Ops 401: Cybersecurity Engineering



Ready to kickstart your exciting career in cyber security operations (SecOps)? In this intensive course, delve into critical topics like cyber frameworks, data encryption, cloud security, network security, threat modeling, shell scripting, vulnerability scanning, and incident response. Gain valuable ethical hacker skills in penetration testing, and show off your awesome new abilities in two resume-enhancing projects!

Designed to prepare you for today’s most in-demand security skills, this hands-on course emphasizes practical SecOps. Students will gain cutting-edge skills by analyzing systems vulnerabilities, implementing defenses against common threats, and using industry-relevant tooling.

This course includes a career coaching curriculum to get you ready for your job search, plus job search assistance after graduation. The course totals 400 hours, including lectures, lab, coworking, and collaborative projects.

The first half of the course consists of five modules focusing on:

  • Module 1 Governance, Risk, and Compliance (GRC)
  • Module 2 Data Security
  • Module 3 Security Operations 1
  • Module 4 Cloud Security
  • Module 5 Midterm Project

The second half of the course consists of five modules focusing on:

  • Module 6 Threat Modeling and Analysis
  • Module 7 Security Operations 2
  • Module 8 AppSec and Vulnerability Analysis
  • Module 9 Penetration Testing
  • Module 10 Final Project

Certification Alignment

This course will substantially prepare you for achieving the learning objectives of CompTIA Security+ certification. This course covers significant aspects of all six domains required for Security+.

  • 1.0 Threats, Attacks, and Vulnerabilities
  • 2.0 Technologies and Tools
  • 3.0 Architecture and Design
  • 4.0 Identity and Access Management
  • 5.0 Risk management
  • 6.0 Cryptography and PKI

Students are strongly encouraged to register for the CompTIA Security+ during course prework, and take the exam during the final module.


At the end of this course, you will be able to land an entry-level Cybersecurity Analyst or Operations Technician role with skills to:

  • Assess risk using quantitative or qualitative methods
  • Document risk mitigations and perform security compliance audits
  • Take a security project all the way from conceptual requirements to technical implementation
  • Apply modern cryptographic principles to protect data at rest and in transit
  • Use data loss prevention (DLP) tools
  • Perform threat analysis and threat modeling using various tools such as STRIDE, cyber kill-chain, and MITRE ATT&CK
  • Explore web application security
  • Administer anti-malware systems and various security tools
  • Analyze IT systems security with vulnerability scanning
  • Perform penetration testing
  • Configure an intrusion detection/prevention system (IDS/IPS)
  • Performing incident response operations and SIEM event monitoring
  • Deploy configure, and query a SIEM
  • Oversee cloud security efforts using AWS native tooling


  • Required: Familiarity with algebra concepts
  • Ops 301: Networking and Systems Administration
    • Students with previous experience can test out of this requirement in their application. If you'd like to test straight into this course, please make sure you have experience with all of the topics covered in the Ops 201 and Ops 301 courses.


Once you are accepted into the course, please complete the Ops 401 Prework.


Governance, Risk, and Compliance (GRC)

  • Cybersecurity frameworks (e.g. SOC2)
  • CIA triad
  • Systems hardening
  • Risk analysis, assessment, and reporting
  • Security compliance and auditing

Data Security

  • Data classification
  • Data loss prevention (DLP)
  • Data privacy concepts and regulation (GDPR, CCPA)
  • Encryption standards
  • Password security
  • Protecting data at rest and in transit
  • Public Key Infrastructure (PKI)

SecOps Foundations

  • Threat detection with IDS, SIEM
  • Incident response lifecycle
  • Indicators of compromise (IOC)
  • SIEM deployment and operation
  • SIEM log and event analysis
  • SIEM troubleshooting, data ingestion, query writing
  • Threat hunting techniques

Cloud Security

  • Cloud identity and access management
  • Cloud security in AWS
  • Data loss prevention (DLP)
  • Intrusion detection & prevention systems (IDS/IPS, Snort)
  • Network traffic analysis
  • Virtual private cloud (VPC)
  • AWS native tooling (e.g. AWS CloudTrail)

Threat Modeling and Analysis

  • Tactics, techniques, and procedures (TTPs)
  • Cyber Kill-Chain
  • Threat Modeling
  • Data flow diagrams

SecOps: Threat Hunting

  • Malware detection with YARA rules, VirusTotal API
  • Malware traffic analysis
  • Forensic investigation
  • Threat hunting with Zeek, RITA

AppSec and Vulnerability Analysis

  • Web app scanning and exploitation with Burp Suite, w3af, OWASP ZAP
  • Vulnerability scanning tools, e.g. Nessus
  • Network and application vulnerability scans and assessments
  • Scanner output handling, false positives, prioritization
  • Vulnerability risk rating
  • Vulnerability types and concepts

Penetration Testing

  • Enumeration
  • Exploitation
  • Impact analysis
  • Investigation and intelligence collection
  • Legal considerations in pentest scoping
  • Nmap, metasploit, datasploit
  • Penetration test lifecycle
  • Planning
  • Scoping
  • Target profiling and evaluation

Career Transition Services

Changing careers is about more than learning a new skill. In tandem with your education, you will receive powerful career-building strategic training so you can confidently start your job search as soon as (or even before!) you graduate.

Our Career Transition Services provide training, mentoring, leadership, and introductions to industry partners to help you become a more well-rounded professional and a leader in your field. These services, which start in Ops 201 and continue after Ops 401 graduation, involve a series of events, workshops, and assignments that help you think holistically about your new career and take actionable steps towards success.

Learn More

Material Requirements

For all Ops courses beyond 101, you must attend class on the first day with:

  • A recent-model laptop (or desktop) computer:
    • Running a 64-bit Operating System: either macOS, Linux, or Windows Pro
    • Fully up to date, with the latest version of the operating system and all security updates installed
    • At least 60GB of free space on the hard drive
    • At least 16GB of RAM (or 8GB Unified Memory). 32GB RAM strongly preferred
    • Free of viruses, Zoom-ready (reliable webcam and microphone), and in general working order
  • A reliable high-speed internet connection.
  • An Ops Lab Kit (see below), which contains tools of an IT pro, and a PC to use for labs (where you can uninstall/reinstall the operating system repeatedly).
  • Sybex CompTIA Security+ Study Guide (includes access to online practice exams).

Computer Requirements

You are required to supply your own desktop or laptop computer (not a Chromebook) with adequate system specs to run Zoom, Slack, Remo, and Microsoft Visual Studio Code. This computer will be used to remotely access the Lab Kit PC, which will perform the majority of the resource-intensive virtual machine hosting during the class. You are also responsible for maintaining a reliable source of high-speed internet connectivity for attending lecture time and occasionally presenting via Zoom.

Ops Lab Kit

By the first day of class, you will need to have received ALL items from the Ops Lab Kit Amazon Shopping List as specified by Code Fellows. This means you are responsible for purchasing everything in the Ops Lab Kit list and ensuring it will be delivered to you before class starts.

If your funding source provides required materials, talk to your Admissions Advisor about ensuring a timely delivery.

Your Ops Lab Kit contains primarily:

  • A desktop tower PC computer intended for lab and data overwrite
  • Compatible peripherals
  • Two 32GB USB flash drives
  • Sysadmin toolkits
  • Cat5e networking supplies
  • A wireless router for home network isolation

Each kit costs approximately $400, and will be reused in every Ops course (you don't need to buy more hardware for later courses), in your job search, and beyond.

Stacked Modules

Concepts in each of our courses are taught using stacked modules, where a new concept is introduced in each class session, building upon what came before it. This is a challenging style that requires persistence, practice, and collaboration, but allows more concepts to be introduced over the length of the course. This method helps students learn and retain more information in a short period of time. Learn more about stacked modules »

Homework Policy

In order to pass the class, students must attain at least 90% of available points.


Punctuality, participation in discussions, completion of assignments, and demonstration of professional courtesy to others are required, in accordance with our Code of Conduct. Attendance will be taken at the beginning of every class. Passing requires at least 90% attendance. Students should always contact the instructors ahead of time if they are unable to attend all or part of the published class/lab hours.

Apply Now