Cyber Security Job Interview Warm‑Up: 30 Real Coding & System‑Design Questions

12 min read

The need for skilled cyber security professionals has never been greater. As organisations rapidly digitise their operations and store increasing amounts of sensitive data online, cyber threats loom large—ranging from sophisticated ransomware attacks to insider threats and state‑sponsored espionage. Against this backdrop, cyber security jobs remain some of the most in‑demand and mission‑critical roles on the market.

If you’re preparing for a cyber security interview, expect to be tested on a broad spectrum of topics—from secure coding and incident response to network security architecture and compliance standards. In many cases, companies also include problem‑solving exercises and system design scenarios to gauge how well you can apply theoretical knowledge to real‑world threats.

To help you ace these assessments, we’ve compiled 30 real coding & system‑design questions you might encounter. Each reflects a key area of cyber security—whether it’s encryption and key management, threat modelling, or designing a zero‑trust network. Along the way, we’ll offer insights and best practices so you can stand out from the crowd.

If you’re on the lookout for exciting cyber security roles in the UK, head to www.cybersecurityjobs.tech. There, you’ll discover a range of positions—covering everything from penetration testing and threat intelligence to compliance management and security operations. Let’s dive into the essentials of interview readiness.

1. Why Cyber Security Interview Preparation Matters

Cyber security involves more than just responding to attacks: it’s about building robust, defence‑in‑depth strategies that safeguard data, maintain service availability, and ensure compliance. Here’s why thorough interview prep is crucial in this domain:

  1. Demonstrate Your Technical Depth

    • Cyber security demands knowledge of cryptographic protocols, network architectures, operating systems, and more.

    • Interviewers want to see that you can integrate these concepts to prevent and mitigate security breaches.

  2. Showcase Your Problem-Solving Approach

    • Many security incidents require rapid, methodical responses.

    • By tackling coding challenges and scenario‑based questions with confidence, you’ll illustrate your ability to handle high‑stakes problem‑solving under pressure.

  3. Highlight Your Adaptability

    • Cyber threats evolve constantly, so you must keep pace with new attack vectors and emerging vulnerabilities.

    • Employers will look for proof that you can learn swiftly and pivot to new security tools or processes as needed.

  4. Emphasise Secure Coding & Architecture

    • The best way to reduce vulnerabilities is by designing security into systems from the start.

    • Strong interview performance shows you understand key concepts like least privilege, defence‑in‑depth, and secure SDLC (Software Development Life Cycle).

  5. Validate Your Communication Skills

    • Security professionals often interact with stakeholders who have varying levels of technical knowledge.

    • If you can articulate complex security threats clearly, you’ll stand out as someone who can drive cultural buy‑in for security initiatives.

A strong showing in coding challenges and system design discussions can prove you’re equipped to defend mission‑critical systems. Now, let’s explore the key technical questions you might face.


2. 15 Real Coding Interview Questions

While not all cyber security roles require daily coding, a robust handle on secure coding practices and automation can be a major advantage. Below are 15 coding questions often encountered in security‑focused interviews—designed to assess everything from your cryptographic knowledge to your command of scripting for incident response.


Coding Question 1: Secure Password Storage

Question: Write a function to securely store user passwords, using salt and a recommended hashing algorithm.
What to focus on:

  • Modern hashing functions (Argon2, bcrypt, PBKDF2).

  • Salt generation and storage (unique per user).

  • Avoiding common pitfalls like unsalted hashes or reversible encryption.


Coding Question 2: Input Validation & Sanitisation

Question: Implement a routine that sanitises user‑submitted data to prevent SQL injection or cross‑site scripting (XSS).
What to focus on:

  • Properly handling special characters.

  • Use of parameterised queries or stored procedures.

  • Output encoding for HTML, JSON, etc.


Coding Question 3: Encrypting a File on Disk

Question: Demonstrate how you’d encrypt a file on disk using a symmetric key (e.g., AES‑256 in CBC or GCM mode).
What to focus on:

  • Key generation and storage.

  • IV (initialisation vector) usage.

  • Handling encryption errors and potential data corruption.


Coding Question 4: Log Parsing for Incident Response

Question: Write a script (in Python, Bash, or another language) that scans server logs for suspicious patterns, such as brute‑force attempts or repeated error codes.
What to focus on:

  • Pattern matching (regex or substring search).

  • Scalability for large log files.

  • Real‑time vs. batch processing.


Coding Question 5: Secure File Transfer

Question: Code a function that securely uploads files to a remote server via SFTP or an equivalent encrypted protocol.
What to focus on:

  • Key‑based authentication vs. passwords.

  • Verification of host identity (avoiding man‑in‑the‑middle).

  • Handling partial or interrupted file transfers.


Coding Question 6: Detecting Malware Signatures

Question: Implement a simple scanner that compares file hashes against a database of known malware signatures.
What to focus on:

  • Hash calculation (SHA‑256 or better).

  • Updating signatures securely.

  • Handling large files (streaming vs. loading into memory).


Coding Question 7: Token‑Based Authentication

Question: Write code for generating and validating JWT (JSON Web Tokens) for a web application’s authentication flow.
What to focus on:

  • Token claims (subject, expiry, issuer).

  • HS256 vs. RS256 signing.

  • Token revocation strategies and rotation.


Coding Question 8: SSL/TLS Socket

Question: Implement a simple TLS‑enabled client that connects to a server, sends data, and prints the response.
What to focus on:

  • SSL/TLS handshake steps.

  • Verifying the server’s SSL certificate chain.

  • Potential fallback or protocol negotiation.


Coding Question 9: Secure Session Management

Question: Create a secure session mechanism for a web application, ensuring session IDs can’t be guessed or stolen easily.
What to focus on:

  • Generating cryptographically random session IDs.

  • HTTPS‑only cookies, Secure and HttpOnly flags.

  • Session expiry and rotation on privilege escalation.


Coding Question 10: Automating Security Patches

Question: Write a script that queries a system for installed packages and checks for available security updates.
What to focus on:

  • Package manager usage (apt, yum, pip, etc.).

  • Identifying vulnerabilities (CVEs).

  • Graceful handling of failures or partial updates.


Coding Question 11: Network Packet Analysis

Question: Given a raw network capture (PCAP file), write code to extract and count HTTP requests from a particular IP address.
What to focus on:

  • Parsing or filtering PCAP data with libraries (e.g., Scapy, pyshark).

  • Handling protocols (TCP stream reassembly).

  • Efficiency in large data sets.


Coding Question 12: Secure API Gateway

Question: Implement a stub for an API gateway that validates API keys and rate limits incoming requests.
What to focus on:

  • Checking request headers or tokens.

  • Rate limiting (token bucket, leaky bucket).

  • Returning appropriate error codes (e.g., 429 for Too Many Requests).


Coding Question 13: Two‑Factor Authentication

Question: Write code that generates TOTP (Time‑Based One‑Time Password) codes, such as those used by Google Authenticator.
What to focus on:

  • HMAC‑based OTP generation.

  • Time windows (30 seconds by default).

  • Securely storing and sharing the secret seed.


Coding Question 14: Parsing /etc/passwd for Vulnerabilities

Question: Create a script that inspects a Unix /etc/passwd file to identify weak configurations (e.g., empty passwords).
What to focus on:

  • Distinguishing valid vs. invalid fields.

  • Checking hashed password indicators (e.g., ‘x’ or ‘!’).

  • Reporting misconfigurations or null values.


Coding Question 15: Logging Web Requests for SIEM

Question: Set up a microservice that logs all incoming HTTP requests to a security information and event management (SIEM) system in real time.
What to focus on:

  • Reliable, async log streaming (e.g., Kafka, syslog).

  • Structured logging with relevant fields (IP, user agent, path).

  • Handling SIEM downtime or rate limits.


Key Takeaways for Coding:

  • Security is holistic—it’s about layering encryption, sanitisation, and robust authentication, rather than relying on any single control.

  • Testing is vital—automated unit tests, integration tests, and vulnerability scans should all be part of your workflow.


3. 15 Security Architecture & Design Questions

Cyber security interviews rarely end with coding challenges. You’ll also need to show big‑picture thinking around designing and securing systems. Below, we present 15 architecture questions spanning network design, cloud security, incident response, and beyond.


System Design Question 1: Zero‑Trust Network

Scenario: Design a network where each user and device must be continuously authenticated and authorised.
Key Points to Discuss:

  • Micro‑segmentation, software‑defined perimeter.

  • Identity‑aware proxies, continuous monitoring.

  • Reducing reliance on a single network boundary.


System Design Question 2: Secure Microservices Architecture

Scenario: You’re tasked with designing a microservices architecture with minimal lateral movement if one service is compromised.
Key Points to Discuss:

  • Service‑to‑service authentication (mTLS, JWT).

  • Network segmentation using firewalls, service meshes.

  • Principle of least privilege in container orchestration (Kubernetes, Docker).


System Design Question 3: Incident Response Strategy

Scenario: A ransomware attack has locked down critical servers. How would you architect an IR (Incident Response) plan?
Key Points to Discuss:

  • Detection (SIEM, IDS/IPS).

  • Containment (segregating infected hosts).

  • Eradication and recovery (restoring from offline backups).


System Design Question 4: Cloud Security Framework

Scenario: Migrate on‑prem workloads to a public cloud, ensuring data confidentiality and integrity.
Key Points to Discuss:

  • Encryption at rest/in transit (KMS, SSL/TLS).

  • IAM policies and role‑based access.

  • Monitoring and logging with cloud‑native services (AWS Security Hub, Azure Sentinel).


System Design Question 5: Secure SDLC

Scenario: Define the software development life cycle for a fintech application that handles sensitive transactions.
Key Points to Discuss:

  • Threat modelling early in design.

  • Automated SAST (Static Application Security Testing) and DAST (Dynamic Testing).

  • Security reviews pre‑deployment and post‑deployment.


System Design Question 6: High‑Availability Firewall Setup

Scenario: Architect a perimeter firewall solution with automatic failover in case the primary node goes down.
Key Points to Discuss:

  • Active/active vs. active/passive configurations.

  • Heartbeat protocols (VRRP, HA pairs).

  • Log aggregation for traffic analysis.


System Design Question 7: Data Loss Prevention (DLP)

Scenario: Design a system to prevent sensitive data (like customer PII) from leaving your corporate network.
Key Points to Discuss:

  • Classification of data at rest and data in motion.

  • Detection rules (regex for credit card numbers, personal identifiers).

  • Blocking/quarantining suspicious egress traffic.


System Design Question 8: Secure Remote Access

Scenario: A global enterprise needs a secure remote connection for employees, without sacrificing performance.
Key Points to Discuss:

  • VPN solutions (IPSec, SSL VPN, or next‑gen zero‑trust).

  • Multi‑factor authentication.

  • Monitoring and anomaly detection for remote sessions.


System Design Question 9: Compliance‑Driven Architecture

Scenario: Build a system that complies with UK and EU regulations (e.g., GDPR).
Key Points to Discuss:

  • Data residency and encryption.

  • Logging user consent and data usage.

  • Data deletion/erasure requests (Right to be Forgotten).


System Design Question 10: Physical Security & Network Segregation

Scenario: Set up a data centre environment with minimal risk of physical tampering or eavesdropping.
Key Points to Discuss:

  • Secure racks, locked cages, and video surveillance.

  • Separate VLANs for management, internal services, DMZ.

  • Access controls (smart cards, biometric locks).


System Design Question 11: API Security Gateway

Scenario: You have multiple internal APIs. Design a gateway that enforces consistent security policies across all of them.
Key Points to Discuss:

  • Rate limiting, throttling, and WAF (Web Application Firewall).

  • Centralised authentication (OAuth2, OpenID Connect).

  • Monitoring for anomalies or abuse patterns.


System Design Question 12: Secure Logging & Monitoring

Scenario: Build a centralised logging system that reliably collects logs from hundreds of devices and servers.
Key Points to Discuss:

  • Syslog, SIEM, or log aggregator pipelines (ELK Stack, Splunk).

  • Protecting log integrity (append‑only, WORM storage).

  • Real‑time alerting on suspicious events.


System Design Question 13: Secure Container Deployment

Scenario: Move a monolithic app into containers without introducing new vulnerabilities.
Key Points to Discuss:

  • Image scanning for known CVEs.

  • Minimal base images, dropping root privileges.

  • Kubernetes (or other orchestrators) security policies (Pod Security Policies, RBAC).


System Design Question 14: Threat Modelling

Scenario: Evaluate a new payment system for potential threats, ranking them by impact and likelihood.
Key Points to Discuss:

  • STRIDE or DREAD frameworks (or other threat‑modelling methodologies).

  • Data flow diagrams identifying key assets.

  • Mitigation strategies (encryption, gating authentication).


System Design Question 15: SIEM Implementation

Scenario: Your organisation wants to implement a Security Information and Event Management system from scratch.
Key Points to Discuss:

  • Log sources (firewalls, servers, applications).

  • Correlation rules for advanced threat detection.

  • Integration with SOAR (Security Orchestration, Automation, Response).


Key Takeaways for System Design:

  • Approach cyber security with a layered or defence‑in‑depth mindset—no single control can handle all threats.

  • Context matters—design must factor in the organisation’s risk tolerance, regulatory environment, and operational budget.


4. Tips for Conquering Cyber Security Job Interviews

Succeeding in cyber security interviews requires both deep technical expertise and strong communication skills. Here are some guidelines to help you shine:

  1. Master the Fundamentals

    • Refresh your knowledge of networks, encryption, and operating systems.

    • Understand how TCP/IP or SSL/TLS works under the hood, not just at a surface level.

  2. Stay Current with Threats & Tools

    • Cyber threats evolve constantly; keep abreast of new vulnerabilities and exploit techniques.

    • Familiarise yourself with industry‑standard security tools (Nmap, Wireshark, Metasploit) and frameworks (MITRE ATT&CK, NIST CSF).

  3. Emphasise Real‑World Experience

    • Discuss times you handled a security incident—how you detected it, contained it, and restored systems.

    • If you’ve done penetration testing, share interesting findings (without breaching confidentiality).

  4. Practise Explaining Complex Topics

    • You may need to break down advanced concepts for non‑technical audiences—practice giving succinct, jargon‑free explanations.

    • Interviewers often assess how well you communicate risks to management or clients.

  5. Show Your Adaptability

    • Mention that you’re open to learning new frameworks or platforms.

    • Companies prize candidates who can pivot quickly when faced with novel attack vectors or emerging tech.

  6. Brush Up on Regulations & Compliance

    • Many organisations worry about GDPR, ISO 27001, and other standards.

    • Proving familiarity with compliance underscores your ability to align security measures with business requirements.

  7. Highlight Secure Coding Practices

    • Even if your role isn’t purely development, knowing OWASP Top Ten or CWE (Common Weakness Enumeration) can distinguish you.

    • Automated scanning, code reviews, and threat modelling are crucial parts of a robust SDLC.

  8. Understand Attack Chains

    • Modern attackers follow tactics, techniques, and procedures (TTPs).

    • Show you can identify how an intruder might move laterally or escalate privileges once inside.

  9. Ask Insightful Questions

    • In the final part of the interview, ask about their incident response programme, culture of security, or training budget.

    • This demonstrates genuine interest and helps you evaluate if the environment suits you.

  10. Leverage Certs & Community Involvement

  • If you have relevant certifications (CompTIA Security+, CISSP, OSCP, etc.), highlight them.

  • Active participation in CTF events, local security meetups, or open‑source projects can also impress interviewers.

Balancing your technical acumen with clear communication and a track record of continuous learning will put you in prime position to secure a top cyber security role.


5. Final Thoughts

Cyber security is a dynamic, high‑impact field—protecting critical data and systems in an increasingly digital world. By working through these 30 real coding & system‑design questions, you’re building the foundations needed to ace an interview: from securing web apps and writing robust automation scripts, to conceptualising zero‑trust networks and planning incident response strategies.

Remember, an interview is also your chance to evaluate potential employers. Explore whether they prioritise security at the executive level and whether they invest in ongoing training for their teams. Strong alignment between your professional goals and a company’s security culture can foster a long and rewarding career.

When you’re ready to make your next move, check out www.cybersecurityjobs.tech. It’s a comprehensive resource for finding cutting‑edge cyber security roles throughout the UK—spanning ethical hacking, cloud security, compliance, and more. With the right technical preparation and a passion for safeguarding digital assets, you’ll be well on your way to thriving in this ever‑evolving field.

Related Jobs

Cyber Security Engineer, Crowdstrike, SIEM - Hybrid, London 75k

Cyber Security Engineer required by a London financial brokerage (near Bank station), paying up to £75k + bonus + benefits. Hybrid role (3 days office-based). Join a focused 3-person IT Security team, reporting to the IT Security Officer, to implement and maintain robust security across their infrastructure. Key responsibilities include managing WAF/DDoS, security gateways, SIEM/SOAR/EDR, firewalls, MFA/SSO, MDM/MAM, vulnerability scans,...

Walbrook

Technical Security Analyst

Do you want to be at the forefront of cyber security, protecting people, data and systems from the evolving digital threat landscape? Are you looking to apply your technical expertise in a collaborative and forward-thinking environment?As a Technical Security Analyst, you’ll be part of our Security team who are responsible for keeping our technology, processes and people safe. You'll apply...

Almondsbury

Cyber Security Incident Response Team (CSIRT) Specialist

Help us to make a world of differenceUrenco is a global leader in the production of low carbon energy. We work at the cutting edge of the transition to a sustainable, net zero world.We’re looking for a Cyber Security Incident Response Team (CSIRT) Specialist. Based at our Capenhurst office 2/3 days a week.At Urenco we’re committed to giving you opportunities...

Capenhurst

Cyber Security Specialist | Logrhythm

Cyber Security Specialist | LogrhythmSheffield£50,000 - £65,000 + Up to 20% Bonus10% Pension + Life Assurance + Excellent BenefitsHybrid - 3 days onsite** The business will support the application for security clearance. Due to the nature of work, the individual has to be a UK national or have lived and worked in the UK for the past 5 consecutive years....

Sheffield

Cyber Security Specialist | Logrhythm

Cyber Security Specialist | LogrhythmHatfield, Hertfordshire£50,000 - £65,000 + Up to 20% Bonus10% Pension + Life Assurance + Excellent BenefitsHybrid - 3 days onsite** The business will support the application for security clearance. Due to the nature of work, the individual has to be a UK national or have lived and worked in the UK for the past 5 consecutive...

Hatfield

Senior SOC Analyst

Senior Security Operations Centre Analyst with a strong background in security operations, threat detection, and incident response is required by Logic Engagements to work for a large scale leading organisation based in Gosport, HampshireAs a Senior SOC Analyst, you will be at the forefront of digital defence—leading incident response, improving detection mechanisms, and mentoring junior analysts.Your responsibilities will include:Analysing security...

Gosport

Get the latest insights and jobs direct. Sign up for our newsletter.

By subscribing you agree to our privacy policy and terms of service.

Hiring?
Discover world class talent.