Benjamin Alonge Email and Phone Number

• Responsible for ensuring new employees and contractors receive current IT security awareness training.• Administer information security for windows server domain using Active directory.• Ensure adherence to all Security Administration Standard Operating Procedures.• Administer information security for Enterprise Applications such as exchange, RSA SecurID tokens, etc.• Administer information security for business mission critical internal applications.• Conduct audits on information technology, operating system platforms and operating procedures in accordance with established standards for accuracy, efficiency, security and risk mitigation.• Run data maintenance reports and fix Identified discrepancies.• Improve Provisioning and reporting automation with scripts.• Administer Azure AD users, groups, and devices, and participate in migration between on-premises and Azure AD through AD connect.• Experience with Microsoft 365 and office 365, including Teams, SharePoint Online, OneDrive, and Exchange Online.

• Responsible for ensuring new personnel on the contract receive current IT security awareness training.• Perform security controls assessments using NIST 800-53A to determine the extent to which security controls are implemented correctly, operating as intended, and producing the desired outcome in addition to meeting the security requirements for the system.• Develop, review, maintain, and update ATO packages such as System Security Plan (SSP), Security Assessment Plan (SAP), Security Assessment Report (SAR), Security Impact Assessment (SIA), Risk Assessment Report (RAR), and POA&M.• Verify ATO packages for accuracy, Compliancy, and completeness using NIST SP 800-18 and NIST SP 800-53 and the organization’s information security requirements• Update Systems Security Plans, as changes are implemented in the system through established configuration management policies. • Create and track for corrective actions for the plan of Acton and milestones (POAM) of all the accepted risks upon completion of the Security Control Assessment.• Reviews system security artifacts such as contingency plans (CP), incidence response plans (IRP), privacy impact assessments (PIA), memorandum of understanding (MOU)/interconnection security agreement (ISA), and risk assessment (RA) documents for compliance with NIST 800 guidelines and agency’s security requirements.• Support at biweekly POA&M meetings to get an update from the system admins on the opened POA&Ms.• Assign action items from the biweekly POA&M meeting provided by the Information system owners to the System Admins.• Participated in weekly CDM meetings to discuss vulnerabilities, CISA alerts and potential remediation actions with system and application owners.• Monitor controls post-authorization to ensure continuous compliance with the security requirements by evaluating threats and vulnerabilities through Nessus scan results and working with the IT staff for mitigation actions.

• Proactively resolved customer problems about equipment and services• Delivered just-in-time support both at the Helpdesk and across campus and respond to departmental technical emergencies to minimize data loss, meet deadlines, and support the needs of users• Guided over 75 students per day for information program and helped students utilize student self-service• Evaluated Students requests, research answers and ensured follow up promptly