Looking for a job

Michael Burns

@michaelburns1

Message

Over 25 years in Cyber and Information Security. Focused on Policy & Standards

United Kingdom

Message

What I'm looking for

I am seeking a role that allows me to leverage my extensive experience in information security Policy & Standards.

I am focused on crafting comprehensive and clear, Information Security Policies and Standards. My expertise lies in clearly defining the spirit and intent for each policy or standard, ensuring they resonate with all levels from executives to end users.

Throughout my career, I have analysed complex security situations, interpreted data, and translated technical requirements into clear policy statements. My ability to negotiate and find compromise when teams have conflicting needs related to security controls has been instrumental in fostering collaboration and enhancing security governance.

I use a clear and concise writing style that enhances readability and understanding.

My recent roles include Information Security Policy & Standards Consultant at Hargreaves Lansdown, where I refreshed and reshaped policies and associated workflows. I have also worked with Zodia Markets, producing a suite of Information Security Policies & Standards.

My experience spans various organisations, including Fidelity International, Bank of America Merrill Lynch, and Citi Group.

Experience

Work history, roles, and key accomplishments

InfoSec Policy & Standards

Hargreaves Lansdown

Oct 2022 - May 2025 (2 years 7 months)

Refreshed and reshaped Information Security Policies & Standards, along with associated workflows. Engaged with various stakeholders and technical SMEs.

Security Policy Workflow Management Stakeholder Engagement Governance Policy Management Government Policy Process Knowledge Policy Implementation Policy Writing Policy Updates Policy Reviews Policy Documentation Policy Communications Cybersecurity Framework Cybersecurity Cybersecurity Operations NIST 800 53 NIST Cybersecurity Framework NIST Special Publications ISO 27001

InfoSec Policy Consultant

Zodia Markets

Feb 2022 - Sep 2022 (7 months)

Produced a comprehensive suite of Information Security Policies & Standards.

Security Policy Technical Writing Policy Implementation Cybersecurity Cybersecurity Management

Cybersecurity Project Lead

University of Sussex

Sep 2017 - Jan 2018 (4 months)

Implemented recommendations from a Cyber Maturity audit.

Cybersecurity Project Management Risk Management Cybersecurity Framework Cybersecurity Management Cybersecurity Operations ISO 27001

InfoSec Policy & Standards Consultant

Fidelity International

Sep 2015 - Jan 2017 (1 year 4 months)

Simplified 57 Policy & Standards documents to meet ISO 27001 audit requirements.

ISO 27001 Standards Simplification Negotiation NIST 800 53 NIST NIST CSF NIST Special Publications Policy Management Policy Implementation Policy Updates Policy Writing Policy Reviews Policy Documentation Cybersecurity Cybersecurity Framework Cybersecurity Management

VP Global Information Security Policy

Bank of America Merrill Lynch

Feb 2014 - Jul 2015 (1 year 5 months)

Managed global information security policies across EMEA and Latin America regions. Defined the spirit, intent, and audience for each policy or standard.