 (virtual onsite, same day): Three 50-minute sessions. One on detection logic and writing behavioral rules. One on past project deep-dive, they went hard on my threat detection work at my previous job. One behavioral-only with the hiring manager.
The behavioral round surprised me. The hiring manager spent maybe 15 minutes on culture and then another 30 asking increasingly specific questions about a time I disagreed with a detection approach and how it resolved. They want to see you actually have opinions, not just execution.
Got the offer 9 days after the onsite. Total loop was 3.5 weeks from recruiter ping to offer call.