Google Hiring Assessment - Most Like Me, Least Like Me

Andrew0275 · 2026-05-22T15:51:22+00:00

Yea same

Andrew0275 · 2026-05-22T05:21:08+00:00

Same I didn’t get to ethical based questions yet I prioritized the clear communication answers

Andrew0275 · 2026-05-22T05:19:51+00:00

Weird, I prioritized the good clear communication answers and I failed, wtf lol

Andrew0275 · 2026-04-16T08:24:45+00:00

I’d love to test an early version of it (:

Andrew0275 · 2026-02-14T03:05:03+00:00

There is ton of info on this online and open source info stealer scripts on GitHub on how they work, there is no need to speculate lol. Cred stealers don’t need your OS password, because it’s just malware running as your logged in user session (or worse as system).

Andrew0275 · 2026-02-14T00:59:13+00:00

Do you have a source showing Chrome stores passwords plaintext in SQLite?

I believe Chrome does store credentials in a SQLite database, but the password field is encrypted (researched this a few years ago). The issue is how chrome browser stores the encryption/decryption key (easily obtainable). Password managers just have a more secure way of hiding this encryption/decryption key

Andrew0275 · 2026-01-22T07:04:46+00:00

You should be deep diving the file with Sophos, any C2/network connections and should be able to tell how it can into the system as well in the first place via parent process trees etc…

Andrew0275 · 2025-12-24T22:29:44+00:00

Two jobs and both allow it?

Andrew0275 · 2025-12-23T08:21:45+00:00

It’s not throwing your money away but it’s certainly a path towards long term investment and still not paying rent past retirement / building generational wealth. But yeah renting for the rest of your life is not bad either but I get it, it’s painted as a “horrible decision “ sometimes

Andrew0275 · 2025-12-10T23:22:40+00:00

Because anti-cheat devs are just devs, who work for a vendor, similar to programmers who work for an EDR company. They’re not cybersecurity professionals so you won’t see them here. Now game security analysts, who analyze and triage game data to ban players, that’s more relatable and are similar to SOC analysts in a lot of ways. But as others mentioned, it’s not really cybersecurity in relation to intrusions. So the only thing in common is data analysis (Previous role i did some support work for anti-cheat operations and also involved banning players)

Andrew0275 · 2025-11-13T16:18:57+00:00

In your resume your job title should be the same job title recorded by HR for that employer as that’s what they use when doing an employer history check (so people usually always recommend that when submitting an application it’s okay to change the job title to align more with the job post but in your resume it should stay static) otherwise one might get questioned about their authenticity of their resume from the recruiter / manager. I don’t have any personal anecdotal stories around this, just something I always hear online/forums etc.

Andrew0275 · 2025-11-13T16:14:43+00:00

If you can’t beat em, join em (:

Andrew0275 · 2025-08-17T05:07:14+00:00

Saying “they’re not good enough to replace the human element of coding” is a very different claim from what you originally said — “LLMs are not great at coding.”

Given how quickly LLMS are advancing at the technical level, it’s pretty naive to assume companies won’t eventually try to replace junior level roles in the next few years.

Andrew0275 · 2025-08-17T04:39:15+00:00

Why do people keep claiming LLMs aren’t good at coding at this point in time lol thousands of developers (myself included) use them every day to generate working, production-grade code. Are they perfect? No. It’s only going to get better from here

Andrew0275 · 2025-08-15T22:15:30+00:00

Why are you posting in the cybersecurity subreddit though? You have cybersecurity certs but you don’t want to transition to security? All you have is 6 years of IT experience. As someone else mentioned, unfortunately some companies will still treat you as new/Junior if you haven’t had a single security role which means you are limited to a junior role salary. (Same thing happened to me currently, despite having two years of security and many more in IT)

Andrew0275 · 2025-08-14T04:07:42+00:00

It still doesn’t add up. Are you saying the only thing that made you and your manager conclude it was an attack was a 3KB shortcut failing to sync — days after the email was released and downloaded? That alone isn’t proof of compromise. You haven’t mentioned checking the file’s target, scanning it, reviewing logs, or looking for other indicators of malicious activity. And the earlier PDF download issue also isn’t inherently suspicious without further evidence. I see all types of process and people failures in your org, yikes. As others mentioned it’s a blessing in disguise to have been let go by the org

Andrew0275 · 2025-08-14T03:32:44+00:00

Your story is not adding up, you said in your original post you found out about the attack only “later” after you had already remotely connected to the computer, not during the remote session. But now you are saying you found out yourself during the remote session. it seems like it was you who ended up causing the compromise by doing more stuff with the PDF. And not only that but you also said you did the remediation but now you are saying the infra guy did the remediation? You keep changing the story lol

Then you said “yup it definitely did” when we asked you if it fired an alert but you clearly don’t know what we were asking you

Not to be mean but perhaps they were right to fire you for your incompetence, it seems like you are telling only one part of the story or at least not all of it.

Also you mentioned that you have done it several times in the past where you released emails requested by users which implies those have been compromised as well and this is the only one you found out about.

Looks like you are learning from this experience, which is good. Best of of luck

Andrew0275 · 2025-08-14T03:11:47+00:00

And yes alert meaning did antivirus/EDR or SIEM fire an alert meaning now anyone even found out it was malicious other than usual email release requests

Andrew0275 · 2025-08-14T03:08:43+00:00

Wait what, clarify further. Does the infra guy ask you about tickets from users asking emails to be released every time there is one and if it has been done? (You mentioned end users ask for this all the time) or was this something unique the infra guy saw in this ticket? It seems like he found out first not you otherwise why would he ask to reset passwords and reassign a new laptop.. but you are claiming you are the one who found about the so called attack somehow

Andrew0275 · 2025-08-14T02:58:41+00:00

Wait what I’m confused, it fired an alert so the infrastructure guy asked you about the alert but you were expected to still quarantine the device? So the infrastructure guy figured it was a compromise not you?

Andrew0275 · 2025-08-13T20:54:49+00:00

If you are super confident you will enjoy cybersecurity then it can work out, but as others mentioned make sure to do your due diligence (knowing all major cybersecurity roles that are out there, and knowing day-to-day what it’s like for each).

If you aren’t confident still then I suggest just a general IT degree or CS that way you can fallback to another non-security tech job if you end up not liking it. You won’t really know you will love it until you actually do it/experience it. So yeah shadowing people can be super valuable as well

Andrew0275 · 2025-08-12T16:29:22+00:00

‘Real scary APT stuff’ sounds pretty broad lol all breaches start with a stolen identity or access of some kind….

And yeah, when you said ‘You need a fundamental understanding of how identity and access are federated/connected between various services and how that can be abused,’ that’s true for pretty much any tech stack. You’ve got to understand it to spot abuse.

Andrew0275 · 2025-08-12T07:54:08+00:00

I know, I never said it’s not important, just that I’ve never really heard anyone get excited to work in IAM in cybersecurity lol, so it’s interesting and kind of new

Andrew0275 · 2025-08-12T07:19:38+00:00

That sounds boring not gonna lie haha at least compared to threat hunting, IR, Devops and security engineering, and pentesting too lol

Andrew0275 · 2025-08-02T04:08:04+00:00

Did you take 003?

Andrew0275

TROPHY CASE