Hunter A. Doyle — Information Security & Compliance

About

Professional Summary

Information Security and Compliance Analyst with 10+ years of experience supporting SOC, ISO 27001, ISO 27018, NIST-based programs, and FedRAMP Moderate environments. Skilled in IT audit, risk assessment, control testing, security documentation, and audit readiness. Currently leading GitHub's ISO certification programs and pioneering AI-assisted GRC workflows using GitHub Copilot CLI. CISA certified with deep expertise across cloud, AI governance, and emerging technology compliance frameworks.

Career

Work Experience

Security Analyst II

Mar 2021 — Present

GitHub · Remote, TN

Lead GitHub's ISO 27001, ISO 42001, ISO 27018, and ISO 27701 audit programs end-to-end
Support SOC audits by planning, scheduling, and executing control testing across multiple domains
Pioneer AI-assisted GRC workflows using GitHub Copilot CLI, automating evidence collection and audit tracking
Oversee end-to-end policy lifecycle management from development through review and approval
Lead ISO risk management programs using GitHub Projects and ZenGRC
Manage nonconformity board with 89 items across 12 audit domains
Contributed to FedRAMP Moderate documentation review and internal readiness activities
Identify and assess business and technology risks; provide mitigation guidance to engineering teams
Mentor audit staff; conduct performance reviews and coaching

Senior IT Control Analyst

Apr 2017 — Mar 2021

UKG (Ultimate Kronos Group) · Weston, FL

Designed, implemented, and tested security controls using ISO 27001, ISO 27018, SOC, and NIST frameworks
Executed internal audits and security assessments across IT General Controls domains
Developed SDLC audit plan streamlining control activities for 1,500+ developers
Led internal assessments and coordinated external audits (SSAE18, ISO 27018)

Risk Advisory Services Associate

Jul 2015 — Mar 2017

RSM US LLP · Miami, FL

Conducted general computer control reviews across UNIX, Windows, AS/400, and Oracle environments
Performed cybersecurity risk assessments and evaluated IT environments for compliance
Supported SOX audits through control identification, testing, and remediation tracking

Expertise

Core Competencies

FedRAMP Moderate NIST 800-53 SOC 1 / SOC 2 ISO 27001 / 27018 / 27701 ISO 42001 (AI Governance) IT General Controls Audit Planning & Execution Risk Assessment & Remediation Cybersecurity Assessments Evidence & Documentation Mgmt Policy Lifecycle Management Cloud & AI Compliance ZenGRC & GitHub Projects

Frameworks

Standards & Frameworks

ISO 27001

ISO 27018

ISO 27701

ISO 42001

SOC 1

SOC 2

NIST 800-53

NIST CSF

FedRAMP

CSA STAR

SOX

SSAE 18

AI

AI & Automation Highlights

AI Governance & Assurance

Work

Leading GitHub's ISO 42001 (AIMS) implementation as audit and compliance lead
Drove AIUC-1 AI Use Case gap analysis — established baseline readiness across all controls
Preparing AIMS Management Review for executive AI governance oversight
Building AI-control crosswalks across ISO 42001 ↔ ISO 27001 ↔ SOC 2 ↔ NIST AI RMF

AI Tinkering & Tooling

Personal

Personal GitHub Copilot CLI agent stack with custom skills, runbooks, and trigger-routed workflows
MCP server integrations across CRM, Microsoft 365, SharePoint, OneDrive, and a local knowledge vault
Lessons-learned + debrief loop — every session contributes to a continuously-improving operating manual
Keychain-only secrets discipline — no credentials stored in code, prompts, or markdown anywhere on disk

Credentials

Certifications

Certified Information Systems Auditor (CISA)

ISACA

Since 2018

ISMS v2.1 — Information Security Management Systems

BSI Group

Management Systems Auditing v2.0

BSI Group

ISO/IEC 27001:2013 Internal Auditor

BSI Group

Education

Academic Background

B.S. in Accounting

Florida State University

B.S. in Management of Information Systems

Florida State University

Connect

Let's Work Together

Interested in connecting about GRC, information security, audit programs, or compliance strategy? I'd love to hear from you.

Email Me LinkedIn GitHub