
Cyber Security Job Interview Warm‑Up: 30 Real Coding & System‑Design Questions
The need for skilled cyber security professionals has never been greater. As organisations rapidly digitise their operations and store increasing amounts of sensitive data online, cyber threats loom large—ranging from sophisticated ransomware attacks to insider threats and state‑sponsored espionage. Against this backdrop, cyber security jobs remain some of the most in‑demand and mission‑critical roles on the market.
If you’re preparing for a cyber security interview, expect to be tested on a broad spectrum of topics—from secure coding and incident response to network security architecture and compliance standards. In many cases, companies also include problem‑solving exercises and system design scenarios to gauge how well you can apply theoretical knowledge to real‑world threats.
To help you ace these assessments, we’ve compiled 30 real coding & system‑design questions you might encounter. Each reflects a key area of cyber security—whether it’s encryption and key management, threat modelling, or designing a zero‑trust network. Along the way, we’ll offer insights and best practices so you can stand out from the crowd.
If you’re on the lookout for exciting cyber security roles in the UK, head to www.cybersecurityjobs.tech. There, you’ll discover a range of positions—covering everything from penetration testing and threat intelligence to compliance management and security operations. Let’s dive into the essentials of interview readiness.
1. Why Cyber Security Interview Preparation Matters
Cyber security involves more than just responding to attacks: it’s about building robust, defence‑in‑depth strategies that safeguard data, maintain service availability, and ensure compliance. Here’s why thorough interview prep is crucial in this domain:
Demonstrate Your Technical Depth
Cyber security demands knowledge of cryptographic protocols, network architectures, operating systems, and more.
Interviewers want to see that you can integrate these concepts to prevent and mitigate security breaches.
Showcase Your Problem-Solving Approach
Many security incidents require rapid, methodical responses.
By tackling coding challenges and scenario‑based questions with confidence, you’ll illustrate your ability to handle high‑stakes problem‑solving under pressure.
Highlight Your Adaptability
Cyber threats evolve constantly, so you must keep pace with new attack vectors and emerging vulnerabilities.
Employers will look for proof that you can learn swiftly and pivot to new security tools or processes as needed.
Emphasise Secure Coding & Architecture
The best way to reduce vulnerabilities is by designing security into systems from the start.
Strong interview performance shows you understand key concepts like least privilege, defence‑in‑depth, and secure SDLC (Software Development Life Cycle).
Validate Your Communication Skills
Security professionals often interact with stakeholders who have varying levels of technical knowledge.
If you can articulate complex security threats clearly, you’ll stand out as someone who can drive cultural buy‑in for security initiatives.
A strong showing in coding challenges and system design discussions can prove you’re equipped to defend mission‑critical systems. Now, let’s explore the key technical questions you might face.
2. 15 Real Coding Interview Questions
While not all cyber security roles require daily coding, a robust handle on secure coding practices and automation can be a major advantage. Below are 15 coding questions often encountered in security‑focused interviews—designed to assess everything from your cryptographic knowledge to your command of scripting for incident response.
Coding Question 1: Secure Password Storage
Question: Write a function to securely store user passwords, using salt and a recommended hashing algorithm.
What to focus on:
Modern hashing functions (Argon2, bcrypt, PBKDF2).
Salt generation and storage (unique per user).
Avoiding common pitfalls like unsalted hashes or reversible encryption.
Coding Question 2: Input Validation & Sanitisation
Question: Implement a routine that sanitises user‑submitted data to prevent SQL injection or cross‑site scripting (XSS).
What to focus on:
Properly handling special characters.
Use of parameterised queries or stored procedures.
Output encoding for HTML, JSON, etc.
Coding Question 3: Encrypting a File on Disk
Question: Demonstrate how you’d encrypt a file on disk using a symmetric key (e.g., AES‑256 in CBC or GCM mode).
What to focus on:
Key generation and storage.
IV (initialisation vector) usage.
Handling encryption errors and potential data corruption.
Coding Question 4: Log Parsing for Incident Response
Question: Write a script (in Python, Bash, or another language) that scans server logs for suspicious patterns, such as brute‑force attempts or repeated error codes.
What to focus on:
Pattern matching (regex or substring search).
Scalability for large log files.
Real‑time vs. batch processing.
Coding Question 5: Secure File Transfer
Question: Code a function that securely uploads files to a remote server via SFTP or an equivalent encrypted protocol.
What to focus on:
Key‑based authentication vs. passwords.
Verification of host identity (avoiding man‑in‑the‑middle).
Handling partial or interrupted file transfers.
Coding Question 6: Detecting Malware Signatures
Question: Implement a simple scanner that compares file hashes against a database of known malware signatures.
What to focus on:
Hash calculation (SHA‑256 or better).
Updating signatures securely.
Handling large files (streaming vs. loading into memory).
Coding Question 7: Token‑Based Authentication
Question: Write code for generating and validating JWT (JSON Web Tokens) for a web application’s authentication flow.
What to focus on:
Token claims (subject, expiry, issuer).
HS256 vs. RS256 signing.
Token revocation strategies and rotation.
Coding Question 8: SSL/TLS Socket
Question: Implement a simple TLS‑enabled client that connects to a server, sends data, and prints the response.
What to focus on:
SSL/TLS handshake steps.
Verifying the server’s SSL certificate chain.
Potential fallback or protocol negotiation.
Coding Question 9: Secure Session Management
Question: Create a secure session mechanism for a web application, ensuring session IDs can’t be guessed or stolen easily.
What to focus on:
Generating cryptographically random session IDs.
HTTPS‑only cookies, Secure and HttpOnly flags.
Session expiry and rotation on privilege escalation.
Coding Question 10: Automating Security Patches
Question: Write a script that queries a system for installed packages and checks for available security updates.
What to focus on:
Package manager usage (apt, yum, pip, etc.).
Identifying vulnerabilities (CVEs).
Graceful handling of failures or partial updates.
Coding Question 11: Network Packet Analysis
Question: Given a raw network capture (PCAP file), write code to extract and count HTTP requests from a particular IP address.
What to focus on:
Parsing or filtering PCAP data with libraries (e.g., Scapy, pyshark).
Handling protocols (TCP stream reassembly).
Efficiency in large data sets.
Coding Question 12: Secure API Gateway
Question: Implement a stub for an API gateway that validates API keys and rate limits incoming requests.
What to focus on:
Checking request headers or tokens.
Rate limiting (token bucket, leaky bucket).
Returning appropriate error codes (e.g., 429 for Too Many Requests).
Coding Question 13: Two‑Factor Authentication
Question: Write code that generates TOTP (Time‑Based One‑Time Password) codes, such as those used by Google Authenticator.
What to focus on:
HMAC‑based OTP generation.
Time windows (30 seconds by default).
Securely storing and sharing the secret seed.
Coding Question 14: Parsing /etc/passwd for Vulnerabilities
Question: Create a script that inspects a Unix /etc/passwd file to identify weak configurations (e.g., empty passwords).
What to focus on:
Distinguishing valid vs. invalid fields.
Checking hashed password indicators (e.g., ‘x’ or ‘!’).
Reporting misconfigurations or null values.
Coding Question 15: Logging Web Requests for SIEM
Question: Set up a microservice that logs all incoming HTTP requests to a security information and event management (SIEM) system in real time.
What to focus on:
Reliable, async log streaming (e.g., Kafka, syslog).
Structured logging with relevant fields (IP, user agent, path).
Handling SIEM downtime or rate limits.
Key Takeaways for Coding:
Security is holistic—it’s about layering encryption, sanitisation, and robust authentication, rather than relying on any single control.
Testing is vital—automated unit tests, integration tests, and vulnerability scans should all be part of your workflow.
3. 15 Security Architecture & Design Questions
Cyber security interviews rarely end with coding challenges. You’ll also need to show big‑picture thinking around designing and securing systems. Below, we present 15 architecture questions spanning network design, cloud security, incident response, and beyond.
System Design Question 1: Zero‑Trust Network
Scenario: Design a network where each user and device must be continuously authenticated and authorised.
Key Points to Discuss:
Micro‑segmentation, software‑defined perimeter.
Identity‑aware proxies, continuous monitoring.
Reducing reliance on a single network boundary.
System Design Question 2: Secure Microservices Architecture
Scenario: You’re tasked with designing a microservices architecture with minimal lateral movement if one service is compromised.
Key Points to Discuss:
Service‑to‑service authentication (mTLS, JWT).
Network segmentation using firewalls, service meshes.
Principle of least privilege in container orchestration (Kubernetes, Docker).
System Design Question 3: Incident Response Strategy
Scenario: A ransomware attack has locked down critical servers. How would you architect an IR (Incident Response) plan?
Key Points to Discuss:
Detection (SIEM, IDS/IPS).
Containment (segregating infected hosts).
Eradication and recovery (restoring from offline backups).
System Design Question 4: Cloud Security Framework
Scenario: Migrate on‑prem workloads to a public cloud, ensuring data confidentiality and integrity.
Key Points to Discuss:
Encryption at rest/in transit (KMS, SSL/TLS).
IAM policies and role‑based access.
Monitoring and logging with cloud‑native services (AWS Security Hub, Azure Sentinel).
System Design Question 5: Secure SDLC
Scenario: Define the software development life cycle for a fintech application that handles sensitive transactions.
Key Points to Discuss:
Threat modelling early in design.
Automated SAST (Static Application Security Testing) and DAST (Dynamic Testing).
Security reviews pre‑deployment and post‑deployment.
System Design Question 6: High‑Availability Firewall Setup
Scenario: Architect a perimeter firewall solution with automatic failover in case the primary node goes down.
Key Points to Discuss:
Active/active vs. active/passive configurations.
Heartbeat protocols (VRRP, HA pairs).
Log aggregation for traffic analysis.
System Design Question 7: Data Loss Prevention (DLP)
Scenario: Design a system to prevent sensitive data (like customer PII) from leaving your corporate network.
Key Points to Discuss:
Classification of data at rest and data in motion.
Detection rules (regex for credit card numbers, personal identifiers).
Blocking/quarantining suspicious egress traffic.
System Design Question 8: Secure Remote Access
Scenario: A global enterprise needs a secure remote connection for employees, without sacrificing performance.
Key Points to Discuss:
VPN solutions (IPSec, SSL VPN, or next‑gen zero‑trust).
Multi‑factor authentication.
Monitoring and anomaly detection for remote sessions.
System Design Question 9: Compliance‑Driven Architecture
Scenario: Build a system that complies with UK and EU regulations (e.g., GDPR).
Key Points to Discuss:
Data residency and encryption.
Logging user consent and data usage.
Data deletion/erasure requests (Right to be Forgotten).
System Design Question 10: Physical Security & Network Segregation
Scenario: Set up a data centre environment with minimal risk of physical tampering or eavesdropping.
Key Points to Discuss:
Secure racks, locked cages, and video surveillance.
Separate VLANs for management, internal services, DMZ.
Access controls (smart cards, biometric locks).
System Design Question 11: API Security Gateway
Scenario: You have multiple internal APIs. Design a gateway that enforces consistent security policies across all of them.
Key Points to Discuss:
Rate limiting, throttling, and WAF (Web Application Firewall).
Centralised authentication (OAuth2, OpenID Connect).
Monitoring for anomalies or abuse patterns.
System Design Question 12: Secure Logging & Monitoring
Scenario: Build a centralised logging system that reliably collects logs from hundreds of devices and servers.
Key Points to Discuss:
Syslog, SIEM, or log aggregator pipelines (ELK Stack, Splunk).
Protecting log integrity (append‑only, WORM storage).
Real‑time alerting on suspicious events.
System Design Question 13: Secure Container Deployment
Scenario: Move a monolithic app into containers without introducing new vulnerabilities.
Key Points to Discuss:
Image scanning for known CVEs.
Minimal base images, dropping root privileges.
Kubernetes (or other orchestrators) security policies (Pod Security Policies, RBAC).
System Design Question 14: Threat Modelling
Scenario: Evaluate a new payment system for potential threats, ranking them by impact and likelihood.
Key Points to Discuss:
STRIDE or DREAD frameworks (or other threat‑modelling methodologies).
Data flow diagrams identifying key assets.
Mitigation strategies (encryption, gating authentication).
System Design Question 15: SIEM Implementation
Scenario: Your organisation wants to implement a Security Information and Event Management system from scratch.
Key Points to Discuss:
Log sources (firewalls, servers, applications).
Correlation rules for advanced threat detection.
Integration with SOAR (Security Orchestration, Automation, Response).
Key Takeaways for System Design:
Approach cyber security with a layered or defence‑in‑depth mindset—no single control can handle all threats.
Context matters—design must factor in the organisation’s risk tolerance, regulatory environment, and operational budget.
4. Tips for Conquering Cyber Security Job Interviews
Succeeding in cyber security interviews requires both deep technical expertise and strong communication skills. Here are some guidelines to help you shine:
Master the Fundamentals
Refresh your knowledge of networks, encryption, and operating systems.
Understand how TCP/IP or SSL/TLS works under the hood, not just at a surface level.
Stay Current with Threats & Tools
Cyber threats evolve constantly; keep abreast of new vulnerabilities and exploit techniques.
Familiarise yourself with industry‑standard security tools (Nmap, Wireshark, Metasploit) and frameworks (MITRE ATT&CK, NIST CSF).
Emphasise Real‑World Experience
Discuss times you handled a security incident—how you detected it, contained it, and restored systems.
If you’ve done penetration testing, share interesting findings (without breaching confidentiality).
Practise Explaining Complex Topics
You may need to break down advanced concepts for non‑technical audiences—practice giving succinct, jargon‑free explanations.
Interviewers often assess how well you communicate risks to management or clients.
Show Your Adaptability
Mention that you’re open to learning new frameworks or platforms.
Companies prize candidates who can pivot quickly when faced with novel attack vectors or emerging tech.
Brush Up on Regulations & Compliance
Many organisations worry about GDPR, ISO 27001, and other standards.
Proving familiarity with compliance underscores your ability to align security measures with business requirements.
Highlight Secure Coding Practices
Even if your role isn’t purely development, knowing OWASP Top Ten or CWE (Common Weakness Enumeration) can distinguish you.
Automated scanning, code reviews, and threat modelling are crucial parts of a robust SDLC.
Understand Attack Chains
Modern attackers follow tactics, techniques, and procedures (TTPs).
Show you can identify how an intruder might move laterally or escalate privileges once inside.
Ask Insightful Questions
In the final part of the interview, ask about their incident response programme, culture of security, or training budget.
This demonstrates genuine interest and helps you evaluate if the environment suits you.
Leverage Certs & Community Involvement
If you have relevant certifications (CompTIA Security+, CISSP, OSCP, etc.), highlight them.
Active participation in CTF events, local security meetups, or open‑source projects can also impress interviewers.
Balancing your technical acumen with clear communication and a track record of continuous learning will put you in prime position to secure a top cyber security role.
5. Final Thoughts
Cyber security is a dynamic, high‑impact field—protecting critical data and systems in an increasingly digital world. By working through these 30 real coding & system‑design questions, you’re building the foundations needed to ace an interview: from securing web apps and writing robust automation scripts, to conceptualising zero‑trust networks and planning incident response strategies.
Remember, an interview is also your chance to evaluate potential employers. Explore whether they prioritise security at the executive level and whether they invest in ongoing training for their teams. Strong alignment between your professional goals and a company’s security culture can foster a long and rewarding career.
When you’re ready to make your next move, check out www.cybersecurityjobs.tech. It’s a comprehensive resource for finding cutting‑edge cyber security roles throughout the UK—spanning ethical hacking, cloud security, compliance, and more. With the right technical preparation and a passion for safeguarding digital assets, you’ll be well on your way to thriving in this ever‑evolving field.