first you have to take a codiltiy test that contains three questions. you can find all of the questions and answers online (this is not related to the actual job at all). the second interview was in zoom, I was asked to prepare myself beforehand to present two known CVE's. actually in the interview all I was asked about is the HTTP different headers and parameters. the interviewer explained that I wont be presenting the CVE's, and this was just their weird way of throwing me off so I won't be prepared for the questions about HTTP (they could just tell me not to prepare anything).