SAMUEL
UMAR
I build the web.
I protect it too.
I protect it too.
WEB DEVELOPER · APPSEC ENGINEER
7 YRS CRAFTING · 7 YRS SECURING
7 YRS CRAFTING · 7 YRS SECURING
SU
FOLIO
WHO I AM
GET IN TOUCH
MY WORK
HOME
S
— 01 / ABOUT
Builder.
Protector.
Creator.
Protector.
Creator.
I'm Samuel Umar — a web developer and application security engineer with 7 years on both sides of the stack. I build polished, high-performance websites and secure them against real-world threats. Every site I ship, I also harden.
My AppSec work is grounded in the OWASP Top 10 — from hands-on vulnerability simulations to full security audits. The rare combination of builder and protector means clients get sites that are beautiful and bulletproof.
My AppSec work is grounded in the OWASP Top 10 — from hands-on vulnerability simulations to full security audits. The rare combination of builder and protector means clients get sites that are beautiful and bulletproof.
HTML / CSS / JS
REACT / NODE.JS
OWASP TOP 10
PEN TESTING
UI / UX · FIGMA
7+
YRS WEB DEV
7+
YRS APPSEC
100%
BUILT & SECURED
01
City Church Alpharetta ↗
Full church website for a welcoming North Atlanta community. Live streaming, events, app integration — a complete digital home for the congregation.
02
OWASP Secure Platform ↗
Full-stack educational web app — interactive tools for learning, demoing and quizzing on the OWASP Top 10 vulnerabilities.
03
This Portfolio
A horizontal-scroll, animated orbit portfolio — designed from scratch to be as distinctive as the work inside it. Built and secured, end to end.
04
OWASP Secure — AppSec Engine ↗
Real-world vulnerability simulations covering the OWASP Top 10. Hands-on demos, quizzes, and structured learning paths for security professionals.
05
Penetration Testing
Full pen testing and vulnerability assessments for client web platforms. Identifying and patching OWASP Top 10 vulnerabilities before they become breaches.
06
Secure-by-Design Builds
Every site I deliver is hardened from day one — secure headers, input validation, auth best practices, and OWASP-aligned threat modelling built in, not bolted on.
LET'S
BUILD.
BUILD.
— 03 / CONTACT
Let's build
something.
something.
Need a website, a security audit, or a build that's both? 7 years on each side of the stack.
AVAILABLE FOR WORK
Open to freelance projects, full-time roles, and security consulting. Based in Atlanta, GA — working globally.
SPECIALTIES
01Custom website design & development
02Web application security audits
03OWASP Top 10 vulnerability assessment
04Secure-by-design full-stack builds
05Penetration testing & hardening