• Automate infrastructure configuration and management using Ansible.
• Provision cloud infrastructure leveraging Terraform for efficient automation.
• Led the full migration of legacy applications (windows server base) from on-premises to HetznerCloud.
• Develop and implement comprehensive backup and disaster recovery plans.
• Configure and deploy HashiCorp Vault on HetznerCloud as a centralized secrets management solution.
• Design and implement a complete CI/CD pipeline within Bitbucket.
• Leading team, defining epics, user stories, and milestones.
• Dockerize and migrate a legacy application to Azure AKS (Daimler Truck – consulting).
• Deploy and configure ArgoCD and Kubernetes dashboard on AKS cluster (T-systems – consulting)
• Defined and designed the overall project infrastructure architecture.
• Conducted security assessments and implemented countermeasures for enhanced protection (Daimler Truck – consulting).
• Revamping a legacy CI/CD pipeline shell based into bitbucket pipeline.
• Handling web applications certificate using LetsEncrypt.

• Automate routine tasks using Ansible, Molecule, and Rundeck for improved operational efficiency.
• Implement Redis and configure Redis Sentinel for automatic failover management.
• Monitoring tools implementation: Grafana, Prometheus and Prometheus exporter
• Backup and restore solution using Restic/Resicprofile and AWS S3-bucket.
• Manage hostname resolution with Consul (HashiCorp) as a DNS solution.
• Manage GitHub Actions for automatic deletion of stale branches.
• Leverage Terraform and CloudFormation for provisioning AWS resources.
• Implement and integrate Kafka Avro data consumer, ensuring efficient data storage within databases.
• Deploy and configure Keycloak for Single Sign-On (SSO) functionality.

• Led SWAT operations in high-risk situations, including hostage rescues, armed standoffs, and counter-terrorism missions.
• Developed and implemented tactical plans tailored to specific scenarios, ensuring the safety of hostages, civilians, and law enforcement personnel.
• Conducted specialized training for SWAT team members in firearms proficiency, close-quarters combat, tactical movement, and hostage negotiation.
• Coordinated with local, state, and federal agencies to support joint operations and enhance interagency cooperation.
• Provided expertise and assistance in the planning and execution of high-profile security details for visiting dignitaries, VIPs, and major events.

• Led SWAT operations in high-risk situations, including hostage rescues, armed standoffs, and counter-terrorism missions.
• Developed and implemented tactical plans tailored to specific scenarios, ensuring the safety of hostages, civilians, and law enforcement personnel.
• Conducted specialized training for SWAT team members in firearms proficiency, close-quarters combat, tactical movement, and hostage negotiation.
• Coordinated with local, state, and federal agencies to support joint operations and enhance interagency cooperation.
• Provided expertise and assistance in the planning and execution of high-profile security details for visiting dignitaries, VIPs, and major events.

Redesign and migration of the TIM-VIP application from a desktop to a web application. Responsible for planning and designing the entire infrastructure architecture of the project.

Utilized Harbor as an image registry and Nexus as a binary artifactory, both deployed on Hetzner Cloud, with proper role and permission configurations to enhance security. Implemented CloudBeaver for cloud-based database access.

Containerized the application, developed with Spring Boot and ReactJS, using PostgreSQL as the database. Set up the CI/CD pipeline on Bitbucket. Provisioned instances on Hetzner using Ansible and Terraform.

Setup and commissioning of an operational environment in the TSAC environment. Creation of Kubernetes/Helm charts, setup of the build pipeline, and GIT integration.

Establishment of continuous versioning (GIT, Maven, Container, Image Deploy). Coordination with the customer to request all necessary approvals, permissions, and security objects. Monitoring cloud roadmaps.

Participation in security measures by reviewing and contributing to security countermeasures on the SD Elements platform.

Migration and redesign of the architecture of the on-premise application TV24 to Hetzner Cloud. Complete renovation and reengineering of the architecture, along with the implementation of new security measures.

Deployment of the application on cloud-based Windows servers with secure customer access via the SSH-SFTP protocol. Setup of a VPN connection to protect data traffic and ensure secure remote access. Configuration of a firewall for additional infrastructure security.

Migration and containerization of a native PHP and ReactJS application on AWS. Dockerization of the application and deployment on AWS EKS (Kubernetes).

Implementation of Infrastructure as Code (IaC) using Pulumi/Terraform and setup of CloudFormation for IAM roles and permissions. Establishment of a secure VPN connection for staging and production environments. Integration of Kafka with Avro format for data consumption. Configuration of SSO (Single Sign-On) with Keycloak for centralized authentication.

Setup and commissioning of an operational environment on AWS and Hetzner Cloud. Creation and automation of EC2 instances using Ansible and Molecule. Implementation of Consul (HashiCorp) and Redis Sentinel for service discovery and high availability.

Setup of a backup system for the GitHub organization using Restic and Restic Profile, with backups stored in S3 buckets. Utilization of Hetzner Cloud for the Userlike project.

Setup and commissioning of an operational environment in the TSAC ecosystem. Creation of Kubernetes/Helm charts, setup of the build pipeline, and GIT integration. Establishment of continuous versioning across GIT, Maven, container images, and deployments.

Collaboration with the customer to request all necessary approvals, permissions, and security objects. Monitoring of cloud roadmaps.

Commissioning of the new environment (TSAC), including migration from DHC. Adaptation of the Kubernetes API due to deprecations (the target version no longer supports all previous functions). Refinement of the CI/CD pipeline and introduction of encrypted passwords in GIT using KubeSeal.

Collaboration with the customer to request all necessary approvals, permissions, and security objects. Reverse engineering of the application to determine required Kubernetes configurations. Monitoring of cloud roadmaps.

DevOps and CI/CD for two services to enable high-performance media delivery. A set of REST services can be used by consumers for management. The service is part of a microservice architecture and is deployed on separate Kubernetes clusters in the IBM Cloud and the DHC (customer cloud).

Responsibilities include creating and securing Helm charts and Kubernetes objects, integrating security infrastructure, monitoring/logging, and overseeing cloud roadmaps.

• RPI image creation
• Google Kubernets engine
• Docker.
• Smart energy meter solution (Dashboard MERN).
• Prototyping embedded system.
• Scrum and agile methodology.

• Frontend/ backend developer using Django / Flask.
• Conception of an embedded prototype.
• IoT technology.

Please feel free to check the new section on my website BLOG. Press the link button to go to BLOG.