Just finished the PANW onsite for a senior security engineer role (AppSec-adjacent). This was a virtual onsite across four 55-minute sessions on a Thursday. Writing it up in detail because I found fragmented info when prepping and wanted to give someone the full picture.
Round 1: Coding Graph problem, medium difficulty. Cycle detection variant. I coded in Python. Interviewer was an SWE from the Cortex team, didn't have deep security background himself, was focused purely on code quality and communication.
Round 2: System Design Design a distributed rate-limiting service for an API gateway that might be protecting against DDoS-style abuse. Security context baked in. Talked through token bucket vs. leaky bucket, how to keep rate limit state consistent across nodes, Redis as a fast in-memory layer with Postgres fallback for auditing. They pushed on: what if Redis goes down? What if your network partition splits the rate-limit state?
Round 3: Behavioral / Values One interviewer, felt more like a conversation than an interrogation. Questions: tell me about a conflict with a teammate, tell me about a security incident you were involved in and what you learned, and one 'where do you want to be in three years.' Roughly 30 min behavioral, 20 min for my questions to them.
Round 4: Hiring Manager Was the actual hiring manager for the team. This round felt the most like a mutual evaluation. She asked about my preferred working style, how I handle unclear requirements, and we spent probably 15 min talking about the team's current roadmap. Read the PANW blog and their recent product announcements before this round. She noticed I'd done homework.
Logistics: All Zoom. No whiteboard, CoderPad for coding, Excalidraw link shared for system design. Debrief took 6 business days. Offer came on day 7.
Happy to answer questions.