3 Interviews and 1 Assessment. My recruiter was very nice and good to work with. First interview - super basic questions with a recruiter about web application security (XSS, hashing vs encryption, SQLi, OWASP Top 10). Just make sure you explain well, it's mainly "explain xyz" questions. They will send you an assessment after this. Assessment - multiple choice basic questions about web application security (OWASP Top 10, SQLi, IDOR, XSS, reading PHP code). Some of these questions were tricky, but if you know what you're doing, then you should be fine. Second Interview - interview with 2 team leads and it was ALL technical questions related to the basics of cybersecurity (CIA Triad, authentication, i dont remember the rest) and some application security questions like OWASP top 10, SQLi, XSS, encryption, hashing. Some of these were repeat questions from the first interview. They will probe deeper questions based on your response for clarification. They gave me example PHP code and I listed the vulnerabilities in that code (it's a super basic 10 line ish program, nothing complex) Third Interview - interview with 2 new team leads, they give you scenario questions which you can't really study for, at least for me, it was all on the spot. Additionally, these questions are more open ended and basically they want your thought process. They also probe deeper questions from the answers you give for more clarification. It was mostly technical questions with 1 behavioral question. Doing TryHackMe and HackTheBox will help at this stage since they want your thought process.