curtis rhodes

Over 34 years’ experience in Information Technology to include: Oracle hardware and software; Dell and HP hardware; resolving technical and general user problems in a Wide Area Network client server environment; Sybase , Oracle, Microsoft SQL database administration; Microsoft Windows operating systems; CISCO and Brocade switches; CISCO firewalls; CommVault Backup Administration; Fiber switches; Fiber based storage; Redhat Linux System Administration and VMware VSphere virtualization administration.  Over 10 years support in DIACAP and Risk Management Framework (RMF) accreditation process. Validated and performed continuous monitoring using over 50 STIGS, SCAP Benchmarks and STIG Viewer tools. Air Force PKI Trusted Agent, Information Security System Manager and Information Systems Security Officer on two different DOD computer system enclaves. ACAS system administrator. Software testing experience with Sybase Database Defense Automated Warning System and Avian Flu Kiosk system. Relevant Information Technology experience from U.S. Air Force from June 1978 to November 1998 summarized above.

Senior Network Security Engineer/ISSO
March 2020 – Present STS Systems Support, LLC
Experience Relevant to Principle Duties and Responsibilities:

Information Systems Security Officer (ISSO) for two Air Education Training Command systems. Promotion Testing System (PTS) and Promotion Testing System –NIPRnet (PTS-N). Develop POA&M milestones. Perform analysis from eMASS information.  Install and execute SCAP benchmarks and manual STIG checklists for the following:  VMware VCenter, VSphere 6.5/7.0  ESxi, Virtual Machine, Oracle 11g database, Oracle 12c database Oracle 19c database, Layer 3 Brocade switches, Redhat Enterprise Linux (RHEL) 7, Oracle Linux 7, Solaris 10, Windows 2012 R2 Server MS/DC, Windows 2016 R2 Server MS and Application Security Development.  Perform duties as VMware Administrator, Solaris 10 Administrator, Windows Administrator, Oracle 12c Database Administrator, Oracle Linux 7 Administrator, Solaris 10 Administrator, RHEL 7 administrator and analysis of GOTS applications.  Built new Virtual Machine ACAS scan server running on RHEL 7 Operating System. Deployed F5 BIG-IP LTM Virtual Appliance.   Experienced in configuring, executing and analyzing ACAS/Nessus scans.  Use tools such as Vulnerator to analyze data from STIG benchmarks, STIG checklist and ACAS/Nessus scans. Evaluate eMASS IA Security Controls.

Computer Security Specialist
October 2018 – March 2020 NCI
Experience Relevant to Principle Duties and Responsibilities:

Information Systems Security Officer (ISSO) for two Air Education Training Command systems. Promotion Testing System (PTS) and Occupational Analysis (OA). Develop POA&M milestones. Perform analysis from eMASS information.  Install and execute SCAP benchmarks and manual STIG checklists for the following:  VMware VCenter, VSphere 6.0 ESxi, Virtual Machine, Oracle 11g database, Oracle 12c database, Layer 3 Brocade switches, Redhat Enterprise Linux (RHEL) 7, Oracle Linux 7, Solaris 10, Windows 2012 R2 Server MS/DC, Windows 2008 R2 Server MS and Application Security Development.  Perform duties as VMware Administrator, Solaris 10 Administrator, Windows Administrator, Oracle 12c Database Administrator, Oracle Linux 7 Administrator, Solaris 10 Administrator, RHEL 7 administrator and analysis of GOTS applications.  Rebuilt new ACAS/Nessus Security Center laptop server.  Experienced in configuring, executing and analyzing ACAS/Nessus scans.  Use tools such as Vulnerator to analyze data from STIG benchmarks, STIG checklist and ACAS/Nessus scans. 

System Engineer Air Force Medical Information Systems Test Bed (AFMISTB)
Dec 2005 – Sep 2018 SENTEL/VECTRUS
Experience Relevant to Principle Duties and Responsibilities:

 Provide subject matter expertise for system engineering to support assessment activities. Collected and analyzed Military Treatment Facility wireless spectrum information for the deployment of the 2nd Generation Wireless project at two CONUS and OCONUS sites with an AFMESA test team. Performed assessment and analysis on 1586 Information Assurance Controls for the RMF process in DISA Enterprise Mission Assurance Support Service (eMASS) system. Data Collector for MHS Genesis Program. 
Develops plans and procedures.  Developed Security Plan, Implementation Plan, Configuration Management Plan, Incident Response and Business Continuity and Contingency for the RMF accreditation process. Organized RMF documentation according IA controls common functionality.   
Assistant Director System Engineering. 
Provides Information Technology support for Test Engineer related tasks. Includes developing and maintaining enclaves and standalone IT assets available to the Air Medical Information Systems Test Bed.  This includes providing system security for all available IT systems according to DOD standards. Implementing new technologies such as Virtualization. Evaluating and using test tools to reverse engineer application and system problems. As ISSM and ISSO obtained two three-year DIACAP systems accreditations and one three-year RMF system for the AFMISTB Test Enclave.  Over 10 years 
DIACAP/RMF accreditation experience.
Demonstrates familiarity with a variety of fields, concepts, practices, and procedures to include IM/IT and systems engineering. Lead Analyst responsible for obtaining and maintaining two three-year DIACAP system accreditations and one three-year RMF system accreditation. Implemented a highly effective virtualized Assured Compliance Assessment Solution (ACAS) to scan hardware and virtualized assets for security vulnerabilities. 
Relies on extensive experience and judgment to plan and accomplish goals.
Extensive troubleshooting skills and knowledge base to solve problems.  Plans for alternative fixes to problems.  Identifies and escalates problems to proper support level.
This position performs a variety of tasks in support of requirements. A wide degree of creativity and latitude is expected: Developed a highly recognized Risk Management Framework accredited Test Enclave within the Defense Health Agency.  


 

Global Information Assurance Certification (GIAC) Security Essentials – GSEC, Analyst number:  32748, 2 May 2012 thru 31 May 2024. 

DAU Fundamentals of System Planning, Research, Development and Engineering, 3.5 CEUs, Jun 2012