Just wrapped my PANW loop last month, accepted an offer last week so figured I'd share while it's fresh.
Rounds: Recruiter screen, 30 min. Standard stuff. She was actually well-informed about the role, which is not always true. Technical screen with a security engineer. 45 min. Threat modeling exercise: given a simplified cloud WAF architecture, find the attack surface. No LC-style coding, pure security reasoning. Panel day, 4 back-to-back: Systems design: design a scalable log aggregation pipeline with anomaly flagging. Pretty open-ended. Security depth: I got CVE analysis and asked to explain exploit chain and remediation trade-offs. Behavioral: your standard STAR stuff, but heavy on "tell me about a time you influenced without authority" and cross-team stuff. Hiring manager: strategic, more conversational. Where do you see threat detection going in 3 years.
Surprises: The security depth round is legit. They're not faking it. The interviewer pushed back on my remediation answer and wanted to debate patching vs. compensating controls trade-offs. Actually kind of refreshing.
Level calibration happened during the HM round. They offered one level below what I asked, we negotiated and landed mid.
Overall: a real interview, not a checkbox exercise.