Skip to content
View HaDoyle12's full-sized avatar
:shipit:
Working like Detective Squirrel
:shipit:
Working like Detective Squirrel
  • GitHub
  • Nashville
  • 22:58 (UTC -06:00)

Block or report HaDoyle12

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Please don't include any personal information such as legal names or email addresses. Maximum 100 characters, markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
HaDoyle12/README.md

Hunter Doyle

GRCC Department

GRC Audit and Compliance is a product-centric audit and continuous testing function that exists to fulfill the company’s audit obligations to customers and external stakeholders while providing leadership with insights into GitHub’s audit and control posture. We will add further value to GitHub’s go-to-market strategy by marketing customer-facing assurance reports as product features. Currently we manage the following audit work across GitHub:

  • SOC 1, SOC 2, and SOC 3 for GHEC and Actions
  • ISO 27001 for GHEC and Actions
  • FedRAMP Low Tailored for GHEC
  • PCI DSS for GHEC
  • MSFT Non-financial disclosures (internal MSFT requirements) for GitHub’s NFD metrics (Developers, MAC, MEU)
  • MSFT internal audits at GitHub (e.g. Security Governance, Trade Compliance, etc)
  • GHAE compliance and risk management
  • Azure DevOps (ADO) compliance, privacy, and risk programs

Learn more about Audit & Compliance programs and services over in https://www.github/security-grc-compliance

Current Role:

GitHub

GRC Security Analyst (Remote, USA)

  • Maintain productive customer partnerships, turning around difficult relationships (particularly with people not traditionally used to interacting with Internal Audit)
  • Reviews audit project plans, work papers and audit reports, including discussing issues with management, and ensuring adequate quality control is in operation. Follows up on replies to reports, reviews replies and posts audit reviews.
  • Oversee the planning, scheduling and execution of IT audits within established time budgets and deadlines, ensuring all activities conform to established departmental procedures. Supervise and review the work of audit staff and identify areas of needed improvement and assists staff in development. Prepares executive summary and submits audit findings/recommendations to executive management.
  • Identify and assess complex risks (both business and technological) and to provide advice to management regarding mitigation of these risks.
  • Manage and train staff in the execution of the IT audit and compliance activities. For the assigned staff, assign work, monitor progress, and provide coaching feedback on a regular basis. Prepare and deliver formal Semester Progress Review(s), as well as Annual Review(s).

Historic Experience:

UKG (Weston, FL)

SR IT Control Analyst

  • Design, implement, and test controls to comply with ISO 27001, ISO 27018, AICPA, and NIST control requirements
  • Developed advanced SDLC audit plan in tandem with control owner that streamlined controls used by 1,500 developers
  • Manage and assist external audits (SSAE18 and ISO 27018) and internal assessments
  • Facilitate customer understanding by completing customer due diligence questionnaires in a timely manner
  • Advise internal stakeholders on evolving compliance requirements
  • Assist management on identifying risk and provide remediation guidance to management

IT Control Analyst

  • Assisted in the facilitation of compliance, external, and internal audit procedures
  • Led the change in streamlining internal processes by changing internal tools
  • Maintained risk and control matrix, test plans, test attributes and status trackers
  • Assess the design and implementation of ITGC requirements against company policies and procedures
  • Inspected control evidence for adherence to completeness, accuracy and precision of control execution for ITGC

RSM US LLP (Miami, FL)

Risk Advisory Services

  • Executed UNIX, Windows, AS/400 (iSeries), and Oracle database general computer control reviews
  • Reviewed, evaluated and tested application controls, particularly automated controls on a wide range of software application packages used for financial reporting
  • Evaluated and improved the effectiveness and efficiency of operations for clients
  • Assisted clients in the review over the design, build, and operation of business processes
  • Analyzed and assessed the security environment for clients by conducting cyber security risk assessments and audits
  • Assisted financial audit and Sarbanes-Oxley compliance teams in the identification of control objectives and the design of control procedures to address those objectives
  • Determined technical and business impact of identified security and control issues and provide remediation guidance to clients
  • Executed and oversaw IT Audit SharePoint document knowledge repository, increasing employee productivity

Certifications:

License/Certification Date Effective
Certified Information Systems Auditor, ISACA December 2018
Information Security Management Systems v2.1, BSI June 2017
Management Systems Auditing v2.0,BSI June 2017
ISO/IEC 27001:2013 Internal Auditor, BSI June 2017

Other Projects Worth Noting

  • IT Design and Consulting for Standing Stone Nursery
  • Intake and review of GitHub Bugs identified in Hackerone.

Hobbies:

  • Exotic Plants 🌴
  • 4 Wheeling 🚴‍♂️
  • Hiking 🥾
  • Travelling ✈️
  • My children aka 🐕🐕🐕

Social Media:

Popular repositories Loading

  1. SmartThingsPublic SmartThingsPublic Public

    Forked from SmartThingsCommunity/SmartThingsPublic

    SmartThings open-source DeviceTypeHandlers and SmartApps code

    Groovy 1

  2. HaDoyle12 HaDoyle12 Public

    Config files for my GitHub profile.

  3. github-slideshow github-slideshow Public

    A robot powered training repository 🤖

    Ruby

  4. hello-github-actions hello-github-actions Public

    Dockerfile

  5. markdown-portfolio markdown-portfolio Public

  6. github-pages-with-jekyll github-pages-with-jekyll Public