Solution Architect

Cloud Infrastructure, Authorization & Cost Transparency Solutions for HUK Coburg

Led multiple critical backend and infrastructure projects for HUK Coburg, focusing on cloud cost transparency, secure API access across AWS accounts, and integration with external incentive systems. These solutions improved cost control, security, and automation across several departments.

Key Contributions:

🔹 Cloud Cost Tracking & Tag-Based Reporting Designed and implemented a system to retroactively track and analyze the usage and costs of foundational AWS services per client or internal department. •Introduced a structured tagging strategy for AWS resources •Leveraged the AWS Cost Explorer to group and filter usage data •Developed a reporting pipeline to aggregate cost metrics and export them to Amazon S3 for analysis •Ensured clear attribution of costs through IAM account and role mapping

🔹 Custom AWS Lambda Authorizer for Multi-Account Environments Built a centralized authorization layer for APIs accessed from various AWS accounts. •Developed a Lambda Authorizer that verifies JWT signatures, expiry, and claims •Supported multi-tenant access control across accounts and roles •Passed the decoded token payload into the API Gateway request context •Enabled application-specific claims validation to be handled downstream

🔹 Amazon Incentives API Integration Service Developed a microservice to connect with the Amazon Incentives API, enabling automated voucher code generation. •Implemented complex AWS Signature V4 request signing as per Amazon specifications •Built a secure and robust REST API for internal use •Handled validation, logging, and error management according to enterprise standards

Technologies & Skills: AWS (Lambda, S3, API Gateway, Cost Explorer), IAM, JWT, REST APIs, Node.js, Python, AWS Signature V4, Docker, Agile, CI/CD, Confluence

Outcome: These solutions enabled HUK Coburg to gain visibility into service-level costs, enforce secure multi-account access to internal APIs, and automate customer rewards—all while aligning with enterprise compliance and scalability standards.

API Management Expert & Conference Speaker Chair for API Management at adorsys

As the Chair for API Management at adorsys, one of Germany’s leading consulting firms for digital financial services, this role involves defining strategic API architecture standards, coaching development teams, and supporting enterprise clients in designing scalable, secure, and future-proof API ecosystems.

In addition to driving API initiatives internally and with clients, regularly speaks at industry conferences and expert panels on topics such as API security, governance, monetization, and API-first architecture. These sessions often focus on real-world lessons from complex integration projects in highly regulated industries like banking, insurance, and the public sector.

Focus Areas: •Enterprise-grade API architecture & strategy •Zero Trust & secure API access (OAuth2, OIDC, mTLS) •API productization & lifecycle management •Developer portal concepts & internal API enablement •Coaching and enablement of distributed teams

Technologies & Tools: Kong, Apigee, Gravitee, WSO2, Keycloak, Spring Boot, Node.js, Quarkus, OpenAPI/Swagger, Postman, GitLab CI/CD, Docker, Kubernetes, AWS, GCP, Azure

Industries: Banking, Insurance, Public Sector, Mobility-as-a-Service, E-Commerce, LegalTech, Digital Platforms

Recent Appearances Include: •Keycloak Conference 2025 — “AI Meets Identity: Smarter Access Management with Keycloak” •Panel: The Role of Technology in Shaping the Future of Mobility as a Service (MaaS) •Webinars and internal training sessions on API governance, secure integrations, and cross-team enablement • Instructor at apimasters

Goal: Promoting APIs not just as technical enablers, but as strategic assets for digital transformation and innovation.

Klartax – Digital Tax Filing Platform for Employees (DATEV) Role: Senior Full-Stack Engineer & API Architect (Freelance)

Contributed to the development of Klartax, DATEV’s digital tax filing solution designed to simplify annual income tax returns for employees in Germany. The platform combines professional-grade tax logic with a highly user-friendly interface, available as both a web application and a mobile app.

Key Contributions: •Designed and implemented RESTful APIs for core tax data flows, user journeys, and authentication •Translated complex German tax rules into backend logic and reusable components •Contributed to the architectural foundation (microservices, API gateway, containerization, security) •Integrated with existing DATEV infrastructure and the official ELSTER API for electronic tax filing •Collaborated closely with product managers, legal experts, and multiple agile development teams •Ensured compliance with German data privacy laws (GDPR) and tax-related regulatory standards

Technologies & Tools: Spring-Boot und Spring-Cloud, Thymeleaf, OpenAPI, Maven, Jacoco, Failsafe, Surfire, Sonarqube, JQAssistant, Postgres, H2, Liquibase, Flyway, Hazelcast, CommerceTools, Adobe Analytics, Gitlab, Artifactory, Openshift/Kubernetes, aws, Sonarqube, Jira, Confluence, Otel, Prometheus, Kibana, Splunk, Micrometer, Grafana, ELK, Angular.js, Cypress, Webpack, TypeScript, NPM, Node.js, Firebase, Keycloak (Extensions, Themes, Build, Setup, Deployment etc.), Freemarker, JavaScript, TypeScript, Swift

Industry: LegalTech, TaxTech, Public Sector, B2C SaaS

Outcome: Enabled secure, fast, and user-friendly online tax filing for thousands of users, bridging the gap between professional tax expertise and intuitive digital experiences.

Banfico – PSD2 & Open Banking API Solutions Role: Senior Engineer & Technical Architect (Freelance)

Worked with Banfico, a UK-based Open Banking platform provider, to deliver secure, PSD2-compliant APIs and banking integrations for financial institutions across Europe. The project focused on helping banks and third-party providers meet regulatory requirements while enabling scalable, future-proof Open Finance services.

Key Contributions: •Designed and implemented secure REST APIs for Account Information Services (AIS) and Payment Initiation Services (PIS) in alignment with PSD2 and UK Open Banking standards •Led the integration with eIDAS certificates, Strong Customer Authentication (SCA), and consent flows •Supported bank clients across Europe in customizing and deploying compliant API stacks •Contributed to OAuth2/OpenID Connect flows, including dynamic client registration, token introspection, and consent management •Built tools for sandboxing, testing, and validating API behavior against regulatory conformance suites •Ensured end-to-end encryption, auditability, and secure token handling according to regulatory standards

Technologies: Java, Spring Boot, REST APIs, OAuth2, OIDC, TLS/mTLS, JWK/JWT, eIDAS/QWAC/QSeal certificates, Docker, OpenAPI, Postman, Jenkins, AWS

Industry: FinTech, Open Banking, RegTech, Financial Services

Outcome: Helped major banks accelerate PSD2 compliance while ensuring robustness, security, and maintainability in their Open Banking interfaces. Enabled faster certification, improved developer experience, and successful integration with third-party providers.

Conception, Engineering, Consulting

Development of a CRM System for public and scientific institutions