───✱*.。:。✱*.:。✧*.。✰*.:。✧*.。:。*.。✱ ───
My Role & Technical Contributions
Throughout this project, my role was the communications coordinator. This role was focused on ensuring consistency across the team’s deliverables. Although our team didn’t stay strictly within our roles, I was able to help coordinate our team. My primary responsibility was to translate the technical findings into a structured communication that aligned with the expectations within the project. I helped organize complex security concepts into formats so our team can more easily access them, and I ensured that our sections were somewhat consistent, and I helped support the integration of the project phases into a cohesive report.
I also contributed significantly to multiple sections across all three phases of the project. In phase 1, I worked on the organization analysis, where I examined the company’s business operations, technical infrastructure, assets, and existing security controls. This required analysis on how their systems interacted, identification of critical assets, and an understanding of the organization’s exposure to threats. I focused on mapping out the organization’s environment that would help support later risk assessment and architecture design decisions.
In phase 2, my contributions were more technical and visualization-focused. I developed several architecture diagrams, including:
- Current vs Target Architecture comparisons
- A Defense-in-Depth layered security model
- A Business Email Compromise attack flow
- An Incident Response workflow
- A NIST Cybersecurity Framework control coverage mapping
These diagrams were critical in translating abstract security principles into concrete system representations. For example, the defense-in-depth model illustrated how multiple layers of security controls, identity, network, endpoint, and monitoring, work together to mitigate threats. Similarly, the BEC attack flow diagram helped contextualize how an attacker could exploit weaknesses in email authentication and user behavior, which directly informed our recommendations.
I also contributed to parts of the Implementation Roadmap, specifically focusing on Phase 3 of the timeline, resource allocation across phases, and identifying dependencies and prerequisites. This required thinking beyond technical design and considering real-world constraints such as sequencing, team capacity, and implementation feasibility. I ensured that proposed solutions were not only technically sound but also realistically deployable within an organizational context.
In Phase 3, I was responsible for the Stakeholder Communication & Change Management section. This involved outlining how security improvements would be communicated across different stakeholder groups, including executives, IT teams, and end users. I focused on strategies to reduce resistance to change, improve adoption of new controls, and ensure that security initiatives aligned with business objectives. This included defining communication channels, training approaches, and feedback loops to support long-term success.
Additionally, I authored Section 3: AI & Tool Usage in the Team Collaboration Document. In this section, I documented how our team leveraged AI tools to support research, drafting, and editing. I emphasized responsible usage, including verification of outputs, maintaining academic integrity, and using AI as a productivity tool rather than a replacement for original work.
Across all of my contributions, I consistently applied key course concepts such as risk assessment, defense-in-depth, incident response planning, and the NIST Cybersecurity Framework. For example, when designing the target architecture, I aligned security controls with NIST CSF categories (Identify, Protect, Detect, Respond, Recover) to ensure comprehensive coverage. Similarly, my work on the BEC attack flow incorporated threat modeling concepts to illustrate how vulnerabilities could be exploited in real-world scenarios.
Overall, my role combined technical analysis, visual communication, and strategic planning. I contributed both foundational analysis and higher-level consulting recommendations, ensuring that our final deliverables were not only technically accurate but also professionally structured and actionable.
Collaboration & Challenges
Our team maintained consistent collaboration throughout the project by holding weekly meetings, where we worked through deliverables, aligned on expectations, and discussed any challenges we encountered. These meetings were essential for maintaining progress across multiple phases and ensuring that each team member stayed on track. In addition to synchronous meetings, we used a Discord group chat for asynchronous communication. This allowed us to quickly ask questions, share updates, and coordinate smaller decisions without waiting for the next meeting
One of the primary challenges we faced was coordinating work across multiple large deliverables, each with different levels of technical depth. Because the project spanned several phases, maintaining consistency between earlier analysis and later recommendations required careful attention. For example, the organization analysis in Phase 1 needed to align with the risk assessments and architecture designs in Phase 2. To address this, we regularly reviewed each other’s work and made adjustments to ensure continuity across sections.
Another challenge was balancing technical complexity with clarity. Some sections, particularly architecture diagrams and security frameworks, could easily become overly detailed or difficult to understand. In my role, I worked to simplify and structure these elements so they remained both technically accurate and accessible to a broader audience. This often involved iterating on diagrams and refining explanations based on team feedback.
Through this experience, I learned the importance of clear communication and accountability in a team setting, especially in a consulting-style project. Each team member was responsible for specific sections, but the final product required a high level of integration. I also gained insight into how professional teams manage large projects by combining structured meetings with flexible, ongoing communication.
Professional Development
This project helped me develop several key skills, including technical communication, system-level thinking, and the ability to translate complex concepts into clear deliverables. Creating architecture diagrams and writing stakeholder-focused content improved my ability to present technical information in a structured and professional way.
I also gained a better understanding of cybersecurity consulting as a field, particularly how organizations assess risk, design security architectures, and implement changes over time. While I do not plan to pursue a career specifically in cybersecurity, this experience showed me how integral security is to all areas of software and systems development.
Overall, the project reinforced the importance of building systems with security in mind and gave me valuable exposure to how real-world organizations approach these challenges.
───✱*.。:。✱*.:。✧*.。✰*.:。✧*.。:。*.。✱ ───