Artifact: Standard Operating Procedures (SOPs) — IT Analyst

Description:
As an IT Analyst, I created and updated Standard Operating Procedures (SOPs) to document critical technical tasks, troubleshooting steps, and onboarding workflows for my team. These SOPs covered repeatable processes such as account provisioning, secure access management, common troubleshooting scenarios, and guidelines for escalation.

By developing clear, well-structured SOPs, I ensured that new team members and interns could quickly understand complex systems and follow best practices consistently. This also minimized downtime and errors, supporting both security and efficiency within our operations.

Reflection:
Writing SOPs strengthened both my leadership and problem-solving skills. Drafting these documents required me to analyze technical problems, break them down into logical, step-by-step instructions, and think through potential failure points. It also required me to communicate clearly for audiences with varying levels of technical expertise.

In my leadership role with new interns, these SOPs served as training materials, helping onboard new team members faster and more effectively. They also reduced repeat questions and helped build a knowledge-sharing culture on our team.

This experience shows that I am able to translate technical knowledge into actionable guidance for others — a skill I know will be valuable as I pursue roles like Security Analyst or SOC Team Lead.

Artifact : NIST Cybersecurity Framework Journal Entry — Practical Application

The NIST Cybersecurity Framework (CSF) offers organizations a structured approach to managing and mitigating cybersecurity risks. It helps in identifying and addressing vulnerabilities through a standardized set of best practices, which can improve overall resilience against cyber threats. The framework also aids in meeting regulatory compliance and provides a flexible, scalable method that can be adapted to various organizational sizes and needs. By using the CSF, organizations can ensure that their cybersecurity strategies are aligned with business objectives, effectively communicated, and continuously improved.

In a future workplace, the CSF can be applied by first assessing the current cybersecurity posture and identifying areas for improvement. Developing a strategy based on the framework’s core functions—Identify, Protect, Detect, Respond, and Recover—helps in setting priorities and implementing necessary controls. Continuous monitoring and regular reviews ensure that cybersecurity measures stay effective and relevant. Engaging stakeholders through standardized communication and incorporating the framework into training programs can further enhance the organization’s security culture and readiness.

Description:
This written piece demonstrates my understanding of the NIST Cybersecurity Framework (CSF) and how to apply it in a real-world organizational setting. The CSF is a widely used standard that provides structured guidance for identifying, managing, and reducing cybersecurity risks. My write-up explains how organizations can align their security posture with the framework’s five core functions: Identify, Protect, Detect, Respond, and Recover.

This artifact shows that I can break down complex frameworks and translate them into actionable strategies that align with business goals and regulatory requirements. It also illustrates my ability to communicate technical concepts clearly — a skill that is essential when engaging both technical teams and non-technical stakeholders.

Reflection:
Learning to use the NIST CSF strengthened my problem-solving and learning agility. I first encountered this framework during my CYSE courses, where I studied how to assess risks and implement controls in lab scenarios. I built on that knowledge by researching real-world applications of the CSF in diverse industries.

At work, I see how structured frameworks like this can guide the development of policies and procedures, including SOPs and training for new hires. This reflection shows I can take theoretical knowledge and adapt it to practical, everyday security operations. I also recognize the importance of continuous improvement and stakeholder communication — key factors in maintaining strong cybersecurity resilience in any organization.

Artifact: Journal Entry — Opportunities for Workplace Deviance

Cyber technology has indeed opened up new avenues for workplace deviance by giving employees more access to sensitive data, greater anonymity, and increased opportunities for bypassing traditional oversight. With the ability to manipulate systems, steal information, or misuse company resources without immediate detection, employees can exploit digital tools for personal gain or to engage in harmful behaviors like data theft, harassment, or time theft. The rise of remote work and digital communication has also made it harder for employers to maintain direct control, further increasing the likelihood of deviant actions. As a result, organizations must adapt by implementing stronger cybersecurity measures, monitoring systems, and clear digital usage policies to minimize these risks.

Description:
This journal entry explores how cyber technology can create new opportunities for workplace deviance, such as data theft, misuse of resources, and other harmful behaviors that may go unnoticed without proper oversight. It discusses how increased access to digital systems, remote work, and anonymity have made organizations more vulnerable to insider threats.

By reflecting on these risks, I demonstrated my understanding of the human factors that can undermine security controls. This awareness is critical for developing practical solutions that combine technical safeguards with clear policies, training, and monitoring systems to reduce risk.

Reflection:
This entry shows how I approach cybersecurity problems from multiple angles, not just the technical side. Thinking about workplace deviance made me realize how important it is to anticipate human behavior when designing security measures. In my work, I’ve seen how creating clear SOPs, implementing access controls, and fostering a culture of accountability can reduce opportunities for misuse.

By learning about the behavioral aspects of cybersecurity, I’m better prepared to build practical solutions that balance security and usability. This artifact demonstrates my growth as an interdisciplinary thinker who can connect theory to real-world policies that protect both data and people.