Terry Mason
Details
English
State University of New York at Oswego
• Provide and tailor policies, standards, and plans for security program development projects
• Support cyber remediation efforts after business risk management and security risk assessment activities
• Provide guidance for enterprise technical planning in support of business strategy and process management
2022 : Present
Collaborative Cyber LLC
Cybersecurity Risk Consultant
• Provided guidance on security programs, policies, and plans to ensure compliance with relevant laws, regulations (e.g., FFIEC, NYDFS, SEC, NFA), and key areas of security risk
• Developed communications plans, policies, and strategic roadmaps for security incident response, cyber tabletop exercises, service-provider risk reviews, and security control implementation
• Delivered business risk-management services such as portfolio company security control assessments and incident response program-maturity evaluations
• Evaluated industry-leading GRC and risk management technical solutions in support of client compliance and regulatory initiatives and security technical objectives
2021 : 2022
HKA
Director in Cyber Risk Services
• Managed delivery of cyber risk management programs, and supporting governance practices, for hedge funds and private equity firms in $7MM North American Cyber Risk practice
• Supported business strategy for PE firms with both technical and “red flag” risk assessments for security program expectations for portfolio companies
• Transformed legacy cyber risk service offering for 50+ hedge funds from compliance-focused model to practitioner-guided, risk-based model following the acquisition of Kroll in 2018. Retained 70% of firms after raising fees 100-150%.
• Co-developed service-provider risk management and assessment platform to support stakeholders in managing security of third-party data stewards
• Ran cybersecurity and technology risk assessments, leveraging NIST and CIS frameworks, aligned to regulations and guidelines from the SEC, FFIEC, NYDFS, and NFA
2018 : 2021
Kroll
Vice President in Cyber Risk Services
• Managed cybersecurity program development, oversight, and stakeholder communications for $65BN AUM multi-strategy hedge fund
• Led Cyber Risk Committee meetings with senior leadership, and drove ongoing security remediation projects
• Led technical cybersecurity risk assessments; created strategic operational plans to remediate findings in partnership with lines of business
• Served as Senior Project Manager for enterprise PMO office for strategic Back Office technology projects to ensure appropriate stakeholder communications and technology team effectiveness
• Evaluated technical security risk-management solutions for data loss prevention (DLP), endpoint detection and response (EDR), security information and event management (SIEM), and mobile threat defense
• Developed and implemented technology platform to assess data risk management and enterprise security practices of the firm’s third-party service providers, with $1MM budget
• Executed business-audit processes for technology systems related to data risk management, regulatory compliance, and technology governance (e.g., SEC mock audits, market data audits, and accounting audits)
• Implemented enterprise plan to ensure resilient data access, and data survivability, for advanced disaster recovery (DR) and business continuity plan (BCP) initiative
2014 : 2018
Elliott Management Corporation
Head of Cybersecurity and Senior PMO Manager
• Developed Cyber Incident Response Plan and led biannual tabletop exercises, lessons-learned sessions, and strategic IR process and program improvements
• Implemented physical security and privacy control systems as part of $50MM build-out of 125,000 sq. ft. of AAA office space in midtown Manhattan
• Managed regulatory assessment of the global enterprise data environment, including service providers, for PII data; implemented required technical, administrative, contractual, and procedural controls
• Led technical security risk assessments against SEC and NFA business regulatory guidelines for cybersecurity protections for customer data and funds
• Managed $2MM build-out budget, and coordinated RTO/RPO improvements, for high-security datacenter site
2008 : 2014
Elliott Investment Management L.P.
Head of IT Strategy
Skills
Budgetary Oversight, Business Analysis, Business Intelligence, Cisco Technologies, Cybersecurity Assessments, Data Center, Enterprise Architecture, Finance, Hardware, Hedge Funds, Help Desk Support, Incident Response Plans, Information Technology, Infrastructure, Integrated Marketing, Investments, IT Risk Management, Marketing, Networking, Operational Evaluations, Policy Writing, Process Implementation, Program Management, Project Management, Publishing, Regulatory Compliance, Risk Mitigation Strategies, Servers, SQL, Strategy, Technology Governance, Testing Processes, Third-Party Vendor Management, Trading, Training, VPN
About
PROFESSIONAL... Cybersecurity Director • Senior PMO Manager • Technology Risk • Policy and Governance • Due Diligence • Regulatory Alignment • IT Strategy • Mitigating Business Risk
PASSIONS... Planners and Planning • Reducing Discord and Division • Structure, Priorities, Focus, ADHD Strategies • Self Awareness, Presence, Intuition • Individual Journeys, Living in Alignment • Good Health • Mastering the Day-to-Day • Enduring, Non-Disposable Solutions • Inclusion and Accessibility • Authenticity • Friends & Family Time
INTERESTS... Music • Creative Writing • Humor • Exercise • Hot Yoga • Presence • Nature, Meteorology, Physics, Origins • Systems, Methods, Models, Tools • Efficiency and Effectiveness
Profile Photo
