If you're applying for a security job, learn as much about the job before you show up. Find out what OSes and applications the company runs (no, don't pen test and enumerate their computers without permission) and what security tools are preferred. Be prepared for any security-related question. Practice ahead of time. Research security problems and malware related to the involved platforms. Lastly, when asked a question you should know, don't get caught with a deer-in-the-headlights look; rather, have your answers ready to go. Come up with a few good general responses that will work well against any general security question, but don't make them so vague that the interviewer knows you're being evasive.
Also, don't dog your former employer. The same goes for criticizing any product or platform until you know how your interviewer feels about it. Insulting the interviewer's favorite technologies won't earn you any extra points.
Another tip: Don't brag about your black-hat, illegal exploits until you find out whether your intended employer is into hiring malicious hackers. (Most aren't.) Lastly, if the hiring manager tells you the company is going to do a routine legal background check as a part of the employment process, don't ask if it will be state or federal. If you do, it will probably be both.
Ultimately, the candidates we both hired were the most subject-knowledgeable of the bunch. You could tell they were well read, both in terms of favorite Web sites and security books. Mostly, the successful candidates were enthusiastic about the subject. That came through. They weren't just looking for a job; they were looking for a career, with specific goals and contributions in mind.
My last piece of advice: If you're having a hard time winning a job after repeated interviews, maybe it's time to seek professional interview advice or conduct fake interviews with a friend who is honest enough to tell you the truth.