Software Engineer · Application Security & AI Systems

David
Builds & Breaks

Full-Stack Engineer moving into Application Security. Shipping web systems with security as a design input, not an afterthought.

Explore my journey GitHub

Career

Experience

2026

Materiales La Bodega

Full Stack Engineer

Mar 2026 - Apr 2026

Owned and scaled a production retail platform for a hardware business, processing ~$1.5M COP/day in transactions across e-commerce and physical store operations.

NextJSPostgreSQLPrismaSupabaseTailwindZustand

2025

Tambora

Front End Developer

Jul 2025 - Sep 2025

Migrated business critical legacy modules from jQuery to React, achieving a 40% reduction in bundle size and decreasing technical debt by consolidating logic into a modular, Atomic Design component library.

ReactAzureTypeScriptTailwind

2024

Started my engineering journey

Web Developer

Feb 2024

Begun my journey in web development pursuing a degree in Computer Science, learning fundamental concepts and technologies to build modern applications.

JavaScriptReactSQL

About

Who I am

David portrait

I'm a Full-Stack Engineer from Pereira, Colombia, focused on Application Security and the reliability of modern web systems. I build end-to-end, React and Next.js on the front, Node, TypeScript, and PostgreSQL on the back, with attention on the layer where working code becomes a security risk.

I approach development with a security-first mindset: threat modeling features before they ship, using the OWASP Top 10 as a baseline, and validating systems through offensive testing. I actively train on platforms like TryHackMe and PortSwigger Web Security Academy to understand how real attacks work and how to prevent them.

I'm particularly interested in securing AI-integrated applications as they introduce new attack surfaces beyond traditional web security.

Open to Software Engineer and junior Application Security roles — remote or relocation to Germany or the US. English C1, German A1 and improving.

Pereira, Colombia
2023 Building since
AppSec Focus area
EN / DE C1 / B1
EU · US Open to relocate

Expertise

Skills

AI & Agents

Claude APIOpenAIGeminiAI AgentsMulti-agent OrchestrationAgentic SystemsMCP ServersRAGLLM IntegrationSSE StreamingTool-use PatternsHugging FaceVector EmbeddingsPrompt EngineeringFine-tuning

Backend

Node.jsNestJSTypeORMEvent-Driven ArchitectureMicroservicesRESTful APIsWebSocket

Frontend

ReactNext.jsAstroReduxRedux ToolkitRTK QueryTailwindCSSFramer MotionThree.jsFlutter

Databases

PostgreSQLMySQLRedis

DevOps & Cloud

DockerAzureAWSCI/CDNginxDigitalOceanVercel

Languages

TypeScriptPythonSQLC#C++

APIs & Tools

StripeGitGitHubPrisman8nPostmanSwaggerLinux

Work

Projects

PairCode AI

AI-driven collaborative coding workspace

Secure real-time collaborative system with verified identity, access control, and hardened communication layer

Next.jsPostgreSQLPrismaWebsockets

MacOS Portfolio

Portfolio site as a MacOS app

Built an interactive portfolio that mimics a real OS experience: macOS-style desktop windows on desktop and iPhone-style full-screen apps on mobile

TypeScriptReactZustandGSAP

Kanby

Kanban app for collaborative work

Collaborative Kanban app where teams can organize work with boards, lists, and drag-and-drop cards.

TypeScriptNext.jsPostgreSQLPrismaSSE

Get in touch

Let's build something

Open to Software Engineer and junior AppSec roles — remote, or relocating to Germany or the US. If you're hiring for security-minded developers, let's talk.

Or reach me directly