Derrick Coston

Cybersecurity professional with extensive expertise in third-party risk management, governance, risk, and compliance (GRC), and implementing IT solutions aligned with ISO/IEC 27001:2022, NIST Cybersecurity Framework (CSF), and Risk Management Framework (RMF). Proven leader in developing and enhancing security frameworks, managing vulnerabilities, and optimizing risk management dashboards for improved visibility and proactive risk mitigation. I have performed over 800 third-party assessments globally, ensuring compliance with evolving standards and mitigating risks for financial service providers.

As an ISC² and ISACA-certified instructor, I have successfully trained hundreds of professionals to achieve industry-recognized certifications, including CISSP, CISA, CRISC, and GIAC. My expertise extends to integrating security practices into engineering operations, mentoring teams, and cultivating security-aware cultures to safeguard critical information assets. Skilled in designing and implementing technical controls, I have led initiatives in vulnerability management, secure server configuration, and compliance audits to align cybersecurity strategies with organizational objectives.

With experience auditing data centers in accordance with TIA-942 and Uptime Tiering Standards, I have also led Help Desk and Network Operations Centers in regional data centers, ensuring operational excellence and adherence to best practices. Main certifications include CISSP, CISA, CRISC, and GIAC, reflecting a strong foundation in cybersecurity management, risk assessment, and compliance.

Known for strong communication skills, a collaborative approach, and a commitment to exceptional customer service, I thrive in dynamic, high-stakes environments. My efforts consistently deliver high-impact results, driving innovation and elevating security practices to ensure the confidentiality, integrity, and availability of digital systems.