Security & AppSec Engineer
Securing the software supply chain
I build real security tooling — from supply-chain defense to threat detection — backed by tests, CI, and strict typing.
About

Security & AppSec Engineer | Supply-Chain Security & Threat Detection
Advanced Systems & Software Engineering student (UPB, 7th semester), early-career — I ship real tools.
I'm a 7th-semester Systems & Software Engineering student at UPB (Bucaramanga) who operates at an engineering level rather than a findings level. I build production-grade security tools with tests, CI pipelines, and strict typing — not just reports. My flagship project, SlopGuard, addresses slopsquatting: the emerging attack surface where LLMs suggest non-existent package names and attackers pre-register them with malicious code. The tool runs a 5-layer detection engine with zero runtime dependencies, covering PyPI and npm, with CLI, pre-commit, GitHub Action and self-hostable SaaS frontends. I also have hands-on experience with mobile app hardening, TOTP 2FA, secure storage, and real-time network monitoring. Verified C2 English (EF SET 80/100). Available for remote collaboration.
- johan.rc2020@gmail.com
- GitHub
- CV
- C2 — EF SET 80/100
Featured work
View all projects →Let's work together
I'm open to security & engineering roles, remote-first. Tell me what you're building.
Get in touch →