Manohar Vijai
Vulnerability Management Specialist
About
Results-driven Vulnerability Management Specialist with 5+ years of experience securing enterprise environments across on-premises and cloud infrastructures. Proven expertise in managing the full vulnerability lifecycle—discovery, assessment, prioritization, remediation, validation, and reporting—using tools like Qualys VMDR, Nessus, Splunk, and ServiceNow. Performed web application vulnerability validation using Burp Suite, identifying issues such as XSS, SQL injection, and authentication weaknesses before coordinating remediation with application teams. Demonstrated success in achieving >95% SLA compliance, supporting ISO 27001, PCI-DSS, and HIPAA audits, and mitigating risk through strategic prioritization (CVSS, EPSS, CISA KEV). Skilled in responding to zero-day threats, implementing compensating controls for legacy/EOL systems, and delivering executive dashboards, SLA breach trackers, and audit-ready evidence packs.
Skills & Expertise (26)
Work Experience
Vulnerability Management Specialist
HTC GLOBAL SERVICES PVT LTD
Oct 2024 - Present
Managed vulnerability lifecycle across 200+ servers & 800+ endpoints with Qualys VMDR. Performed weekly external and monthly internal scans using Qualys VMDR (authenticated, unauthenticated, patch validation, compliance.) Prioritized vulnerabilities using CVSS, EPSS, CISA KEV, and asset criticality, achieved >95% SLA compliance. Coordinated emergency patching & CAB change requests for zero-day vulnerabilities. Validated web application vulnerabilities using Burp Suite, testing for OWASP Top 10 issues such as XSS, SQL Injection, and authentication flaws. Reduced false positives by 30% through QID suppression & manual verification. Delivered monthly and quarterly executive dashboards to CISO and GRC teams, highlighting SLA trends, remediation progress, and exception status to drive informed risk decisions and compliance alignment. Implemented vulnerability workarounds and compensating controls including firewall ACLs, WAF rules, and SIEM detection rules for legacy and end-of-life systems to mitigate risk and maintain compliance. Acted as SME during audits, providing evidence for patch compliance, risk acceptance, and exception handling.
Security Engineer
Publicis Sapient Pvt Ltd
Aug 2024 - Oct 2024
Perform vulnerability assessments using tools such as Tenable Nessus and analyse scan results. Validate vulnerabilities, remove false positives, and prioritize risks using CVSS and exploitability factors. Support SecOps and Incident Response teams by correlating vulnerabilities with security events.
Application Support Engineer
VIPRA INFOTECH PVT LTD
Aug 2019 - Jul 2024
Assisted in Nessus & OpenVAS scans, supporting PCI-DSS compliance reporting. Tracked remediation progress via tickets and followed up with IT teams. Documented CIS baseline configurations for Windows & Linux systems. Provided L1/L2 server support, escalating unresolved security issues to the VM team.
Education
B.Sc. Information Technology - Sabarmati University
2012 - · Afghanistan
Certifications
No certifications added yet
Interested in this developer?
Profile Score Breakdown
Profile Overview
Availability Details
Visa Status
Citizen
Relocation
Open to Relocation
Skills (26)
Click a skill to find developers with the same skill
Similar Profiles
Siddh Patel
Vulnerability Assessment and Penetration Testing (VAPT) professional
Tamilselvan S
Ethical Hacker / Penetration Tester (Pen Tester) / Offensive Security Specialist / Vulnerability Assessment & Penetration Tester (VAPT Engineer)
Ali Anas
Vulnerability Assessor / Penetration Tester
Sofia Dhingra
Vulnerability Management Analyst