Derrick Coston
Derrick Coston , Information Security Consultant. I am a results-driven information technology (IT) professional with current strengths in compliance, security and auditing. I have designed, developed, and implemented information technology solutions for many organizations using industry recognized standards including BS7799/ISO 27001:2005 and NIST 800 series and FISMA. I have drafted and obtained board of director approval for information security policies and implemented procedures based on the policies. Additionally, I have developed a risk-based approach to managing network infrastructures which comply with Federal Legislation including the Health Insurance Portability and Accountability Act (HIPAA), Gramm, Leach, Bliley Act (GLBA), and the Sarbanes- Oxley Act (SOX). I have assisted financial institutions with their with compliance IT examinations by conducting pre-exam audits, penetration and vulnerability testing, document reviews, and process updates with emphasis in vendo...