Academic Projects Portfolio

Coursework from Master of Science in Cybersecurity and Information Assurance
Western Governors University, Utah

Introduction

This portfolio showcases cybersecurity projects I’ve completed as part of my academic journey and independent learning. The project featured below is my first major academic project from my Master’s program at Western Governors University. Additional academic projects and personal cybersecurity work are currently in progress and will be added to this portfolio as they are completed.

For video walkthroughs and demonstrations of my projects, visit my YouTube channel via the Blog page.

Project 1: Network Merger and Implementation Plan

Network Security Design
Course: Network Security Architecture | Status: Completed

Project Overview

This was my first comprehensive academic project in the Master of Science in Cybersecurity and Information Assurance program at Western Governors University. It demonstrates foundational skills in security architecture design, risk assessment, and regulatory compliance through a realistic business scenario.

Academic Context: This project was based on a hypothetical merger scenario designed to simulate real-world challenges cybersecurity professionals face when integrating organizations with different security requirements and compliance obligations.

Watch the project walkthrough video on myYouTube channel.

Case Study Scenario

Company A (Acquiring Entity):
A global financial institution based in the United States providing various financial products including checking accounts, bank cards, and investment products.

Company B (Acquired Entity):
A smaller specialized company offering software solutions to medical providers with credit card payment capabilities. Company B had no dedicated cybersecurity personnel and relied on third-party infrastructure support.

Academic Challenge:
Design a secure network architecture that integrates both organizations while addressing distinct security and compliance needs within a $50,000 first-year budget constraint.

Project Requirements

The assignment required me to:

✓ Integrate both companies’ networks seamlessly
✓ Implement zero trust security principles
✓ Incorporate both on-premises and cloud infrastructure
✓ Ensure compliance with financial, healthcare, and payment card industry regulations
✓ Utilize cloud-based security technologies for cost efficiency
✓ Stay within a realistic implementation budget of $50,000

My Methodology

Phase 1: Vulnerability & Risk Assessment

I began by conducting a comprehensive security assessment of both hypothetical networks:

Identified security vulnerabilities in each organization’s infrastructure
Assessed impact, risk, and likelihood using qualitative risk analysis
Examined infrastructure weaknesses including legacy systems and access control gaps
Analyzed existing security capabilities and identified tool redundancies
Documented compliance gaps across financial, healthcare, and PCI DSS requirements

Key Finding: Company B’s lack of dedicated security staff and reliance on third-party infrastructure created critical vulnerabilities requiring immediate remediation post-merger.

Phase 2: Network Architecture Design

Based on my assessment, I developed a comprehensive network topology incorporating industry security best practices:

Design Principles Applied:

Defense in Depth: Multiple layers of security controls to prevent single points of failure
Zero Trust Architecture: Continuous verification of all users and devices
Network Segmentation: Isolation of sensitive systems by business function and data classification
Least Privilege Access: Minimized permissions across all systems and user accounts
Enhanced Monitoring: Comprehensive visibility into network traffic and security events

Technical Implementation:

Mapped all network components to the OSI model and TCP/IP protocol stack
Designed VLAN segmentation separating financial data, healthcare systems, and general business networks
Integrated next-generation firewalls with deep packet inspection and intrusion prevention
Implemented cloud-based SIEM for centralized log management and threat detection
Strategically repurposed existing secure infrastructure to maximize budget efficiency

Phase 3: Regulatory Compliance Framework

One of the most challenging aspects was ensuring compliance with multiple regulatory frameworks:

Financial Sector Compliance (Company A):

SOX (Sarbanes-Oxley Act) for financial reporting integrity
GLBA (Gramm-Leach-Bliley Act) for customer financial information protection
Federal financial institution security examination standards

Healthcare Sector Compliance (Company B):

HIPAA Security Rule for Protected Health Information (PHI)
HITECH Act provisions for breach notification
State-level healthcare privacy regulations

Payment Processing Compliance (Both Companies):

PCI DSS (Payment Card Industry Data Security Standard)
Requirements for secure cardholder data storage and transmission
Quarterly vulnerability scanning and annual penetration testing

My Solution: I created a comprehensive compliance matrix mapping each security control to specific regulatory requirements, ensuring complete coverage without redundant implementations.

Phase 4: Threat Modeling & Risk Analysis

I conducted threat analysis specific to the merged organization’s risk profile:

Identified Threats:

Ransomware attacks targeting valuable financial and healthcare data
Insider threats from newly merged workforce with unclear access policies
Supply chain vulnerabilities through Company B’s third-party infrastructure providers
Credential-based attacks exploiting weak or shared passwords
Data exfiltration attempts targeting customer PII and PHI

Risk Mitigation Strategies:

Enterprise-wide multi-factor authentication (MFA) deployment
Role-based access control (RBAC) with regular access reviews
Comprehensive security awareness training for all employees
Vendor risk management program with security assessment requirements
Data loss prevention (DLP) controls for sensitive information
Incident response procedures with regulatory reporting workflows

Phase 5: Implementation Planning

My final deliverable included a phased, budget-conscious implementation roadmap:

Phase 1 (Months 1-3): Critical Security Foundation

Deploy next-generation firewalls and network segmentation
Implement identity and access management with MFA
Establish SIEM and security monitoring capabilities
Budget: $20,000

Phase 2 (Months 4-6): Compliance & Detection

Complete regulatory compliance implementations
Deploy endpoint detection and response (EDR) solutions
Establish secure backup and disaster recovery procedures
Budget: $15,000

Phase 3 (Months 7-12): Optimization & Validation

Launch security awareness training program
Conduct penetration testing and vulnerability assessments
Develop and enforce security policies and procedures
Budget: $15,000

Total First-Year Investment: $50,000

Recommended Technology Stack

Cloud-Based Services (Optimizing Costs):

SIEM: Splunk Cloud or Microsoft Sentinel for log aggregation and analysis
Endpoint Protection: Cloud-native EDR platform (evaluated CrowdStrike, SentinelOne alternatives)
Identity Management: Azure AD or Okta for centralized authentication
Backup & DR: Cloud-based backup solution for business continuity

On-Premises Components (Regulatory Requirements):

Firewalls: Next-generation firewalls for network perimeter defense
Network Infrastructure: Enterprise-grade switches and routers with VLAN support
Data Storage: On-premises file servers for most sensitive regulated data

Strategic Rationale: Hybrid approach leverages cloud economics for security services while maintaining on-premises control of highly sensitive data to satisfy regulatory auditors.

Cost-Benefit Analysis

I evaluated three implementation approaches:

Approach	Initial Investment	Annual Operating Cost	Advantages	Disadvantages
Fully On-Premises	$75,000+	$25,000+	Maximum control, simpler compliance	Exceeds budget, requires in-house expertise
Hybrid (Selected)	$50,000	$18,000	Balanced control & cost, scalable	Requires cloud security knowledge
Fully Cloud-Based	$30,000	$35,000+	Lower upfront cost, rapid deployment	Higher long-term costs, complex compliance

Final Recommendation: Hybrid architecture provided optimal balance of security effectiveness, regulatory compliance, and cost efficiency within the project constraints.

Key Deliverables Produced

As part of this academic project, I created:

Network Architecture Diagram – Comprehensive visual topology of integrated network
Vulnerability Assessment Report – Detailed analysis of security gaps and remediation priorities
Compliance Matrix – Mapping of 50+ security controls to specific regulatory requirements
Implementation Roadmap – 12-month phased deployment plan with milestones
Budget Allocation Document – Itemized cost breakdown with justifications
Threat Analysis Report – Risk assessment with likelihood and impact ratings
Security Policy Framework – Draft policies for the merged organization

See these deliverables in detail in my: YouTube project walkthrough.

Skills Demonstrated

This first major academic project allowed me to demonstrate competency in:

Security Architecture Design – Creating secure, scalable network infrastructure
Risk Management – Conducting vulnerability assessments and threat modeling
Multi-Framework Compliance – Applying HIPAA, PCI DSS, SOX, and GLBA requirements
Strategic Planning – Balancing security needs with business and budget constraints
Technical Documentation – Producing clear, comprehensive deliverables
Cost-Benefit Analysis – Optimizing security investments within financial limitations
Cloud Security Integration – Leveraging cloud services strategically

Key Learning Outcomes

This project taught me valuable lessons applicable to professional cybersecurity roles:

1. Thorough Assessment Enables Effective Architecture
You cannot design appropriate security without first understanding current vulnerabilities, business requirements, and regulatory obligations. Comprehensive assessment is not optional.

2. Compliance Cannot Be an Afterthought
Regulatory requirements must drive architectural decisions from day one. Attempting to retrofit compliance is both expensive and risky, especially across multiple frameworks.

3. Budget Constraints Require Strategic Thinking
Limited budgets demand creativity—repurposing existing secure resources, leveraging cloud economics, and ruthlessly prioritizing high-impact security controls.

4. Zero Trust Implementation Is Iterative
Zero trust architecture cannot be deployed overnight. It requires phased implementation, organizational culture change, and continuous refinement.

5. Clear Documentation Is Critical
Comprehensive documentation of security decisions, technical rationale, and implementation plans is essential for stakeholder approval, audit compliance, and operational success.

Real-World Relevance

While this was an academic exercise, the methodologies and skills are directly applicable to:

Merger & Acquisition Security – Organizations frequently face network integration challenges
Multi-Framework Compliance – Many companies must comply with multiple regulatory standards simultaneously
Security Architecture Roles – Fundamental skills for security architects and consultants
SMB Security Solutions – Small to medium businesses need cost-effective, compliant security

Personal Reflection

This was my first comprehensive security architecture project, and it challenged me to integrate knowledge from multiple domains—network security, compliance frameworks, risk management, and cloud security—into a cohesive solution.

What Surprised Me:
The complexity of balancing competing priorities. Every security decision had trade-offs: cost vs. security, compliance vs. usability, cloud vs. on-premises. Learning to make and justify these decisions was invaluable.

What I Would Do Differently:
If approaching this project again, I would place greater emphasis on change management and user adoption. Even the most technically sound security architecture fails if users cannot or will not follow secure practices.

Skills I’m Continuing to Develop:
This project sparked deeper interest in security architecture frameworks (TOGAF, SABSA), advanced compliance automation, and cloud security specialization.

Upcoming Projects

This is just the beginning of my academic and personal project portfolio. Currently in progress:

Western Governors University Academic Projects:

Penetration Testing Lab Assessment – Web application security testing and reporting
Incident Response Playbook Development – IR procedures for healthcare organization
Security Awareness Training Curriculum – Employee training program design
Cloud Security Implementation – AWS security architecture project

Independent Self-Study Projects:

Home SOC Lab Build – Security Onion and Wazuh SIEM deployment
Automated Vulnerability Scanner – Python-based security tool development
OWASP Top 10 Exploitation Lab – Hands-on web application security practice
Active Directory Attack & Defense – Enterprise security scenario simulation

Projects will be added to this portfolio as completed. Subscribe to my:YouTube channel via the Blog page (https://www.youtube.com/@funbird5860)for updates and video walkthroughs.

Video Content Available

For detailed walkthroughs, demonstrations, and technical deep-dives into my projects:

Visit my YouTube channel through the: Blog page

Video content includes:

Project overviews and architecture explanations
Technical demonstrations of security tools and techniques
Lessons learned and key takeaways
TryHackMe and Hack The Box walkthroughs
Cybersecurity tutorials and educational content

Academic Credentials

Master of Science, Cybersecurity and Information Assurance (In Progress)
Western Governors University, Utah

Relevant Completed Coursework:

Network Security Architecture
Security Compliance and Audit (In Progress)
Cloud Security (Upcoming)
Risk Management and Assessment (Upcoming)
Penetration Testing and Ethical Hacking (Upcoming)

Certifications Earned:

CompTIA Security+
ISC² Certified in Cybersecurity (CC)

Portfolio Purpose

This portfolio serves to demonstrate:

Academic Knowledge Application – Translating classroom learning into practical solutions
Technical Competency – Proficiency with security frameworks, tools, and methodologies
Professional Documentation Skills – Ability to produce clear, comprehensive deliverables
Problem-Solving Approach – Systematic thinking and strategic decision-making
Continuous Learning – Commitment to ongoing skill development

Target Audience: Hiring managers and recruiters evaluating candidates for entry-level cybersecurity positions.

Contact & Collaboration

I’m actively seeking entry-level cybersecurity opportunities where I can apply academic knowledge and hands-on skills to real-world security challenges.

Interested in discussing my projects or exploring opportunities?

Email: Completeness2025@protonmail.com
LinkedIn: https://www.linkedin.com/in/onyebuchi-iyase-6975a6350/
YouTube:https://www.youtube.com/@funbird5860 or FUNBIRD LLC

GitHub: https://github.com/royalpriest07
TryHackMe: https://tryhackme.com/p/funbird009
Location: Newark, NJ (Open to on-site, remote opportunities)

Legal Notice:
The projects displayed in this portfolio represent academic coursework completed as part of my Master of Science degree in Cybersecurity and Information Assurance at Western Governors University, as well as independent self-study projects. Academic projects are based on hypothetical case studies designed for educational purposes. This portfolio is intended for employer review as demonstration of technical competency and practical skill application. All Rights Reserved.

Status: Actively adding new projects – check back regularly or subscribe to my YouTube channel for updates @funbirdllc or @funbird5860

Onyebuchi Iyase

Tasks