Dec-Mar-26

Duration: 16 weeks

Hours: 8 hours/week (≈128 hrs total)

Format: 4 hrs lecture + 4 hrs lab each week

Goal: Students finish with hands-on projects, a portfolio, and interview readiness.

Week 1 – Foundations & Career Orientation

• Intro to cybersecurity careers (roles, 2025 job trends, pathways)
• Networking & OS refresher (TCP/IP, DNS, Windows/Linux basics)
• Lab: Build virtual lab (VMware/VirtualBox, Kali, Windows Server, Splunk trial)
• Assignment: Create LinkedIn + baseline resume

Week 2 – Cybersecurity Frameworks & Policies

• Security frameworks (NIST CSF, ISO 27001, CIS Controls)
• Cybersecurity policies (AUP, password, incident response)
• Lab: Write a simple security policy for a mock company

Week 3 – Cloud Security Fundamentals

• Cloud security basics (AWS, Azure, GCP)
• Shared responsibility model, IAM roles, policies
• Lab: Create AWS/Azure free-tier → secure S3 bucket / storage account

Week 4 – Cloud Security Hands-On

• Cloud logging & monitoring (CloudTrail, GuardDuty, Azure Sentinel)
• Lab: Deploy vulnerable app → fix misconfigurations with WAF, IAM, logging
• Project kickoff: “Secure My First Cloud App”

Week 5 – Identity & Access Management (IAM)

• AuthN vs AuthZ, SSO, MFA, Conditional Access
• Privileged Access Management (Okta, CyberArk, Azure AD)
• Lab: Azure AD → enable MFA + Conditional Access; Okta free developer SSO setup

Week 6 – Governance, Risk & Compliance (GRC)

• Regulations (GDPR, HIPAA, PCI DSS, SOC 2)
• Risk assessments, vendor management
• Lab: Build compliance checklist in Excel
• Assignment: Draft risk assessment for a fictional company

Week 7 – Threat Hunting & SIEM Fundamentals

• Security monitoring, logs, SIEM/XDR basics
• Lab: Install Splunk/Elastic → ingest Windows/Linux logs
• Detection basics (failed logins, privilege escalation)

Week 8 – Incident Response

• Incident Response lifecycle (Preparation → Recovery)
• Lab: Simulate ransomware attack with Atomic Red Team → investigate in Splunk
• Project: Write an IR report for the attack

Week 9 – Application Security (AppSec)

• Web application security (OWASP Top 10)
• Secure coding basics
• Lab: Exploit DVWA/Juice Shop → patch vulnerabilities

Week 10 – DevSecOps & CI/CD Security

• Shifting left: security in pipelines
• Tools: Snyk, GitHub Dependabot, static/dynamic testing
• Lab: Add security scanning to a GitHub Actions pipeline

Week 12 – AI in Cybersecurity

• AI use cases: SOC automation, anomaly detection
• AI risks: adversarial ML, prompt injection
• Lab: Python anomaly detection script on logs
• Lab 2: Use OpenAI API to auto-explain SIEM alerts

Week 13 – Career Preparation I (Portfolio Building)

• Resume & cover letter workshop
• Building GitHub portfolio (projects, labs, scripts)
• LinkedIn branding for cybersecurity jobs

Week 14 – Career Preparation II (Interview Skills)

• Technical interview prep (SIEM queries, cloud security, IR scenarios)
• HR interview prep (STAR method, “tell me about a time” stories)
• Mock interviews in class

Week 15 – Capstone Project Work

• Students select specialization: Cloud, IAM, GRC, IR, or AppSec
• Build final project + write report
• Instructor 1-on-1 project guidance

Week 16 – Capstone Presentations & Demo Day

• Students present projects (15 mins each)
• Peer & instructor feedback
• Final resume + portfolio submission
• Program wrap-up & job search roadmap

Outcomes by Week 16

 Each student leaves with:

• Portfolio (at least 3 projects: Cloud app, IR report, AppSec/DevSecOps pipeline)
• Capstone project (specialization-focused, polished for recruiters)
• Resume + LinkedIn optimized for cybersecurity jobs
• Mock interview experience