Summary
Overview
Work History
Education
Skills
Clearance
Certifications Education
Core Competencies
Timeline
Generic

Curtis Hale

North Charleston,SC

Summary

Dedicated IS Security Specialist leveraging military experience to enhance cybersecurity frameworks. Successfully maintained ATO compliance for critical systems and led comprehensive security assessments, resulting in improved risk management and vulnerability remediation. Proven ability to drive strategic cybersecurity initiatives that support organizational integrity.

Overview

20
20
years of professional experience

Work History

IS Security Specialist

Booz Allen Hamilton Holding Corporation
North Charleston
09.2022 - Current
  • Managed multiple systems, maintained ATO compliance, and enhanced security posture for three systems supporting Veterans Appeals and claims.
  • Managed GRC processes, including SSP, POA&Ms, threat assessment models, and security assessment reports.
  • Managed system documentation and requirements, including System Security Plan (SSP), Plan of Action and Milestones (POA&Ms), Threat Assessment Models, Security Assessment Reports, Quarterly User reviews, and vulnerability management.
  • Acted as subject matter expert for SAVD control assessments.
  • Acted as primary SME for SAVD control assessment, conducting post-assessment control review to ensure systems returned to compliance.
  • Migrated current ATO's from eMASS to SNOW CAM (Service Now Continuous Authorization Management)
  • Completed quarterly reviews of multiple application systems in VA GRC tools (Enterprise Mission Assurance Support Service (eMASS), Service Now Continuous Authorization Management (SNOW CAM)).
  • Supported annual system scans: Penetration Testing (PenTest), Database Scanning, Web Application Security Assessment (WASA).

Cyber Security Auditor

U.S. Army Cyber Protection Brigade
12.2017 - 09.2022
  • Expertly performed over 100 cyber security assessments of organizations worldwide ensuring systems were secured in accordance with DISA Security Technical Implementation Guides (STIGs).
  • Conducts cyber security audits of Network Infrastructure Devices, IDS/IPS, Firewall, VVoIP/VTC Systems for the Department of Defense (DoD) in accordance with standards published by the Defense Information Systems Agency (DISA).
  • Identified inaccuracies in DISA's Infrastructure STIG and provided remediation recommendations for accurate SQL audits across DoD.
  • Wrote executive summaries of assessed organizations’ cyber security posture, highlighting vulnerabilities and presenting findings to senior leadership.
  • Developed training environment within budget constraints, certifying 3 auditors and providing continued education for 6 auditors.

Senior Information Technician

U.S. Army 4th Combat Aviation Brigade
06.2014 - 12.2017
  • Developed and Administered Information Assurance Programs to improve system security and compliance for over 700 users.
  • Managed team of 6 to provide information assurance, support, and training for over 700 users and 200 systems.
  • Administered account management and privileges for 700 users using Active Directory.
  • Ensured that Classified and Unclassified systems are within compliance with Information Assurance Vulnerability Assessments (IAVMs).
  • Authorized and issued Classified Network access tokens in accordance to Department of Defense requirements.
  • Monitored compliance with annual training requirements for all users in Army Training and Certification Tracking System (ATCTS).

Systems Administrator

U.S. Army 404 Aviation Support Battalion
06.2012 - 06.2014
  • Led and trained team of 4 technicians to manage complex challenges within the supported network.
  • Verified patching and troubleshot system software, hardware, and networking issues to maintain operational integrity.
  • Administered networking and VVoIP systems and equipment throughout Brigade, supporting over 5000 Soldiers and ensuring readiness for sustainment operations.

Nodal Network Systems Operator/Maintainer

U.S. Army 589th Signal Company
10.2010 - 06.2012
  • Deployed, troubleshot, and maintained vital networking and communications systems for the Brigade as part of a 16-person team.
  • Configured secure tunneling, VLAN, and VVoIP for multiple networking infrastructure devices to enhance communication reliability.
  • Integrated Cryptographic devices into various network configurations to maintain confidentiality for transmitted communications across a WAN.
  • Configured Networking systems to provide both Classified and Unclassified communications for Senior members of the Brigade.
  • Assisted in implementing DoD security controls for internal VTC network, including routers, switches, and firewalls, strengthening system security.
  • Delivered immediate VTC support during critical operations, leveraging technical expertise to troubleshoot issues under high-pressure conditions.

Technical Systems Administrator and Technical Support

XFX Corp.
09.2006 - 03.2009
  • Administered internal infrastructure and database backup systems to ensure data integrity and availability.
  • Managed troubleshooting tickets for internal networking systems and productivity devices for all users.
  • Tracked and responded to online and offline troubleshooting problems for customers, addressing failures and repairs for motherboards and graphic cards efficiently.
  • Ensured complete customer support for compatibility issues, returns, repairs and replacement for faulty components.
  • Maintained trend analysis and analytics to identify manufacturing defects and inform product development.

Education

B.S. - Information Security Systems, Administration and Management

ITT Tech
San Bernardino, CA
04-2008

Skills

  • GRC tools
  • EMASS
  • SNOW CAM
  • TRM
  • ICAMP
  • NIST 800-53 r5
  • GRC processes
  • Audit Management
  • Compliance auditing
  • Cybersecurity strategy
  • Risk assessment
  • Risk management
  • Security documentation
  • Incident response
  • Disaster recovery
  • Business continuity
  • Vulnerability Management
  • Vulnerability assessment
  • Security implementation guides
  • STIGs
  • Nessus scanning
  • SIEM
  • EDRs
  • NIDS
  • NIPS
  • HIDS
  • HIPS
  • Firewalls
  • Systems hardening
  • System hardening
  • Security architecture
  • Access control
  • Cloud security
  • Application security
  • Packet Analysis
  • Wireshark
  • TShark
  • Inspection Tools
  • Networking
  • Routing
  • Switching
  • TCP/IP
  • Windows Servers
  • Windows Host Operating Systems
  • Cisco IOS
  • Systems administration
  • Documentation
  • Reporting
  • Detailed reporting
  • Problem solving
  • Effective communication
  • Team leadership
  • Leadership
  • IT security
  • Application security
  • Effective communication
  • Cloud security
  • Cybersecurity

Clearance

Top Secret / SCI

Certifications Education

GIAC - Certified Intrusion Analyst (GCIA), Continuous Monitoring (GMON), Certified Incident Handler (GCIH), Systems and Network Auditor (GSNA), Certified Ethical Hacking (GCEH), Security Leadership (GSLC), Certified Enterprise Defender (GCED), CompTIA - Net+, CompTIA - Sec+, Certified ICND - (Computer Network Defense), Security Readiness Review (SRR), Microsoft Active Directory Management, Trusted Agent Certification, USARMY SHARP Victim Advocate (Sexual Harassment and Rape Prevention), UPL – (Unit Prevention Leader) Drug and Alcohol Abuse Advocate, B.S. in Information Security Systems with a Concentration in Administration and Management, ITT Tech, 04/2008, Army Cyber School: Cyber Common Technical Core, Army Cyber School: Cyber Advanced Technical Core

Core Competencies

GRC tools (Enterprise Mission Assurance Support Service (eMASS)), Service Now Continuous Authorization Monitoring (SNOW CAM), Technical Reference Model (TRM), Information Central Analytics and Metrics Platform (ICAMP), TcpDump, Wireshark/TShark, CISCO ISE, Security Technical Implementation Guides (STIGs), Nessus scanning, NIST 800-53 r5, SIEM, NIDS/NIPS, HIDS/HIPS, EDRs, Systems hardening, Basic PowerShell, Firewalls, Networking, Routing, Switching, TCP/IP, Vulnerability Management, Inspection Tools, Windows Servers, Windows Host Operating Systems, Cisco IOS, Brocade, Juniper OS, Effective Written and Oral Communication, Documentation, Reporting, Leadership, Team Management, Audit Management

Timeline

IS Security Specialist

Booz Allen Hamilton Holding Corporation
09.2022 - Current

Cyber Security Auditor

U.S. Army Cyber Protection Brigade
12.2017 - 09.2022

Senior Information Technician

U.S. Army 4th Combat Aviation Brigade
06.2014 - 12.2017

Systems Administrator

U.S. Army 404 Aviation Support Battalion
06.2012 - 06.2014

Nodal Network Systems Operator/Maintainer

U.S. Army 589th Signal Company
10.2010 - 06.2012

Technical Systems Administrator and Technical Support

XFX Corp.
09.2006 - 03.2009

B.S. - Information Security Systems, Administration and Management

ITT Tech
Curtis Hale