Project/task management

Unit 1017 303 Botany Road

Zetland, NSW 2017

Mobile: 040 108 7759

donenfeldml@gmail.com

www.linkedin.com/in/matthewdonenfeld

Professional summary

Former military-trained Information technology professional with experience in auditing and evaluating the security of complex IT application and infrastructure environments. Identifying information security risks and providing technical solutions to align with best practices and industry standards. Versatile, self-motivated team player with exceptional organization and strong interpersonal skills.

AREAS OF EXPERTISE

IT security best practices	Audit reporting
Working with shifting priorities	Project/task management
Analytical, critical thinking and creative problem solving	Strong client relations and collaboration

Experience

Audit Manager 2019 – Present

Commonwealth Bank of Australia, Group Audit & Assurance

Sydney, NSW

• Performing complex and high-risk integrated IT and business audits. Including examining and verifying operational and managerial processes throughout bank;
• Assisted the delivery of IT audits within agreed timeframes and in line with the CBA internal audit methodology;
• Perform high quality, risk focused assurance work which provides management with powerful insights and recommendations for improving the control environment in line with Group strategic objectives;
• Interview customers and conduct process walkthroughs to understand the risk and control environment;
• Make recommendations to improve and simplify internal control processes;
• Integrate knowledge and assurance provided by other Line 102 risk functions and the external Auditors when undertaking audit fieldwork;
• Continuously seek ways to execute audits efficiently, without negatively impacting audit coverage/quality;
• Test key technology controls by gathering relevant audit evidence and interpreting data;
• Assist with issue trending and validation of closed audit issues;

Network Administrator 2017 – 2019

Sony Music Entertainment Australia

Sydney, NSW

• Provided network administration for office of over 90 employees to include support and troubleshooting for switching, routing, IP telephony, and Desktop support for Linux, MacOS, and windows platforms.

Senior IT Auditor 2016 – 2017

Sony Corporation of America

New York, NY

• Executed Sarbanes-Oxley IT General and application controls advisory audit testing around IT Security, Change Management, and IT Operations across various Sony platforms, including UNIX, AS-400, MainFrame and SAP Environments.
• Assessed key IT risks, evaluated effectiveness of internal IT controls, developed appropriate audit procedures, reviewed audit workpapers, and prepared and presented audit reports to senior management.

Senior Consultant 2015 – 2016

Ernst & Young

New York, NY

• Performed Financial Audit IT (FAIT) Integration procedures for Fortune 500 companies in the Government, Media and Entertainment, and Life Sciences industries.
• Conducted IT General Controls (ITGC) process walkthroughs and testing of change management, access management, and other IT operations (backups, restorations, issue tracking) pertaining to a variety of IT application environments.
• Evaluated design and operating effectiveness of controls supporting the IT environment and business processes.
• Evaluated cybersecurity risk assessments, system development life cycle reviews for large-scale application implementations; tools and utilities assessments; infrastructure security (Windows, SQL, UNIX, and Oracle) technical assessments; and application control tests.
• Articulated audit findings, risks, and detailed recommendations for improvements based on international standards; communicated to upper management through written reports and presentations
• Developed strategic plans to mitigate security risks by identifying compensating controls for issue remediation
• Coordinated tracking and status of audit evidence while working directly with process owners to answer follow-up questions.
• Led teams of 1-3 staff / interns to interact effectively with both clients and internal engagement managers while providing coaching and guidance on delegated tasks

Communications Information Systems Officer 2013 – 2014

U.S. Marine Corps

Okinawa, Japan

• Planned and directed the innovative use of tactical communication systems, and analyzed IT risks around cyber security, confidentiality and technology reliability for 6 tactical exercises over 10 months by managing a team of 6 personnel to do the work normally conducted by 60-80; ensuring the effective computing needs and technology in deployed and home-station environments for an organization of more than 600 personnel.
• Created and implemented a schedule consisting of tactical radio and data training and instruction for 6 personnel, developing a level of proficiency and readiness that supported the tactical communication needs of the employing organization.
• Improved tactical IT equipment maintenance readiness by identifying and correcting discrepancies in maintenance management practices, and providing guidance and direction for better procedures; ultimately increasing readiness from 50% to more than 90%.
• Accounted for $5M worth of military and commercial communications assets, including National Security Agency controlled cryptographic items, resulting in 100% accountability of principal end items.
• Revitalized the unit’s knowledge management program in support of a collaborative information environment for more than 600 personnel by interpreting organizational goals, policies, and procedures; renovating the organization’s SharePoint website; allowing for a streamlined and more systematic way for sharing information at all unit levels.

Assistant Operations / Training Officer 2013 – 2013

U.S. Marine Corps

Okinawa, Japan

• Directed, scheduled, and reported the training for more than 700 personnel by managing a team of 3 personnel, ensuring compliance with the Marine Corps’ Headquarters directed annual training requirements.
• Enabled the unit’s commanding officer visibility of scheduled training and its compliance down to the lowest echelons of the organization by single-handedly creating, actualizing, and administering an online SharePoint based training management and reporting tool, leading to more effective management and supervision of training requirements of over 60 Military Occupational Specialties against a very aggressive operational cycle.
• Supported over 200 service members with encrypted radio communications, internet, E-mail, file sharing, and directory services by analyzing IT risks around cyber security, confidentiality and technology reliability, planning a forward deployed IT architecture and managing a team of 14 personnel and more than $300k worth of communications assets; ensuring successful communication for a month long training exercise.

Radio Platoon Commander 2012 – 2013

U.S. Marine Corps

Okinawa, Japan

• Successfully managed and provided direction for 50 personnel by supervising training, human resources, and promoting morale and welfare; creating an effective people first system that allowed mission readily available Marines for operations across the pacific region.
• Coordinated and supervised the execution of 4 tactical communication exercises, validating tactical IT circuits across three geographically dispersed organizations.
• Provided technical supervision and control of a deployed IT architecture by monitoring tactical communication circuits, reporting discrepancies to higher echelons of leadership, and coordinating with adjacent and lower agencies to implement change management; providing more than 140 users with command and control capabilities

Satellite Communications Technician 2008- 2009

U.S. Marine Corps

Camp Pendleton, CA

• Successfully managed and provided direction for 120 personnel by supervising training, human resources, and promoting morale and welfare; creating an effective people first system that allowed mission readily available high performing Marines for operations across the pacific region.
• Employed and installed ground satellite terminals, adjusted audio and data levels, utilized test equipment to identify and diagnose terminal faults to the component level, and making risk assessments and repairs as required.
• Implemented quality and inventory control processes.
• Communicated maintenance status both verbally and in writing to subordinates, supervisors, contractors and vendors.

Marine Security Guard 2005- 2008

U.S. Marine Corps

The Hague, Netherlands; Niamey, Niger; Canberra, Australia

• Provided more than 4800 of armed internal security for American Embassies in the Netherlands, Niger, and Australia; resulting in safeguarding of government classified materials, personnel, and property.
• Coordinated and participated in More than 60 training response drills and 2 actual response drills improving the operational readiness of the security detachments in preparation for various contingencies.
• Responsible for evaluating and updating emergency action plans in preparation for various contingencies.
• Wrote more than 10 security violation reports while performing detailed inspections of the physical and procedural security measures of post, ensuring strict adherence to classified material accountability and control procedures.
• Wrote more than 50 incident reports identifying potential vulnerabilities and recommending improvements.

Electronic Switching Equipment Technician 2004 – 2004

U.S. Marine Corps

Okinawa, Japan

• Successfully used test equipment to check system status and effectively replaced inoperative components and interconnections for Nortel switching systems supporting the telecommunications need of more than 25,000 end users.
• Expertly programmed codes to establish system modes of operation and executed diagnostic routines, ensuring 100% operation for the duration of tour.

Education

Bachelor of Arts, International Studies, University of South Florida, Tampa, FL, 2011

Master of Science, Information Technology, Internetworking University of Technology Sydney, Sydney, NSW Expected Graduation June 2020

Industry CerTIFICATIONS

CompTIA Security +, COMP001020601832

Certified Information System Auditor, 16128640

Cisco Certified Network Associate, 433238043692CLUK

Certified Information Security Manager (Exam passed and application pending)

ISACA Cybersecurity Audit Certificate, 123474825

JAMF Certified Tech, 201710-26997-6345327

Blue Prism Accredited Developer, 4e128f28-dfdd-4fe9-9a0f-3159677f3ca9