Notes from an Atlassian Security Intern Interviewee


As part as of my Computer Engineering degree’s requirements to graduate, I need sixty days of industry experience. The required role isn’t exactly specific to my degree - I just need to be able to confirm that it meets some criteria (i.e. the job role undertakes Engineers Australia (EA) Stage 1 Competencies, and that my supervisor is an engineer too).

I decided to apply for Atlassian, one of the biggest tech companies in Australia - however not for a Computer Engineering role (which they don’t have anyway) or Software Engineering, but instead as part of their Security personnel!

Stage 0 | The Application

Sunday 20th June

The first step was hopping onto the job classified and filling in some details (the usual contact details, portfolios, audience survey). I actually found about the job classified through my university’s Security Society Facebook page.

It was a good thing I had finished my “new” resume a week or two prior, so I could just quickly filter for my security related entries and whack them into a PDF file for attachment.

Stage 1 | HackerRank

Monday 21st June

I received an email a day later with a standard HackerRank test, commonly used to quickly filter the more competent candidates. I took the test at night after dinner; 90 minutes, 5 questions.

It had been a while since I had done any HackerRank challenges, so I also spent some time to refresh myself on the interface(*), I also did a practise question or two.

I don’t think I did exactly outstandingly well…

* I had the exam page snapped to the left half of my computer screen, and my IDE snapped to the right side. But because of the reduced page width, the input and expected output spanned between multiple lines. This actually threw me off, as I spend at least 20 minutes on the first question trying to make sense of the input and output… I then realised that the first 2-3 lines were actually part of the same input / output - and after finally making sense of the input / output; I wrote up a solution and went to the next question.

By the time I had reached question two (four questions remaining), I only had around 35 minutes left - so I was abit tilted and stressed. I also know that some programming exams deduct your score with each unsuccessful submission - so I was very apprehensive with submitting (and testing my code) as I wasn’t sure if HackerRank also has that penalty feature.

I finished the exam, however I did not pass all of the hidden cases of all of the challenges (mainly execution timeouts). Wasn’t exactly too happy with my performance; but given my setback(*) I reckon that I did the best I could.

Stage 2 | Phone Interview

Monday 28th June

The day after my exam (actually only 11 hours after I completed it), surprisingly I got an email from their principal campus recruiter telling me that I had made it to the next stage of their application process 😲 (maybe I just had high standards on my previous performance). I scheduled the phone interview for the following week as I was pretty busy with university stuff.

The recruiter went over a few screening questions and reviewed my resume just to gauge my interest and overall potential. It was a very chill and casual call, where the recruiter introduced the different security divisions within Atlassian - ProdSec, SecInt and CorpSec (the latter which the internship was open for)

She explained the different (actual) interview rounds that I would go through

The interview rounds were scheduled for the week after, at a nice and early 9am start 😴

Stage 3 - Interview Rounds

Wednesday 7th Jully

All over Zoom, because COVID-19 and all that ~

Round 1 | Values Interview

9.15 - 10am

This interview was lead by the Corporate Security Manager, where he asked me a bunch of situational questions. I was advised by the recruiter to use the STAR framework, so I tried to frame my responses using that framework.

In preparation I had jotted down some bullet points about things to think about, rather than entire paragraphs - because I knew that if I did have paragraphs I would just start reading it verbosely, and I would be less impressionable with my speaking manner.

I had some responses to the generic interview questions, such as “Tell me your biggest weakness” as well its follow-up “How did you / are you turning that weakness into something good” - too bad neither were asked; though on the bright-side it made the interview much more human-like

Round 2 | Coding Interview

10.15am - 11am

Ugh I’m hungry, should’ve eaten breakfast

During this interview with one of their Senior Security Engineers, I was given a coding problem that I had to solve whilst articulating my thoughts (standard coding pair interview). The first one was a simplistic challenge so I breezed through it.

During the second problem I decided it was time to release the Picasso in me and whip out my MS Paint skills to draw a diagram on what I was trying to do (well, I used a web whiteboard rather than Microsoft Paint, but the point still stands).
After implementing the solution (explaining what I was doing along the way), the interviewer asked me to see if I could try to write an alternative, more efficient solution (in linear time as opposed to my original O(n^2) algorithm.

After a bit of big brain coding (minus the 5 minutes of me debugging my broken code), I had come with an O(n) solution, albeit different to the solution the interviewer had! I asked the interviewer to explain the provided solution, and we spent a bit of time comparing my algorithm to the provided one.

After the interview had ended, I spent a bit of time further understanding the provided solution, and I also compared my solution with those found on the internet. I reckon my solution was actually more elegant than the ones I had googled 🥳

Round 3 | Technical Interview

11.15am - 12pm

The last interview round! I was put against a Senior Security Intelligence Analyst, and another SecInt team member who quizzed me on a bunch of security domain questions, primarily centred around network and web technologies.

I actually really enjoyed this interview, as it was a rare chance for me to blurt a whole lot of security words to people who understand what they mean 🤣

They also gave me some input queries and command outputs, which they asked me to analyse and draw inferences from (I guess it was expected since my interviewers were both part of SecInt)

It was pretty cool to meet employees from the different security divisions of Atlassian. I found the interviewers to be really friendly and approachable.

Stage 4 | ???

Is there a stage four? Who knows!
We’ll find out soon enough

Stage 4 | $$$

I’ve given myself a bit of time to decide whether or not I’d like to actually accept the offer, but… we did it!

More posts

Thoughts of a Security Educator

My reflections as a university tutor for computer security


Yet another personal website update

Web-ifying my resume!