#1
What I'm doing
I build and operate secure, production-grade platforms — Kubernetes, cloud, and the automation and guardrails that keep them reliable. I also run humble-jungle.com — a live private cloud, as public proof of work. I’m also on the team at Lokey, an open-source, EU-hosted True Randomness-as-a-Service project (DevOps & integrations).
Kubernetes Platforms
I build and operate secure Kubernetes platforms — not just deploy apps to them. EKS, K3s and RKE2/Rancher across AWS, Hetzner and OpenStack: ingress and the Gateway API, Helm, autoscaling, and zero-downtime and blue/green rollouts on platforms teams can actually ship on.
Infrastructure as Code & GitOps
Everything as code. Terraform and OpenTofu with reusable modules, Ansible, and disciplined drift control. Git is the source of truth: Argo CD reconciles infrastructure and application state, while CI (GitLab, GitHub Actions) builds, tests and scans every artifact on the way to production.
Observability & SRE
Production feedback loops, not just dashboards. Prometheus, Grafana, Loki and ELK/OpenSearch with meaningful alerting, runbooks and SLOs — plus the incident response and reliability work that keeps customer-facing systems stable around the clock.
Security & Compliance
Secure-by-default platforms. Identity and secrets (Vault, IAM, KMS, OIDC/Keycloak), policy-as-code (OPA), hardened nodes (CIS benchmarks, SELinux/AppArmor), scanned images and supply-chain integrity (Trivy, SBOM, Harbor), and full audit trails — built for regulated, GDPR / FINMA-style environments.
#2
Technologies & Tools
I've Mastered
…throughout my diverse IT career and educational journey.
Authentication Protocols
• 2FA
• Kerberos over TLS
• LDAPS
• Legacy (PAP, CHAP, MS-CHAP, MSNT)
• Radius
• RSA-ACE SecurID
Automation / CI-CD / GitOps
• Terraform · OpenTofu • Ansible • Argo CD (GitOps) • GitLab CI · GitHub Actions · Bitbucket Pipelines • Jenkins • AWS CDK (Python) • Harbor · AWS ECR
Containers & Kubernetes
• Kubernetes (EKS · K3s · RKE2 / Rancher) • Gateway API · NGINX Ingress / Plus • Helm · Argo CD • Cilium / Calico • Docker (ECS · Fargate) • autoscaling, blue/green, zero-downtime
Databases
• PostgreSQL · MySQL • AWS RDS (Aurora) · DynamoDB • Redis · ClickHouse • Cassandra / DataStax • MS SQL Server
Linux
• Arch Linux
• Alpine Linux (Docker)
• Amazon Linux / Cent OS / Red Hat Enterprise Server
• Debian / Ubuntu / Trisquel
• Kali Linux
• Qubes OS
Messaging/Streaming
• AWS: ActiveMQ, Kinesis, SQS
• Kafka
• RabbitMQ
Observability / Log Processing
• Prometheus · Grafana • Loki · ELK / OpenSearch • AWS CloudWatch · Config · Security Hub • Nagios · New Relic • alerting, runbooks, SLOs
Network
• Dynamic Routing (OSPF, RIP, BGP)
• IEEE 802.x Common Standards (Link Aggregation, VLAN, etc.)
• Planning of Network Infrastructure
• SIP
• Subnetting, VLAN, Switch Configuration, Routing
Programming and Scripting Languages
• Bash
• HTML/CSS
• Java*
• JavaScript
• JSON, XML, YAML
• Pascal*
• PHP*
• Python
• SQL
*not active anymore since a while
Storage
• AWS: S3 · EFS · FSx • MinIO (S3-compatible) • NFS · SMB · iSCSI
Security / DevSecOps
• Vault · AWS IAM · KMS • OIDC / Keycloak · SSO • OPA (policy as code) • Trivy · SBOM · Harbor (image supply chain) • CIS benchmarks · SELinux · AppArmor • AWS: CloudTrail · GuardDuty · Inspector · Macie · Shield • PKI / TLS · GPG · LUKS / TPM • GDPR / FINMA-style compliance
VPN Protocols
• IPSec IKEv1, IKEv2 (C2S, S2S, Xauth, CA, etc.)
• L2TP/IPSec
• TINA
Webservers/Application Server
• Apache HTTP Server, Tomcat
• IIS
• NGINX
• JBOSS / WildFly
Detail-oriented IT professional with overall 16 years experience
#3
Experience
Six years of experience in a Firewall and Network Security, seven years in DevOps and Cloud Engineering, two years in IT-Services and Web-Development.
Professional career
A high-level overview of my IT career,
tracing its beginnings in 2010 to the present.
Technical Support Agent
Barracuda Networks AG
1st – 3rd Level-Support of customers worldwide.
Network analysis and troubleshooting.
Processing of complex support requests.
Solved over 2200 Technical Support Cases.
Software QA Engineer
Barracuda Networks AG
Plan, design, create and execute white-box, black-box and integration test scripts and test plans.
Run acceptance tests, verify defects and imbalances reported by outside groups, and validate bug fixes.
Self-employed
Crea Dupe e.U.
Filmproduction.
Self-employed
B.START e.U.
Film & Animation Video Production.
IT-Services (Infrastructure, Networking, O365 Rollouts).
Web development (Full-stack, JS, PHP, Wordpress plugin development).
Infrastructure & Communication Specialist
SWARCO AG
IT-Infrastructure Projects coordination and steering, ensuring stable operation in the data-center.
Administration of MS Sharepoint, MS WSUS and Norton AV Enterprise.
Lead Cloud Engineer
INNIO Jenbacher GmbH & CO OG
Design, maintain and enhance the infrastructure including the security layers for a scaled and highly available cloud-based IoT platform hosted on Amazon Web Services (AWS) using cutting edge infrastructure-as-code software tools.
Define monitoring alarms and standard-operating procedures (counter measures).
Lead continuous improvements on cloud infrastructure and monitoring system.
Operate cloud infrastructure as a Level 3 support engineer, guide the 24/7 Level 1 and Level 2 support teams.
Lead the research and evaluation of market trends in cloud technologies to shape the technology roadmap.
DevOps Cloud Engineer
Ventx GmbH
CI / CD implementations.
Creation of infrastructure as code.
Consulting of projects in the field of IT infrastructure.
Senior Site Reliability Engineer
Inventx AG
Site reliability engineering for a leading Swiss IT provider to the banking and insurance sector.
Kept business-critical banking applications stable and performant around the clock.
Infrastructure automation with Ansible; observability, dashboards and alerting with Grafana on Linux.
DevOps / Platform Engineer · System Architect · Security Analyst
clavis IT ag
Multiple concurrent client projects across three hats: platform engineering, system architecture and security.
Kubernetes platforms and GitOps delivery, applied-AI systems, and security analysis & hardening across the stack.
Architecting and operating cloud and on-premise environments end to end.
