Ops 401: Cybersecurity Engineering

Apply

Overview

Ready to kickstart your exciting career in cyber security operations (SecOps)? In this intensive course, delve into critical topics like cyber frameworks, data encryption, cloud security, network security, threat modeling, shell scripting, vulnerability scanning, and incident response. Gain valuable ethical hacker skills in penetration testing, and show off your awesome new abilities in two resume-enhancing projects!

Designed to prepare you for today’s most in-demand security skills, this hands-on course emphasizes practical SecOps. Students will gain cutting-edge skills by analyzing systems vulnerabilities, implementing defenses against common threats, and using industry-relevant tooling.

This course includes a career coaching curriculum to get you ready for your job search, plus job search assistance after graduation. The course totals 400 hours, including lectures, lab, coworking, and collaborative projects.

The first half of the course consists of five modules focusing on:

  • Module 1 Governance, Risk, and Compliance (GRC)
  • Module 2 Data Security
  • Module 3 Security Operations 1
  • Module 4 Cloud Security
  • Module 5 Midterm Project

The second half of the course consists of five modules focusing on:

  • Module 6 Threat Modeling and Analysis
  • Module 7 Security Operations 2
  • Module 8 AppSec and Vulnerability Analysis
  • Module 9 Penetration Testing
  • Module 10 Final Project

Certification Alignment

This course will substantially prepare you for achieving the learning objectives of CompTIA Security+ certification. This course covers significant aspects of all six domains required for Security+.

  • 1.0 Threats, Attacks, and Vulnerabilities
  • 2.0 Technologies and Tools
  • 3.0 Architecture and Design
  • 4.0 Identity and Access Management
  • 5.0 Risk management
  • 6.0 Cryptography and PKI

Students are strongly encouraged to register for the CompTIA Security+ during course prework, and take the exam during the final module.

Outcomes

At the end of this course, you will be able to land an entry-level Cybersecurity Analyst or Operations Technician role with skills to:

  • Use AI-based tools to accelerate learning and problem-solving
  • Assess risk using quantitative or qualitative methods
  • Document risk mitigations and perform security compliance audits
  • Take a security project all the way from conceptual requirements to technical implementation
  • Apply modern cryptographic principles to protect data at rest and in transit
  • Use data loss prevention (DLP) tools
  • Perform threat analysis and threat modeling using various tools such as STRIDE, cyber kill-chain, and MITRE ATT&CK
  • Explore web application security
  • Administer anti-malware systems and various security tools
  • Analyze IT systems security with vulnerability scanning
  • Perform penetration testing
  • Configure an intrusion detection/prevention system (IDS/IPS)
  • Performing incident response operations and SIEM event monitoring
  • Deploy configure, and query a SIEM
  • Oversee cloud security efforts using AWS native tooling

Prerequisites

  • Required: Familiarity with algebra concepts
  • Ops 301: Networking and Systems Administration
    • Students with previous experience can test out of this requirement in their application. If you'd like to test straight into this course, please make sure you have experience with all of the topics covered in the Ops 201 and Ops 301 courses.

Prework

Once you are accepted into the course, please complete the Ops 401 Prework.

Topics

Cybersecurity engineering with AI tools

Governance, Risk, and Compliance (GRC)

  • Cybersecurity frameworks (e.g. SOC2)
  • CIA triad
  • Systems hardening
  • Risk analysis, assessment, and reporting
  • Security compliance and auditing

Data Security

  • Data classification
  • Data loss prevention (DLP)
  • Data privacy concepts and regulation (GDPR, CCPA)
  • Encryption standards
  • Password security
  • Protecting data at rest and in transit
  • Public Key Infrastructure (PKI)
  • SSL/TLS

SecOps Foundations

  • Threat detection with IDS, SIEM
  • Incident response lifecycle
  • Indicators of compromise (IOC)
  • SIEM deployment and operation
  • SIEM log and event analysis
  • SIEM troubleshooting, data ingestion, query writing
  • Threat hunting techniques

Cloud Security

  • Cloud identity and access management
  • Cloud security in AWS
  • Data loss prevention (DLP)
  • Intrusion detection & prevention systems (IDS/IPS, Snort)
  • Network traffic analysis
  • Virtual private cloud (VPC)
  • AWS native tooling (e.g. AWS CloudTrail)

Threat Modeling and Analysis

  • Tactics, techniques, and procedures (TTPs)
  • Cyber Kill-Chain
  • MITRE ATT&CK
  • OWASP
  • STRIDE
  • Threat Modeling
  • Data flow diagrams

SecOps: Threat Hunting

  • Malware detection with YARA rules, VirusTotal API
  • Malware traffic analysis
  • Forensic investigation
  • Threat hunting with Zeek, RITA

AppSec and Vulnerability Analysis

  • Web app scanning and exploitation with Burp Suite, w3af, OWASP ZAP
  • CVE, CVSS
  • Vulnerability scanning tools, e.g. Nessus
  • Network and application vulnerability scans and assessments
  • Scanner output handling, false positives, prioritization
  • Vulnerability risk rating
  • Vulnerability types and concepts

Penetration Testing

  • Enumeration
  • Exploitation
  • Impact analysis
  • Investigation and intelligence collection
  • Legal considerations in pentest scoping
  • Nmap, metasploit, datasploit
  • OSINT
  • Penetration test lifecycle
  • Planning
  • Scoping
  • Target profiling and evaluation

Career Transition Services

Changing careers is about more than learning a new skill. In tandem with your education, you will receive powerful career-building strategic training so you can confidently start your job search as soon as (or even before!) you graduate.

Our Career Transition Services provide training, mentoring, leadership, and introductions to industry partners to help you become a more well-rounded professional and a leader in your field. These services, which start in Ops 201 and continue after Ops 401 graduation, involve a series of events, workshops, and assignments that help you think holistically about your new career and take actionable steps towards success.

Learn More

Material Requirements

Textbook Requirements

You can find a list of all required textbooks for our Ops and Cybersecurity Program here.

Computer Requirements

Prior to the first day of class, you will need a computer that meets the requirements detailed here in our FAQ.

Ops Lab Kit Requirements

You will also need to purchase an Ops Lab Kit, which will be reused in every Ops course. You won't need to buy any more hardware for later courses, in your job search, or beyond.

Stacked Modules

Concepts in each of our courses are taught using stacked modules, where a new concept is introduced in each class session, building upon what came before it. This is a challenging style that requires persistence, practice, and collaboration, but allows more concepts to be introduced over the length of the course. This method helps students learn and retain more information in a short period of time. Learn more about stacked modules »

Homework Policy

In order to pass the class, students must attain at least 90% of available points.

Professionalism

Punctuality, participation in discussions, completion of assignments, and demonstration of professional courtesy to others are required, in accordance with our Code of Conduct. Attendance will be taken at the beginning of every class. Passing requires at least 90% attendance. Students should always contact the instructors ahead of time if they are unable to attend all or part of the published class/lab hours.



Apply Now