Apply computing fundamentals
Apply discrete math, programming, data structures, operating systems, and networking to cybersecurity problems.

Analyze risk and threats
Perform asset identification, threat modeling, vulnerability assessment, and risk analysis to prioritize controls.

Design and implement secure solutions
Design, configure, and implement security architectures and controls (e.g., IAM, network segmentation, cloud controls) that meet specified requirements.

Develop secure software
Apply secure coding practices, code review, and static/dynamic analysis to prevent common weaknesses (e.g., OWASP Top 10, memory safety issues).

Use cryptography appropriately
Select and correctly integrate cryptographic primitives and protocols for confidentiality, integrity, authentication, and non-repudiation.

Detect and respond to incidents
Collect and analyze logs/telemetry, build detection rules, and execute incident response playbooks, including containment, eradication, recovery, and post-incident review.

Conduct forensic investigations
Acquire, preserve, and analyze digital evidence in accordance with legal and ethical standards; produce defensible reports.

Evaluate security of systems
Plan and perform security testing (configuration reviews, vulnerability scanning, red/blue-team exercises) and communicate findings with remediation plans.

Interpret policy, law, and ethics
Explain and apply relevant regulations and standards (e.g., HIPAA, FERPA, PCI DSS, NIST/ISO), and assess ethical implications and societal impact of security decisions.

Communicate and collaborate effectively
Produce clear technical documentation and present findings to both technical and non-technical audiences while contributing effectively on multidisciplinary teams.

Professional readiness
Demonstrate habits of lifelong learning (e.g., certification prep, threat intel tracking), professionalism, and inclusive practices in diverse workplaces.

Experimentation and data-driven decisions
Design experiments, analyze results (including false positives/negatives), and use evidence to select and tune security controls.

Solid CS foundation — Programming (Python/Java), data structures, operating systems, networks, databases.

Cyber core — Security architecture, network & cloud security, identity & access management, risk management, cryptography, secure software development.

Hands-on labs every term — Virtualized and cloud sandboxes, red/blue-team exercises, capture-the-flag challenges, SIEM/log analysis.

Cloud & DevSecOps — Infrastructure as code, container security, CI/CD pipelines, cloud controls (AWS/Azure/GCP) with policy-as-code.

Incident response & forensics — Playbooks, threat hunting, evidence acquisition, chain of custody, report writing.

AI/data security — Threat modeling for AI systems, privacy engineering, secure ML pipelines, data governance.

Policy, law & ethics — HIPAA/FERPA/PCI DSS, NIST/ISO frameworks, governance/risk/compliance, ethics of offensive/defensive security.

Elective tracks (choose your lane) — Penetration testing, Cloud security, Digital forensics, Secure software/DevSecOps, Governance & compliance.

Industry-aligned certifications baked in — Prep woven into courses (e.g., CompTIA Security+, CySA+, Network+, AWS Cloud Practitioner, Certified in Cybersecurity (ISC)²).

Project-based learning — Real clients or community partners; build tools, dashboards, or security assessments for a living portfolio.

Capstone clinic — Two-semester team project: design, implement, and defend a secure solution end-to-end.

Internships & co-ops — Placement support with local hospitals, nonprofits, startups, and enterprise IT/security teams.

Cross-disciplinary options — Pair with minors in Business Analytics, Criminal Justice, Health Informatics, or Mathematics.

Flexible delivery — In-person, hybrid, and fully online course options; evening offerings for working students.

Career readiness — Resume/interview workshops, mock incident drills, ethics & professionalism, alumni networking.

Security operations & defense

Security Operations Center (SOC) Analyst (T1/T2)

Threat hunter / Detection engineer

Incident responder / Digital forensics analyst

SIEM engineer / Log analyst

Architecture, engineering & cloud

Security engineer / Security architect (network, endpoint, cloud)

Cloud security engineer (AWS/Azure/GCP)

Identity & Access Management (IAM) engineer

DevSecOps / Application security engineer

Testing & assurance

Vulnerability management analyst

Penetration tester / Red teamer

Security tester / Purple team specialist

Security auditor (technical controls)

Governance, risk & compliance (GRC)

Risk analyst / Third-party risk analyst

Compliance analyst (NIST, ISO 27001, HIPAA, PCI DSS)

Privacy analyst / Data protection specialist

Business continuity & disaster recovery (BC/DR) analyst

Software, data & AI security

Secure software developer

Product security engineer

Data/AI security specialist (model hardening, secure ML pipelines)

Privacy engineering analyst

Management / strategy (after a few years’ experience)

Security program manager

Security team lead / SOC manager

Information Security Officer / vCISO (later-stage role)

Sectors that hire

Healthcare systems and hospitals; finance/fintech; government and defense; education; tech and SaaS; retail and e-commerce; utilities/critical infrastructure; nonprofits.

Early-career job titles you’ll search for

“Information Security Analyst,” “SOC Analyst,” “Cybersecurity Analyst,” “IT Security Specialist,” “GRC Analyst,” “Vulnerability Analyst,” “Junior Penetration Tester,” “Cloud Security Associate.”

Helpful certifications (pick a few aligned to your track)

Entry/core: CompTIA Security+, (ISC)² Certified in Cybersecurity (CC), Network+

Blue team/ops: CySA+, Microsoft SC-200, Splunk/CoreSIEM certs

Pen testing: eJPT, PNPT, OSCP (advanced)

Cloud: AWS CCP/Security Specialty, Azure SC-900/SC-200/SC-100, GCP Associate Cloud Engineer

GRC/Privacy: ISO 27001 Lead Implementer (junior roles), IAPP/Certified Information Privacy Technologist (CIPT)