# Ibraheem Uthman > Software and security engineer in Abuja, Nigeria. Full-stack engineering, DevSecOps, detection engineering, and cloud security. Ibraheem Uthman is a software & security engineer based in Abuja, Nigeria. He builds full-stack systems, secure APIs, and detection pipelines. Primary contact: hello@ibraheemuthman.com. ## Identity - Name: Ibraheem Uthman - Role: Software & Security Engineer - Location: Abuja, Nigeria - Email: hello@ibraheemuthman.com - Website: https://www.ibraheemuthman.com - Portrait: https://www.ibraheemuthman.com/images/ibraheem-uthman-og.jpg ## Main pages - [Home](https://www.ibraheemuthman.com/): Home — software and security engineering portfolio - [About](https://www.ibraheemuthman.com/about): Background, experience, principles, and how I work - [Services](https://www.ibraheemuthman.com/services): Full-stack engineering, API design, DevSecOps, detection engineering, cloud security, penetration testing - [Project](https://www.ibraheemuthman.com/project): Selected projects in software, fintech, literary publishing, and security - [Blog](https://www.ibraheemuthman.com/blog): Writing on payments, CI/CD, detection engineering, failure modeling, and system design - [Contact](https://www.ibraheemuthman.com/contact): Get in touch for engineering or security work ## Projects - [SUBMIRAN](https://www.ibraheemuthman.com/project/submiran): A literary submission platform for magazines, presses, and writers. Reading periods, blind review, and clear responses in one place. - [ARGON](https://www.ibraheemuthman.com/project/argon-intelligence): A multi-platform intelligence stack for Argon Analytics: public presence, institutional client portal, and internal operations admin. - [THE MAAR REVIEW](https://www.ibraheemuthman.com/project/the-maar-review): A digital literary journal for poetry, fiction, visual art, and non-fiction. Spotlight features, issue archives, and open submissions in one reading experience. - [SECURE CI/CD](https://www.ibraheemuthman.com/project/secure-cicd-pipeline): A pipeline that runs SAST, container scans, and secret detection on every merge without blocking velocity. - [MINI SOC LAB](https://www.ibraheemuthman.com/project/security-monitoring-lab): An enterprise security monitoring lab with Wazuh, Elastic, and Suricata for detection engineering practice. - [AWS ASSESSMENT](https://www.ibraheemuthman.com/project/aws-cloud-assessment): A cloud security assessment covering GuardDuty, CloudTrail, and IAM hardening across production accounts. ## Blog - [MODEL FAILURE BEFORE HAPPY PATH](https://www.ibraheemuthman.com/blog/model-failure-before-happy-path): Why I sketch outage scenarios and permission leaks before writing the first endpoint in a new system. - [WHY IDEMPOTENCY MATTERS IN PAYMENTS](https://www.ibraheemuthman.com/blog/why-idempotency-matters-in-payments): Duplicate webhooks and retry storms are normal in fintech. Here is how idempotency keys keep money from moving twice. - [BUILDING A DETECTION PRACTICE](https://www.ibraheemuthman.com/blog/building-detection-engineering-practice): How I structure detection engineering mentorship so practitioners ship their first rule within a week. - [SECURE CI/CD WITHOUT DRAG](https://www.ibraheemuthman.com/blog/secure-cicd-without-slowing-teams): How to run Semgrep, Trivy, and Gitleaks on every merge while keeping deploy cycles under fifteen minutes. ## Social profiles - GitHub: https://github.com/ib-uth - LinkedIn: https://linkedin.com/in/ibraheem-uthman - Twitter/X: https://x.com/IbraheemUthman_ - Instagram: https://instagram.com/i.uthmaan ## Optional - [Sitemap](https://www.ibraheemuthman.com/sitemap.xml): machine-readable list of all public URLs - [Humans.txt](https://www.ibraheemuthman.com/humans.txt): site credits and contact - [Security.txt](https://www.ibraheemuthman.com/.well-known/security.txt): security contact information