Nicole Mariane Arias Barrantes
Security Engineer
San José
Summary
Cybersecurity Engineer specialized in Application Security, with experience in penetration testing, and vulnerability assessment. Skilled in identifying, analyzing, and mitigating security risks throughout the software development lifecycle (SDLC). Strong focus on threat research, development of technical documentation, and implementation of security policies and procedures. Proven ability to conduct security audits, perform code reviews, execute dynamic and static testing (DAST/SAST), and collaborate with development teams to enhance application security posture.
Overview
11
11
years of professional experience
2012
2012
years of post-secondary education
2
2
Languages
Work History
Senior Application Security Engineer Fortify DAST
OpenText (Formerly Micro Focus)
10.2018 - 04.2025
- Achieved Top Performance in 2023 for the Dynamic Security Team Americas, which includes engineers from the United States and Costa Rica.
- Participate in the vulnerability management process by identifying, evaluating, and reporting vulnerabilities on customer websites, applications and API.
- Knowledge of security standards: OWASP, PCI-DSS, NIST, ISO/IEC 27001.
- Proficiency with vulnerability scanning and management tools like Fortify WebInspect, Fortify SSC and Fortify SCA.
- Understanding programming codes such as Python, JavaScript, Java, HTML.
- Performed web application security quality reviews and audits focused on identifying false negatives and validating true positives in threat detection.
- Perform remediation reviews to confirm that identified vulnerabilities have been effectively mitigated by checking evidence and performing new technical verification to ensure changes comply with security standards.
- Conduct manual penetration testing, specializing in identifying threats in processes such as authentication, session management, business logic, input validation, and access control.
- Work with security tools like NMAP, BURP Suite, Sslyze, SQLmap, Postman and others.
- Develop documentation and reports, including descriptions of identified vulnerabilities, supporting evidence, and reproduction steps for each vulnerability, along with proof of concept.
- Provide remediation guidance with business impact to facilitate efficient resolutions for our customers.
- Create internal documentation for the team detailing vulnerabilities, reproduction steps, labs, examples, and more.
- As the Costa Rica team leader, empower other testers to achieve high-level vulnerability testing and serve as a mentor and coach for new security engineer hires.
Fortify Security Support Engineer
Hewlett Packard Enterprise
10.2014 - 10.2018
- I handled and resolved technical issues in the Fortify Suite (SCA, SCC, SAST, DAST Web Inspect) for Level 1 and Level 2 engineers, including troubleshooting and plugins configuration.
- I performed vulnerability scans with the tenant, helped identify and classify vulnerabilities, and provided recommendations for remediation.
- I mentored and trained new hires and created technical documentation.
- I was involved in the tenant patching process, as well as servers' application upgrades and related issues.
- I also reported enhancement requests and defects to the Fortify R&D team.
Education
Bachelor's degree - Telematic Engineering
Universidad Latina De Costa Rica
01-2012
Post grade, licentiate degree - Information Technology Administration and Management
Universidad Latina de Costa Rica
Skills
- Vulnerability assessment
- Proactive vulnerability identification
- Web application security review
- Compliance audit
Certifications And Courses
- Certificate Ethical Hacker, EC Council, San José, San José, ECC7624158309, Active
- Penetration Tester Professional Course, EC Council, 08/01/22
- Python Programming Course, University of Costa Rica, 01/01/25
Timeline
Senior Application Security Engineer Fortify DAST
OpenText (Formerly Micro Focus)
10.2018 - 04.2025
Fortify Security Support Engineer
Hewlett Packard Enterprise
10.2014 - 10.2018
Post grade, licentiate degree - Information Technology Administration and Management
Universidad Latina de Costa Rica
Bachelor's degree - Telematic Engineering
Universidad Latina De Costa Rica
Similar Profiles
Lokesh BhasinLokesh Bhasin
Customer Success Manager at Micro FocusCustomer Success Manager at Micro Focus
Faskal JamesFaskal James
Sales Operations Analyst at Rocekt Software / Opentext / Micro FocusSales Operations Analyst at Rocekt Software / Opentext / Micro Focus
Jalila SakaanJalila Sakaan
Regional sales manager at Micro Focus (OpenText)Regional sales manager at Micro Focus (OpenText)