Timothy Burn

Information Security professional currently working as a Senior Security Engineer. Over 20 years experience in the private and public sector working in risk, information security and intelligence. Have led successful teams across the globe, often in high risk and unstable environments, with the UK military, public corporations, and consultancies. British citizen – Green Card holder.

Professional Experience

Own (formerly OwnBackup) – New York

Senior Security Engineer (promoted from Senior Risk & Compliance Analyst)

May 2022 – Present

Own is the leading data platform trusted by thousands of organizations to protect and activate SaaS data. Own empowers customers to ensure the availability, security, and compliance of mission-critical data.

Email Security - Led complex cross-departmental project to implement Proofpoint Protection Server advanced email security and DLP for Gmail. Also lead on Email reputation DMARC policies and implemented MTA-STS via RedSift. Implemented Email Purple Teaming tool to verify security posture and expose risk.
Cloud Security - Lead for Enterprise IT and Business Intelligence projects in AWS utilizing Wiz platform.
Change Management - Created Jira integrations and workflows for CM, and incident response in ITSM.
Insider Threat – technical investigations; EDR and incident response via CrowdStrike; DNS security via Cisco Umbrella; password management via 1Password; Vulnerability and Patch Management via Qualys and Wiz; Splunk threat hunting, investigations, monitoring, and dashboard production; Google Workspace Investigations; external monitoring and third-party management via BitSight and ZeroFox.
Responsible for the Privacy & Security Awareness program at the company. Revamped training curriculum and delivery to ensure 100 percent completion. Conducted annual training using the Proofpoint platform to comply with multiple regulatory audits. Delivered training relevant to recent major breaches. Maintained awareness presentation slides displayed throughout tier 1 offices. Delivered Phishing simulation training and metrics; also designed and implemented a remediation training program for multi-clickers.
Supported successful SOC 1 & 2 Type 2 re-certification and ISO 27001 internal audit evidence gathering and packaging. Supported UK Cyber Essentials, HDS and FedRAMP Continuous Monitoring.

Brookfield Asset Management – New York

Global Security Analyst

January 2021 – May 2022

BAM has ~$650 billion AUM invested in over 2,000 assets across 30 countries and five continents. BAM is one of the world's leading investors in real estate and alternative assets.

Established a formal intelligence architecture including monitoring and information & intelligence requirements.
Led program to implement SaaS intelligence platform including global requirements, training, technological and content support.
Conducted on-site security assessments of various category type – including office, hospitality, logistics, student housing, retail and multifamily.
Managed junior analyst, provided guidance and editing for daily and ad-hoc analytical reports.
Assisted in global roll-out of security baseline and administration of SaaS GRC platform (OneTrust) to regional and local security teams in various real estate categories.
Ran tabletop exercise for New York assets and provided report detailing lessons identified.

Dataminr Inc. – London

Cyber Threat and Security Analyst

January 2018 – May 2019

Dataminr is a global real-time information discovery company. Its solutions for Corporate Security, Finance, the Public Sector, News, and PR/Communications are relied on 24/7 by thousands of clients in over 70 countries.

Member of a team responsible for the Public Sector product providing cyber threat intelligence from a variety of publicly available data sources.
Assisted in researching and implementing new data sets including monitoring the dark web.
Improved algorithms and alerting related to cybersecurity, electronic warfare, geopolitics, military assets, and conflict zones.
Oversaw, developed and deployed solutions of long-term project to improve the Dataminr product for Naval clients. The project married ML and human analysis resulting in a 200% increase in volume of information sent to clients.
Consistently analyzed highest volume of information on the team while managing time-sensitive information, competing client priorities and data inputs in a fast paced, energetic work environment.

GardaWorld International – Baghdad, Iraq

Risk Analysis Consultant

March 2017 – December 2017

GardaWorld is a leading provider of business solutions providing cutting edge security services including consulting, risk assessments, analysis and business intelligence.

Risk and business continuity consultant embedded in Iraq representing a variety of clients including multinational companies, governments and non-governmental organizations.
Excelled in understanding each client's varying problems, helped find solutions and mitigate impacts to operations while maintaining the highest standards with respect to differing client cultures, risk tolerances and sensitivities.

Olive Group & Restrata (subsidiary) – Middle East

Risk Analysis Manager & Intelligence Consultant

April 2012 – March 2017

Restrata is a global security solutions provider including security consultancy & design, risk management, systems integration, vehicle & personnel tracking and business operations consulting. Olive Group was the parent company.

Manager of a five-person client-facing team advising commercial entities, including major international oil companies, on operations in dangerous and challenging environments.
With Olive Group, was an intelligence officer reporting on insurgent operations in Iraq and the potential impact on the US Army Corps of Engineers reconstruction effort.

UK Armed Forces – Royal Marines Commando

Intelligence & Security Analyst/Manager

March 2003 – April 2012

The Royal Marines are the amphibious troops of the Royal Navy, acknowledged as one of the world's elite commando forces, with one of the longest and most challenging basic training courses in the world to earn the Green Beret.

Intelligence specialist and InfoSec manager within a variety of units.
Completed two arduous tours of Afghanistan and one with Australian forces in East Timor.
Served as chief analyst for the EU Horn of Africa counter-piracy mission.

Education & Training

Certifications & Courses: