I applied through other source. I interviewed at Amazon in Apr 2017
Interview
I had a phone screen first which was an hour long asking about various security questions in depth. Most of them were the standard "what happens when you put google in a browser" variety. I found out a couple days later I was to have an onsite.
One should be excited about working at Amazon or pretend to be excited during the onsite. Given the bad press and multitude of information online I was skeptical about working there and they did not win me over. I felt office politics in the air.
Went to onsite which involved 4 hours of interviews with a lunch hour, being trapped in the same tiny pressure cooker office with white board. The people I interviewed with were great but I had a hard time keeping my face straight with the amazonian questions. Last interview was with the hiring manager but by that point I really didn't care. It was a nice visit to Seattle but the gloomy rainy weather would get to me. I feel like I avoided a bullet.
Interview questions [1]
Question 1
Take us through a process in which you found a security vulnerability in a product and "owned" the remediation of the vulnerability end to end. (asked 5+ times)
First meeting with recruiter collected all information. then meeting scheduled with Hiring Manager: Asked questions from the job description but it was vague in which domain they were looking for.
Interview questions [1]
Question 1
Experience in Threat Detection and Application Security
It's been described that I will have secure code review task and threat modelling related tasks on the technical interview, followed by Amazon's leadership principles and the star method regarding past experiences.
Online Assessment — likely a technical assessment testing security/coding fundamentals
Phone Screening — an initial conversation, probably with a recruiter or hiring manager
Loop — the full set of one-on-one interviews combining behavioral (Leadership Principles/STAR method) and technical questions
