Divya Rani — DevOps Engineer

Senior Vulnerability/Exposure Management Engineer | RBVM | Cloud Security (Qualys , Tenable ,Wiz, Microsoft Defender for Cloud & AWS security Hub) | Risk Mitigation Specialist I don’t just find vulnerabilities; I partner with organizations to solve them. With over 10 years of experience across Infrastructure, Cloud, and Application Security, I specialize in transforming high-volume security "noise" into actionable risk reduction. I bridge the gap between scanning and actual remediation by providing technical teams with the specific context, tooling, and urgency required to harden the environment effectively. My expertise lies in building Risk-Based Vulnerability Management (RBVM) programs. I have a proven track record of managing the end-to-end vulnerability lifecycle—from asset discovery and agent deployment to Patch Tuesday orchestration and CISA KEV alignment—ensuring that security is a continuous process rather than a point-in-time check. Key Areas of Impact • Cloud & Hybrid Security • Web Application Security (WAS): Proactively identifying vulnerabilities in public-facing and internal applications. I utilize Qualys WAS and OWASP Top 10 frameworks to detect and mitigate risks like SQLi, XSS, and broken authentication before they are exploited. • Strategic Prioritization: Moving beyond "CVSS 7+" by utilizing threat intelligence and SSVC/EPSS scoring to focus resources on the vulnerabilities that pose the highest actual risk to the business. • Stakeholder Alignment & MTTR: Collaborating directly with IT and Engineering teams to streamline patching workflows, reduce Mean Time to Remediate (MTTR), and manage security exceptions. • Compliance & Governance: Driving PCI-DSS and policy compliance through automated auditing and rigorous zero-day response protocols. Technical Toolkit • Vulnerability Management: Wiz, Qualys (VMDR/WAS/PC), Tenable.io • Application Security: Web Application Scanning (WAS), OWASP Top 10. • Frameworks & Intelligence: RBVM, NIST, CISA KEV, SSVC, EPSS. • Response & Operations: Zero-Day Incident Coordination, Patch Tuesday Orchestration, GSOC Recommendations, Email Security/Phishing Analysis. I thrive on building real-time dashboards that provide visibility to leadership while providing "boots on the ground" technical support to the teams doing the remediation. CERTIFICATIONS Certified with CompTIA security A+ from Pearson VUE Certified Ethical Hacker (CEH) from EC council. QUALYS Vulnerability Management Specialist certified.

Stackforce AI infers this person is a Cloud Security and Vulnerability Management expert with a focus on enterprise risk reduction.

Location: Abu Dhabi, United Arab Emirates

Experience: 9 yrs 6 mos