freiberufler Solutions Architect | Cloud Engineer | IaC Pioneer | DevOps Specialist auf freelance.de

Solutions Architect | Cloud Engineer | IaC Pioneer | DevOps Specialist

offline
  • 115‐145€/Stunde
  • 22848 Norderstedt
  • Nähe des Wohnortes
  • de  |  en
  • 14.03.2023

Kurzvorstellung

Dynamic IT engineer with a focus on infrastructure, passionate about automation, standardization, and extracting the maximum performance of any available resources.

Qualifikationen

  • Cloud (allg.)
  • DevOps
  • Infrastrukturarchitektur
  • Netzwerkarchitektur
  • System Architektur

Projekt‐ & Berufserfahrung

DevOps Consultant
e*Message Deutschland, Hamburg
11/2022 – 1/2023 (3 Monate)
Telekommunikation
Tätigkeitszeitraum

11/2022 – 1/2023

Tätigkeitsbeschreibung

Developed and implemented a log event transmission strategy for non-standard log files, converting the logs into a contemporary format and sending them to Graylog via fluentd and multiline(RegEx), ensuring effective log management and analysis.

Provided guidance to internal staff and collaborated on the development of GROK patterns within Graylog, enabling the mapping of logs processed by fluentd into usable and searchable attributes, facilitating effective log management and analysis.

Established Graylog pipelines that extracted values from message blocks based on regex and mapped them into usable and searchable attributes for developers, facilitating streamlined log management and analysis.

Eingesetzte Qualifikationen

DevOps

Azure Specialist
Berenberg, Hamburg
8/2021 – 3/2022 (8 Monate)
Banken
Tätigkeitszeitraum

8/2021 – 3/2022

Tätigkeitsbeschreibung

Achieved centralized control of the Azure enterprise landing zone by implementing a fully automated blue-green deployment strategy for a Terraform project, utilizing Azure DevOps CI pipelines.

Successfully planned and executed two major migrations of the Terraform module “terraform-azurerm-caf-enterprise-scale” which manages the Enterprise Landing Zone, adapting to the new handling procedures introduced in the latest versions, while also performing cleanup work to ensure the codebase was collaborative and dynamic.

Developed and implemented over 50 Azure Policies based on Berenberg’s regulatory guidelines, including BaFin, ensuring compliance with banking regulations, and enabling governance and compliance in the Azure Cloud through centralized deployment using Terraform.

Eingesetzte Qualifikationen

Cloud (allg.), Microsoft Azure

Cloud Engineer & Consultant
Statista, Hamburg
4/2021 – 3/2023 (2 Jahre)
IT & Entwicklung
Tätigkeitszeitraum

4/2021 – 3/2023

Tätigkeitsbeschreibung

Developed and implemented a versatile Terraform base for all product teams, prioritizing ease of use, flexibility, and multi-environment/region support, resulting in a widely adopted skeleton structure that enhances productivity and efficiency across teams.

Successfully designed, coordinated, and implemented an enterprise network topology on AWS using the HUB-Spoke strategy for centralized account connectivity, leveraging TransitGateway to manage traffic through route tables and firewall, and establishing seamless cross-regional communication among eu-central-1, us-east-1, and ap-southeast-1 with TransitGateway Global-Peering. Streamlined the entire project with Terragrunt for enhanced efficiency, resulting in a well-connected and automated network topology that meets business needs.

Developed and implemented a secure and accessible strategy for product teams to make changes to systems they don’t normally have direct access to, establishing a community organization for firewall, datadog, account management, and other areas with easy-to-use Terraform projects tailored to meet the needs of the teams without requiring a deep understanding of Terraform. Automated the entire process through Github Actions, and ensured every change was reviewed through a pull request by the Platform team, resulting in a streamlined and efficient system that promotes productivity and collaboration.”

Collaborated with the Platform team to identify areas for improvement and provided valuable advisory support in the creation of new organizational processes to enhance collaboration, resulting in a more cohesive team and improved productivity.

Successfully developed and implemented a Terraform project that effectively manages AWS firewall rules, overcoming the challenge of the AWS API’s lack of a process to remove a rule group from the AWS firewall policy before deletion. Developed a detach and attach rule group Terraform module that efficiently performs this task, and established the project as a community initiative, enabling product teams to easily adjust firewall rules through pull requests and reducing reliance on the platform engineering team, resulting in a more efficient workflow and enhanced productivity.

Played a key role in the successful implementation of a centralized logging and monitoring solution at Statista, leading the planning and coordination efforts in collaboration with Datadog to execute a proof-of-value (PoV) project that prioritized key elements such as terraform automation, single sign-on, logging, application performance monitoring, and tagging concepts. As a result of overseeing the PoV project and skillfully integrating the new solution with the entire Statista infrastructure, operational workflows were significantly streamlined, and monitoring capabilities were vastly improved.

Pioneered the development of a robust solution for the centralized provision of vital information required by every terraform or terragrunt project for AWS accounts. Recognizing that the platform team’s terraform/terragrunt projects for deploying the cloud framework required the same information, a comprehensive catalog was created that provides all necessary details such as naming conventions and network CIDR ranges, automatically generated for easy consumption by each terraform/terragrunt project. This solution successfully eliminated the need to manually add critical information to each project as the accounts expand, optimizing the efficiency of the cloud framework deployment process.

Eingesetzte Qualifikationen

Amazon Web Services (AWS), Cloud (allg.)

Azure DevOps Engineer
DAK-Gesundheit, Hamburg
3/2021 – 8/2021 (6 Monate)
Versicherungen
Tätigkeitszeitraum

3/2021 – 8/2021

Tätigkeitsbeschreibung

Provided support to developers in effectively utilizing Azure DevOps and managing access rights, ensuring streamlined project workflows and improved productivity.

Took charge of developing and modifying Azure DevOps Continuous Integration pipelines for applications and Hashicorp Terraform, ensuring reliable and efficient software delivery pipelines.

Collaborated on a joint pair review of Terraform code structure managed in Azure Cloud, providing analytical feedback that improved the quality and efficiency of the codebase.

Diagnosed and resolved Azure API Gateway issues that were causing delays for developers, discovering and reporting a bug that was acknowledged by Azure Support and ultimately fixed.

Eingesetzte Qualifikationen

Cloud (allg.)

Azure Cloud Architect
direkt gruppe GmbH ( Beiersdorf ), Remote
2/2021 – 4/2021 (3 Monate)
IT & Entwicklung
Tätigkeitszeitraum

2/2021 – 4/2021

Tätigkeitsbeschreibung

Conceptualized an enterprise landing zone strategy in Microsoft Azure, enabling centralized control over security, logging, monitoring, access rights, platform, and respective landing zones, while also ensuring seamless integration between them.

Developed and delivered workshops on Infrastructure-as-Code (Hashcorp Terraform), Azure Network Hub-Spoke topology, cross-regional IP address space calculation, and Azure landing zone for employees from the Cloud Competence Center and Network Administration departments at Beiersdorf, facilitating knowledge sharing and skill-building for these critical topics.

Conducted a review of existing cross-regional connections and connected the existing SD-WAN, ensuring seamless and efficient communication across all regions.

Eingesetzte Qualifikationen

Solution Architektur

DevOps Engineer
ACTINEO GmbH, remote
1/2021 – 3/2021 (3 Monate)
Versicherungen
Tätigkeitszeitraum

1/2021 – 3/2021

Tätigkeitsbeschreibung

Planned and implemented a repository for dot.net applications, based on nugget within the Gitlab server, enabling centralized sourcing of dot.net dependencies for various teams and enhancing collaboration and efficiency.

Created Gitlab CI pipelines for the creation of nugget artifacts, automatically storing them in the nugget repository with tests, dependencies, and semantic versioning, streamlining developers’ processes and saving valuable time.

Eingesetzte Qualifikationen

DevOps

DevOps Architect
pockid, Hamburg
11/2020 – 12/2020 (2 Monate)
Finanzdienstleister
Tätigkeitszeitraum

11/2020 – 12/2020

Tätigkeitsbeschreibung

Google Cloud

Eingesetzte Qualifikationen

Infrastrukturarchitektur

DevOps Engineer
Container xChange, Hamburg
8/2020 – 10/2021 (1 Jahr, 3 Monate)
IT & Entwicklung
Tätigkeitszeitraum

8/2020 – 10/2021

Tätigkeitsbeschreibung

Conducted analysis and evaluation of AWS infrastructure and software components to identify areas for cost reduction and potential security risks, implementing strategies to optimize efficiency and security.

Identified and addressed weaknesses in an Elasticsearch cluster, proposing immediate changes to improve stability and ensure data integrity, enhancing the overall performance of the system.

Presented a more efficient AWS cloud architecture by replacing self-hosted services with cloud services and isolating environments with different AWS organizations, resulting in improved scalability and cost savings.

Created guidelines for the use and development of Terraform automation scripts, ensuring consistency and standardization in code development and promoting best practices.

Eingesetzte Qualifikationen

DevOps (allg.)

DevOps Consultant
HegeConsult UG, Hamburg
8/2020 – 8/2020 (1 Monat)
IT & Entwicklung
Tätigkeitszeitraum

8/2020 – 8/2020

Tätigkeitsbeschreibung

Led the planning, conception, and implementation of a hybrid-cloud network solution using Microsoft Azure and Terraform, utilizing Azure resources including Express Route, Route Tables, Firewall Manager, Application Gateway, VPN, and the HUB-SPOKE network topology, resulting in a secure and efficient network architecture.

Designed a secure data traffic solution to manage traffic between the data center, cloud, and public endpoints in a controlled manner, ensuring data privacy and security while optimizing network performance.

Eingesetzte Qualifikationen

Microsoft Azure

Freelance Infrastructur Architect
SkillProjects GmbH, Hamburg
3/2020 – 9/2022 (2 Jahre, 7 Monate)
IT & Entwicklung
Tätigkeitszeitraum

3/2020 – 9/2022

Tätigkeitsbeschreibung

Developed a fully automated data center infrastructure architecture for various web systems using Ansible, optimizing system efficiency and reducing human errors.

Implemented a central monitoring and logging system based on DataDog, enhancing visibility and proactively identifying and addressing issues with custom checks for own developments and setting up notifications at different levels of criticality.

Planned and automated the implementation of patch management for Linux servers, enabling quick installation of security updates across all servers, enhancing security and minimizing vulnerabilities.

Implemented various security concepts to protect web servers against attacks, ensuring data privacy and system security.

Eingesetzte Qualifikationen

DevOps

Infrastructur Architect
SkillProjects GmbH, Hamburg
3/2020 – 9/2022 (2 Jahre, 7 Monate)
IT & Entwicklung
Tätigkeitszeitraum

3/2020 – 9/2022

Tätigkeitsbeschreibung

Developed a fully automated data center infrastructure architecture for various web systems using Ansible, optimizing system efficiency and reducing human errors.

Implemented a central monitoring and logging system based on DataDog, enhancing visibility and proactively identifying and addressing issues with custom checks for own developments and setting up notifications at different levels of criticality.

Planned and automated the implementation of patch management for Linux servers, enabling quick installation of security updates across all servers, enhancing security and minimizing vulnerabilities.

Implemented various security concepts to protect web servers against attacks, ensuring data privacy and system security.

Eingesetzte Qualifikationen

Infrastrukturarchitektur

IT Consultent
Parship Group, Hamburg
2/2020 – 6/2020 (5 Monate)
Dienstleistungsbranche
Tätigkeitszeitraum

2/2020 – 6/2020

Tätigkeitsbeschreibung

Delivered a Proof-of-Concept for Puppet, which enabled the Operations Team to test changes on their local machines before they are pushed to production through Jenkins Pipelines, increasing development velocity and failure tolerance.

Improved the existing Infrastructure as Code solution for Cloudflare, based on Terraform, by redesigning the code architecture to a modular basis, which minimized duplication and allowed reuse of Cloudflare resources. Created a golang program leveraging the Cloudflare API to dump manually created entries, converting them into a format importable into Terraform state files. These changes improved maintainability and usage of the Terraform runtime.

Implemented DNS Zone Forwarding to multiple Environments for services registered in environment-specific Consul clusters, making it possible for developers to use the Consul DNS to browse their environment-specific Services by knowing only the datacenter and service names.

Updated expired Intermediate CA Certificates on all Puppet-managed hosts and added the new certificates to the system and browser truststores in an automated way.

Planned capacity for a future Kubernetes Topology in accordance with the existing services and resources used on hypervisors.

Eingesetzte Qualifikationen

DevOps, IT-Beratung (allg.)

Senior Infrastructure Engineer (Festanstellung)
Deposit Solutions GmbH, Hamburg
11/2016 – 2/2020 (3 Jahre, 4 Monate)
Finanzdienstleister
Tätigkeitszeitraum

11/2016 – 2/2020

Tätigkeitsbeschreibung

Played a key role in the main automation project converting the infrastructure from a mainly manual maintenance state into a completed automated state using Saltstack and GitLab, joining the design sessions and being responsible for a sizeable part of the implementation effort, later taking over the responsibility for being the main driver of automation and testing for any expansions using tools like kitchen and InSpec and respecting a git-flow model, ensuring that a machine park with more than 300 hosts is completely managed through an automated and audited interface.

Successful proof-of-concept of a monitoring solution for MySQL databases based on Prometheus, Grafana, and related exporters. This solution enabled developers to find inconsistencies amongst database schemas and Infrastructure engineers to adjust and enhance the database performance.

Creation of a new segregated environment standard to run the company's applications, covering different roles such as web servers, backend servers, and batch job servers backed by a set of reusable Ansible deployment scripts.

Successful migration of the company hypervisor technology from VMWare to Proxmox, greatly enhancing the automation capabilities of the platform and making it possible to run applications with LXC container technology.

Design and implementation of a new load balancing architecture for dynamic request routing based on consul, consul-template, and nginx. This new architecture enabled central log aggregation,
TLS-secured connections and dynamic routes based on service registration information stored from the Consul service catalog.

Development of a new set of guidelines for service registration and discovery in the company, together with automation systems for Consul and Consul Template management using SaltStack, including enhancements to the core states and modules for Consul.

Rollout of a new Docker Registry based on Gitlab EE together with an S3 backend with controlled access and encryption using in-house certificates. Provided documentation and examples for the internal teams to migrate to the new solution.

Setup of a new test infrastructure based on Gitlab CI and dynamic build workers on AWS governed by auto scaling runners. The solution enabled all teams working in both infrastructure and application development to have an elastic environment for functional and end-to-end testing whilst greatly reducing the need for on-premise testing infrastructure, resulting in significant cost savings. The rollout of the solution included pair sessions with the development teams in order to adapt the solution to be compatible with semantic versioning and the Java build process used in the company.

Successful PoC of infrastructure management on AWS using Terraform and a set of custom scripts, allowing better view on what would be required to migrate all AWS resources to a Terraform-managed setup.

Creation of a team vision and moderation of discussion sessions which enabled the team to map pending work in form of a comprehensive roadmap, which is used to guide the Scrum planing process.

Rollout of Graylog as the default log aggregator within the company, starting with PoC projects all the way to a fully automated setup backed by SaltStack running in the AWS cloud.

Eingesetzte Qualifikationen

DevOps, Serveradministration (allg.), Infrastrukturarchitektur

System Administrator / DevOps (Festanstellung)
Webtrekk GmbH, Berlin
7/2016 – 11/2016 (5 Monate)
Medienbranche
Tätigkeitszeitraum

7/2016 – 11/2016

Tätigkeitsbeschreibung

Improved an existing DataStax Cassandra Cluster through a multi phased process of collecting performance data with prometheus, identifying existing bottlenecks and implementing multiple configuration enhancements, amongst them fixing rack awareness, heap space allocation, number of nodes, data replication level and automation with Ansible. After the changes the amount of running transactions per second was increased in around 400%.

Automated the installation of Apache Kafka brokers by creating custom Debian packages and an Ansible role to install them, improving provisioning time for new clusters.

Deployed a PoC project for Java application tracing based on Dynatrace, enabling development teams to proactively detect performance bottlenecks across services and infrastructure components.

Eingesetzte Qualifikationen

DevOps

System Engineer (Festanstellung)
The ADEX, Hamburg
4/2015 – 4/2016 (1 Jahr, 1 Monat)
IT & Entwicklung
Tätigkeitszeitraum

4/2015 – 4/2016

Tätigkeitsbeschreibung

Planned and migrated a Cloudera cluster from major release version 4 to 5, including an linux upgrade from CentOS 6 to 7 managed by puppet with all new configurations and components (Hadoop HDFS, YARN, HBase, Hive, ZooKeeper, Kafka, Flume, Spark). The existing data was synchronized by homegrown scripts with zero downtime.

Participated in a true DevOps culture in steadily improving YARN. Worked hand in hand with development teams to determine the best resources for the various workloads to achieve the best possible result, obtaining a performance increase of 50%.

Creation of various enrichment scripts for 3rd party data consumed from many data sources saving on-demand changes to Hadoop HDFS.

Participation in the construction of a data enrichment pipeline by means of Kafka brokers and flumes in the process of sequential data processing, storing data of a defined file size limit in a HDFS cluster. The system was able to process 2 million synthetic data messages per second.

Created a python-based data backup and recovery solution for Cassandra database systems emulating 1 automated recovery per month.

Setup a Gitlab CI 8 build pipeline to support development teams in their build and release process.

Eingesetzte Qualifikationen

DevOps, Infrastrukturarchitektur, Netzwerkarchitektur

System Administrator (Festanstellung)
ad pepper media Group, Hamburg
9/2014 – 4/2015 (8 Monate)
Medienbranche
Tätigkeitszeitraum

9/2014 – 4/2015

Tätigkeitsbeschreibung

Migrated workloads running over bare metal to an OnApp KVM based solution with Samba4 acting as a Domain Controller for the environment. Also deployed a unified monitoring and alerting setup for this environment with Nagios.

Implemented a centralized configuration management system with puppet (v3.4) and created custom puppet modules for various infrastructure components (MariaDB, Nagios core, vsftpd, OpenVPN, shorewall, iptables, HAProxy, POSIX users and groups, PowerMTA, ActiveMQ, Apache, MongoDB, sudo, OnApp, NFS, OpenLDAP).

Provided consultancy on performance tuning for MariaDB Galera clusters to subsidiaries of the ad pepper holding.

Performed migration of Microsoft SQL Server clusters to version 2014 from 2005 with the following features: DB-Engine, Analysis Services, Integration Services.

Eingesetzte Qualifikationen

DevOps, Systemadministration (allg.)

System Administrator (Festanstellung)
United Digital Group, Hamburg
10/2013 – 8/2014 (11 Monate)
Medienbranche
Tätigkeitszeitraum

10/2013 – 8/2014

Tätigkeitsbeschreibung

Administration and governance of the entire IT infrastructure including high availability, security, backup on ubuntu linux servers and ruby application and moving software business workloads into a software defined datacenter with VMWare vSphere.

Implemented a unified security solution via multiple Sophos UTM (WAN, LAN, VPN).

Eingesetzte Qualifikationen

Systemadministration (allg.)

Zertifikate

Microsoft Azure Solutions Architect Expert
2020

Ausbildung

Fachinformatiker für Systemintegration
Ausbildung
2013
Hamburg

Weitere Kenntnisse

Linux, Ansible, Saltstack, Puppet, Consul, Consul-Template, Terraform, Git, Gitlab, Jenkins, Proxmox, KVM, LXC, Docker, Kubernetes, Filesystems, Hadoop, Kafka, Cloudera, Bash, Graylog, Elasticsearch, Prometheus, Grafana, DataDog, Cassandra, MySQL, Apache, Nginx, Amazon AWS, Microsoft Azure, Cloudflare, Kitchen-CI, Inspec, Golang, Agile, Scrum, Kanban

Persönliche Daten

Sprache
  • Deutsch (Muttersprache)
  • Englisch (Fließend)
Reisebereitschaft
Nähe des Wohnortes
Arbeitserlaubnis
  • Europäische Union
Home-Office
bevorzugt
Profilaufrufe
4522
Alter
35
Berufserfahrung
10 Jahre und 5 Monate (seit 10/2013)

Kontaktdaten

Nur registrierte PREMIUM-Mitglieder von freelance.de können Kontaktdaten einsehen.

Jetzt Mitglied werden