Your best bet is to go over all the info from the job post. They normally place all the info in there for what they are looking at. They will try and trick you sometimes, so just stick with what you know and say you will look it up if you don't or ask someone on the team if they do. Every interview is different, and you should know the basics. Answer from KleenHit27 on reddit.com
BankInfoSecurity
bankinfosecurity.com › whitepapers › 20-questions-to-ask-when-youre-evaluating-mdr-provider-w-9664
20 Questions To Ask When You’re Evaluating an MDR Provider
Acknowledging that attackers were not only increasing in sophistication but in the speed with which they could accomplish their objectives, MDR sought to help under-resourced security teams identify advanced threat actors and stop them before they could cause irreparable damage. As the market continues to take shape, these 20 questions are designed to qualify or disqualify a potential vendor from consideration in relation to their ability to deliver against your unique Managed Detection and Response requirements.
Reddit
reddit.com › r/cybersecurity › final tech interview coming up - threat intelligence analyst 2. what questions can i expect?
r/cybersecurity on Reddit: Final tech interview coming up - Threat Intelligence Analyst 2. What questions can I expect?
March 13, 2024 -
I have a technical interview coming up for a Level 2 Threat Intelligence Analyst role in Managed Detection and Response (MDR) division of a US-based company. To fully prepare, what kinds of questions should I expect, especially regarding technical expertise, incident response, threat analysis, and industry knowledge? I want to be absolutely prepared for anything they throw at me.
Top answer 1 of 4
6
Your best bet is to go over all the info from the job post. They normally place all the info in there for what they are looking at. They will try and trick you sometimes, so just stick with what you know and say you will look it up if you don't or ask someone on the team if they do. Every interview is different, and you should know the basics.
2 of 4
2
Is the role public facing? Public Facing: How did you deal with a customer/mssp that says your MDR is too loud and it's escalating 10 issues per day? Not Public Facing: How do you feel about working 24/7/365? hahahaha I think the typical questions (you've probably heard them at this point) are: testing your SIEM/SOAR knowledge. Since you're level 2(heading to management), There's also a chance questions are more business/customer related. E.g. How do you make sure your team doesn't disrupt the customer's business operations?
WithSecure
withsecure.com › en › expertise › resources › 14-questions-to-get-the-right-managed-detection-and-response-for-you
14 questions to get the right Managed Detection and Response for you | WithSecure™
For example, instead of saying: ... your interviewee the message that you still don’t know if it’s true, assume it is true and ask: ‘Where is the money now?’ · Our experience is that in cyber security, buyers get what they pay for. Using these CIA techniques when asking the 14 questions above will help MDR solution buyers ...
Startup Jobs
startup.jobs › interview questions › other engineering › director of information security
Director of Information Security Interview Questions
Answer Example: "I tier vendors by data sensitivity and access, run lightweight questionnaires for low-risk and deeper reviews for high-risk, and bake security clauses/DPAs into MSAs.
CyberMaxx
cybermaxx.com › home › resources › 32 questions to ask when picking an mdr vendor
32 Questions to Ask When Picking an MDR Vendor | CyberMaxx
July 4, 2024 - This question helps you understand the breadth and depth of the vendor’s MDR services, such as threat detection, incident response, threat hunting, vulnerability management, and proactive security monitoring.
ConnectWise
connectwise.com › blog › top-10-cybersecurity-interview-questions
10 Cybersecurity Interview Questions | ConnectWise
Question: Have you ever had to handle sensitive information in a previous role? If so, how did you go about it? If you’re interviewing candidates for a position with any clients that require a security clearance, or would require them to handle sensitive information, you’re going to want to ensure they’re up to the task.
IntelligentHQ
intelligenthq.com › home › common questions and answers about managed detection and response
Common Questions and Answers about Managed Detection and Response - IntelligentHQ
January 4, 2021 - One cybersecurity service is managed detection and response, and this guide will answer some questions that arise when discussing this topic.
Reddit
reddit.com › r/cybersecurity › advice if anyones taken the sophos assessment for "mdr threat analyst intern position"
r/cybersecurity on Reddit: Advice if anyones taken the Sophos Assessment for "MDR Threat Analyst Intern Position"
January 4, 2024 -
I'm a senior majoring in cybersecurity and graduate with a bachelor's in August 2024. I have a couple certs, CompTia Sec +, Cisco Networking and cybersecurity. I've applied to over 60 internships and I have heard back from a 8 of them and currently in the interview process for them. I just received an email from Sophos recruiter that I have been selected for the interview process and I will be taking a 30-min assessment, with 30 multiple choice questions. Im just wondering what the test is like and if anyones been in the hiring process for this company.
Top answer 1 of 5
2
Hey! Tbh, I got a 90% on the assessment too. It wasn't what I thought it was going to be like but hey! It's kind of what I'm looking for but at least it's a foot in the door while I take all of my certifications exams over the next 2 months to prepare.
2 of 5
2
hey, i also applied for this positions, passed that assessment test and got a call from HR regarding further interview , i guess there are two more round after this
Red Canary
redcanary.com › home › blog › how to get an information security analyst job: interview questions, answers & advice (part two)
IT Security Analyst Job Interview Questions, Answers & Advice
April 30, 2024 - Seeking an information security analyst job? Red Canary's SOC hiring manager shares infosec interview questions, answers and advice.
Glassdoor
glassdoor.com › Interview › mdr-security-analyst-interview-questions-SRCH_KO0,20.htm
Mdr security analyst Interview Questions
Glassdoor - Free company interview questions and reviews for 2800830 companies. All posted anonymously by employees.
Startup Jobs
startup.jobs › interview questions › other engineering › information security officer
Information Security Officer Interview Questions
Answer Example: "I’d centralize logs from identity, endpoints, cloud control plane, and critical apps, starting with managed services (e.g., Security Hub, GuardDuty, EDR). I’d implement a few high-value detections (MFA bypass attempts, privilege escalations, anomalous data egress) and weekly review. As we grow, I’d evaluate a lightweight SIEM or managed MDR."
Reddit
reddit.com › r/cybersecurity › mdr analysts - day in the life
r/cybersecurity on Reddit: MDR analysts - Day in the Life
November 23, 2023 -
Couple of questions for my fellow frontliners.
Can you walk me through your day to day like with your current MDR?
Aside from analyzing and responding to alerts, do any of you get to engineer automations or do any implementation work for your customers?
Is the career growth potential high in your opinion?
Top answer 1 of 4
2
Our MDR service is more "white glove" than most. We do a lot of professional services for security engineering and helping configure customer infrastructure. We even do audits and risk assessments to find ways we can help them improve their internal security through best practices and all the normal security controls. Then of course we do all the normal T3 and T4 stuff like IR, REM, and forensics.
2 of 4
1
95% is working incoming cases for the clients. Depending on the size of the soc or mssp they’ll have engineers that do that automation and engineering of the tools so you won’t touch that much. You can also do some threat hunting when case queue isn’t busy. It’s a great learning job and if you pair that experience with some good certs or study engineering, grc, vuln mgmt, you can pivot into any area of security
Red Canary
redcanary.com › home › blog › 12 questions to ask before you buy mdr
12 questions to ask before you buy MDR | Red Canary
August 14, 2025 - Ultimately, the value of an MDR ... organizations struggling to manage complex security environments. But how do you know which provider is right for your organization? Our vendor-agnostic MDR Buyers’ Guide lists all of the questions you should ask while vetting MDR ...
Rapid7
rapid7.com › blog › post › 2016 › 09 › 29 › looking-for-a-managed-detection-response-provider-you-ll-need-these-38-evaluation-questions
38 Questions to Ask Your Next MDR Provider | Rapid7 Blog
July 25, 2024 - Don't worry. It can be done! To help you with your selection, our security experts put together a list of 38 vital questions you should ask each vendor during your search for the perfect partner.
Glassdoor
glassdoor.com › Interview › mdr-interview-questions-SRCH_KO0,3.htm
Mdr Interview Questions | Glassdoor
34 "mdr" interview questions. Learn about interview questions and interview process for 32 companies.
InfosecTrain
infosectrain.com › home › blog › soc scenario-based interview questions
SOC Scenario-Based Interview Questions
June 10, 2024 - By focusing on practical, real-world ... defend against cyber threats. ... 1. How can we triage alerts escalated from the SOC and differentiate false positives from genuine security threats?...
LinkedIn
linkedin.com › pulse › top-30-endpoint-security-interview-questions-answers-pawan-panwar-cn6qc
Top 30 Endpoint Security Interview Questions and Answers
We cannot provide a description for this page right now
Glassdoor
glassdoor.com › Interview › Rapid7-MDR-Specialist-Interview-Questions-EI_IE243542.0,6_KO7,21.htm
Rapid7 MDR Specialist Interview Questions
Glassdoor - Free company interview questions and reviews for 2800830 companies. All posted anonymously by employees.
KBDUMPS
kbdumps.com › home › 45+ endpoint detection and response interview questions
45+ Endpoint Detection And Response Interview Questions - KBDUMPS
May 13, 2025 - Divided into three levels—Beginner, Intermediate, and Advanced—these questions cover everything from core EDR functions and architecture to real-world threat hunting, detection engineering, and advanced incident response strategies. Perfect for SOC analysts, security engineers, and red/blue team members, this guide will arm you with the knowledge and confidence needed to excel in any cybersecurity interview.
Solutions Review
solutionsreview.com › home › 7 questions to ask mdr solutions providers in 2023
7 Questions to Ask MDR Solutions Providers in 2023
March 20, 2023 - This question aims to understand the level of access the MDR solutions provider requires to your organization’s network and systems. This will help you evaluate potential security risks and ensure that the provider’s access requirements align with your organization’s security policies.