Florian Böhmak

Jitsi - Video conferencing system with AI-powered simultaneous translation (prototype)

Nebelschütz, Germany

Experience

Apr 2025 - Apr 2025
1 month

Jitsi - Video conferencing system with AI-powered simultaneous translation (prototype)

Setup and customization of a containerized Jitsi instance for live speech recognition (VOSK) and automatic real-time translation (LibreTranslate, LMU fairseq).

Mar 2025 - Mar 2025
1 month

Design and implementation planning of a multi-tenant DMS (DocuWare)

Development of a comprehensive implementation concept for introducing the DocuWare document management system for the Foundation for the Sorbian People. Consideration of complex requirements such as multi-tenancy, scalability, data protection, interoperability with third-party software (e.g., HS Finanzwesen, MACH meinERP), Sorbian language support, and centralized operations management.

Jan 2025 - Feb 2025
2 months

AI & Data Engineering

Development and implementation of a quantitative investment strategy using GPT-3.5 to analyze 20,000 earnings-call transcripts of the 500 largest US companies over a 10-year period. Data analysis and backtests implemented in Python & C#.

May 2024 - Sep 2024
5 months

Fullstack Developer

Development of the Clean Code Principles website, which I designed as an interactive reference for Clean Code, featuring user-friendly features such as a PDF generator, a fuzzy search, and social media sharing. Content can be easily maintained via Markdown and is automatically deployed on Git commits. I built the site with NextJS for fast delivery and TailwindCSS for responsive design.

  • Simple maintenance of website content via Markdown files using 'markdoc' and 'gray-matter'.
  • Implementation of a fuzzy search powered by metadata from centrally maintained Markdown files.
  • Implementation of an online PDF generator for custom Clean Code cheatsheets.
  • Super affordable and fast website through NextJS static site generation (SSG) and CDN hosting.
  • Fully automated deployment on Git commits via AWS Amplify.
  • Focus on speed and accessibility through a mobile-first development approach.
  • Elaboration of 45 Clean Code principles, with code examples (negative, positive, exception), quotes, summaries, descriptions, controversies, bibliographic references, and graphics.
Jan 2020 - Dec 2025
5 years
Germany

Senior DevOps Engineer

ZEISS

Developed the ZEISS Connected Quality Platform – an advanced solution for monitoring measurement systems, managing measurement plans and quality processes, and directly retrieving raw system data. My focus was building the powerful .NET infrastructure with features like Keycloak-based authentication, RabbitMQ messaging, MSSQL database management, deployment of Angular/React single-page applications (SPAs), TLS encryption, backup solution integration, monitoring, and support for both Windows on-premises systems and Kubernetes clusters. The key challenge was making the platform run seamlessly across Windows on-premises and Kubernetes while ensuring an optimal local Windows development environment for efficient debugging and development.

  • Setup of various Kubernetes clusters:
  • Design and implementation of isolated Connected Quality platforms in separate Kubernetes namespaces, provisioning infrastructure components (MSSQL, RabbitMQ, Keycloak, reverse proxy, Kubernetes Dashboard, HashiCorp Vault).
  • Developed missing components for a complete CI/CD process and self-healing concept: SQL Server configurator (Bash), Kubernetes Dashboard proxy for access security (JavaScript), Kubernetes deployment status controller for the CI/CD process.
  • Based on different use cases, I deployed Kubernetes clusters in various configurations fully automated: 1) classic AKS with cloud resources, 2) Rancher K3s in Docker for Windows desktop, 3) K3s in an Ubuntu VM, 4) Windows Server VM with nested virtualization of an Ubuntu VM with K3s, 5) IoT Hub edge cloud deployment, 6) RedHat OpenShift as potential self-hosted SaaS solution in the customer’s data center.
  • Automation of the container image build process (Docker, Podman, Buildah), creating container images 'from scratch', minimal images, debugging and testing for functionality assurance, documentation and maintenance for reusability and transparency.
  • Implementation of different deployment strategies:
  • GitOps with Kustomize templates for multiple environments, Mozilla SOPS secrets for encrypted secrets in Git, custom GitOps operator to monitor container registries for image tags and automate cluster deployments.
  • Dynamic deployment via Octopus Deploy using Helm charts generated by the automatic master pipeline with SemVer versioning on Git merge.
  • Implemented GitOps deployment using FluxCD for better automation and traceability.
  • Proof-of-concept for an internal developer platform (Humanitec, score.yaml, Backstage).
  • Developed a 'master' CI/CD pipeline for 15 projects/services with Azure YAML pipelines:
  • Unified execution of source code builds (msbuild, npm, maven, docfx, pandoc), unit tests, CVE security scans (BlackDuck) including FOSS SBOM creation, end-to-end tests (Selenium, Playwright), and nightly status reports to MS Teams channels.
  • Generation of deployment scripts (Helm charts, Kustomize, Python, Jinja2, Bash, MSI installers) and setup of a clear deployment interface via Octopus Deploy.
  • Automatic release versioning based on Git branches (master, features/, releases/) instead of manual complex models like GitFlow or GitHub Flow.
  • Maintenance and later consolidation of CI/CD platforms and technologies (GitLab, GitHub Actions, Tekton).
  • Migration of projects into a monorepo (Azure DevOps) and creation of sync mechanisms for a large parallel Atlassian project later integrated.
  • Automatic creation of feature-branch environments with the currently built versions.
  • Performance optimizations via caching and skipping sub-pipelines.
  • Developed a Windows installer for the complete Connected Quality Platform (approx. 10 services):
  • Packaging all services with the WiX Toolset (Heat, Candle, Light), writing custom actions in C# to configure Windows services, using the WiX template engine for installation dialogs, validating and installing certificates in the certificate store.
  • Developed a Python-based CLI to optimize interaction with the monorepo in local dev environments to enhance developer experience:
  • Python scripts to provision all dependencies for local development (Dotnet, MSSQL, NodeJS, RabbitMQ, Java JDK) for quick onboarding and a unified local dev setup in the corporate environment.
  • Provided uniform 'build, configure, deploy' steps specifying relevant 'targets' (projects) with the option to include projects directly in debug mode from Visual Studio (Python, Jinja2 templates).
  • Performance optimizations by caching build files via MD5 hash of project folders.
  • Tested multiple approaches to develop an effective local build system: Bazel was incompatible, PowerShell error-prone, Cake Build too slow.
  • Infrastructure automation and IaC concepts:
  • Provisioned Azure resources (VMs, storage, databases, virtual networks, Key Vault, DNS zone, ACR webhooks, Logic Apps) with ARM/Bicep templates, Terraform, and Ansible.
  • Provisioned Azure resources via Crossplane framework and developed Kubernetes controllers for custom resource definitions.
  • Operated Kubernetes clusters, Linux VMs, and Windows servers:
  • Installed, configured, and maintained Linux systems including server services like Apache and Nginx.
  • Automated Linux maintenance tasks with shell scripts and Ansible.
  • Implemented security measures and regular updates for hardening.
  • Troubleshooting and resource optimization in Linux systems.
  • Built a monitoring system with OpenTelemetry (logging, tracing, metrics) for Windows servers using Grafana, Loki, Prometheus, and Tempo; created dashboards for the four golden signals and instrumented .NET and Angular apps.
  • Created 'living' documentation (docfx template engine), supported release notes generation with pandoc (Markdown, LaTeX, HTML, PDF) and Docker scripts.
  • As an architecture team member, I participated in agile SCRUM-based development using Azure DevOps and Atlassian tools (Jira, Confluence) for efficient planning and execution.
  • Implemented security standards and compliance in the software process:
  • Modernized secrets management by integrating HashiCorp Vault during migration to OpenShift, supplemented by a .NET configuration provider as a multi-external-secrets provider.
  • Established SecOps practices: creating container images from scratch, conducting code reviews of container content, integrating automated security scans in CI/CD pipelines for CVE detection, proactive threat modeling, and remediation of identified vulnerabilities.
  • Created FOSS disclosures/licenses and software bill of materials (SBOMs) according to compliance and supply chain requirements.
  • Implemented and documented backup, recovery, and disaster recovery strategies for Kubernetes and Windows servers.
  • Architecture and implementation of backend systems (databases, proxy, reverse proxy, web server):
  • Implemented a C# PubSub library for RabbitMQ with custom attributes for controller-like usage, replacing the Dapr Pub-Sub client via reverse engineering.
  • Developed a Keycloak configurator in JavaScript with a custom DSL, enabling developer teams to define roles and permissions intuitively and automate Keycloak configuration.
  • Implemented a reverse proxy and single-page application web server in C# with YARP to minimize tech diversity (replacing Traefik, Nginx, Apache) and secure SSL connections.
  • Developed .NET project structures using cell architecture and ports-and-adapters pattern, supported by TDD, BDD with Gherkin, and Pact contract tests, promoting DDD for business-aligned solutions.
May 2019 - Jul 2019
3 months
Switzerland

Azure Solutions Architect

KPMG

In my project at KPMG Switzerland, I successfully led the migration of on-premises server infrastructure to Azure Cloud, set up a new Azure tenant, and trained clients for ongoing operations. My main tasks included creating a secure cloud environment with encryption of virtual machines, SQL Server, and Azure Web Apps. By employing Infrastructure-as-Code practices combined with automated Azure DevOps build and release pipelines, the infrastructure was set up efficiently and securely.

  • Implemented secure cloud environments by encrypting VMs, disks, and SQL Server, using Azure Managed Identities, public/private certificates, and hardware encryption keys (KEK, HSM, Key Vault) to ensure top security standards.
  • Realized Infrastructure-as-Code with ARM templates for efficient and consistent provisioning.
  • Configured automated build and release pipelines in Azure DevOps for optimized continuous integration and delivery.
Jan 2019 - Dec 2020
2 years
Germany

Senior DevOps Engineer

Daimler

Scaled the Microsoft System Center Configuration Manager (SCCM) to Daimler’s enterprise size, supporting over 150,000 clients. Designing and developing a scalable, testable architecture, I integrated authentication systems (IWA, JWT), MSSQL database integration, and RabbitMQ as messaging bus. Automated CI/CD pipelines and infrastructure automation were central to my responsibilities.

  • Implemented automated DevOps processes and infrastructure management:
  • Set up Azure DevOps CI/CD pipelines for automated builds, tests, and deployments.
  • Managed infrastructure stack: Windows Server 2019, Microsoft SQL 2019, IIS 10, .NET Framework 4.7.2, .NET Core 3.1, NuGet, RabbitMQ.
  • Provisioned Azure resources (VMs, storage accounts, databases, virtual networks, Key Vault, DNS zone, ACR webhooks) via ARM templates and PowerShell.
  • Software development in C# and JavaScript:
  • Implemented cell-based, fractal architecture with middleware concepts and clear interfaces (Ports & Adapters).
  • Optimized development processes by:
  • Introducing example mapping (requirements engineering), Gherkin acceptance tests (living documentation), and feature slicing (visual representation of technical scenarios).
  • Defining coding standards to improve code reviews and establishing pair programming for better knowledge transfer.
  • Technology evaluation for cloud integration, including self-hosted Azure APIM, Azure Functions, and Docker.
  • Created an interface between Windows-based local authentication (IWA) and cloud-based token authentication (JWT).
  • Designed a modular, testable system based on cell architecture to reduce manual testing from 90% to 10%.
Oct 2018 - Apr 2019
7 months
Germany

Azure Solutions Architect

ZEISS

Developed and operated the ZEISS Enterprise Service Bus (ESB) as a central communication backbone, providing digital interfaces across corporate boundaries with over 3 million messages per day. The ESB was built as a scalable solution using cloud-native technologies like Azure API Management, serverless functions, Azure Service Bus, and CosmosDB. My main tasks included performance analysis, network diagnostics, risk assessments, infrastructure automation, and live operation troubleshooting.

  • Built and managed an ESB with throughput over 3 million messages per day.
  • Managed a Docker cluster on Azure Service Fabric and Kubernetes, runtime troubleshooting and performance bottleneck analysis.
  • Created queries, alerts, and dashboards in Azure Application Insights for data analysis.
  • Planned and executed large-scale CosmosDB migrations, conducted risk analyses, and developed support tools (C#, PowerShell, Azure Data Factory scripts).
  • Analyzed network security group (NSG) rules and evaluated blocked IP addresses.
  • Managed multiple environments (dev, test, staging, production) by automating infrastructure operations with ARM templates.
Apr 2018 - Sep 2018
6 months

Fullstack Developer

VIDEO OASE

In my project at VIDEO OASE, a video marketing portal, I created a serverless proof of concept and used UX tools for prototyping, collaborating closely with the client to design the portal structure. I implemented core functions like user registration, login/logout, password reset/change, protected routes, a simple search, and a data import tool from Excel.

  • Implemented a search portal based on Google Firebase serverless technologies with JavaScript, React, Bootstrap, and PayPal.
  • Developed key features including user registration, login/logout, password management, route protection, simple search, PayPal payment option, and an Excel data import tool.
  • Collaborative prototyping with the client using UX tools (Proto.io) to illustrate the user experience before development.
May 2016 - Nov 2017
1 year 7 months
Germany

Fullstack Developer

OTTO

As an external developer at OTTO, I significantly contributed to the design and implementation of the Product Information Management (PIM) software used for managing e-commerce items on otto.de. I played a key role in developing robust microservice architectures in Golang and designing ReactJS-based frontends. By applying Clean Code practices, I ensured high software quality. Additionally, I set up a complete virtual development infrastructure and improved the Scrum workflow with acceptance tests to enhance collaboration and communication among stakeholders.

  • Designed microservice architecture based on domain-driven design (DDD), hexagonal architecture, separation of concerns, and service contracts.
  • Developed Golang services within a microservice architecture using MongoDB, HTTP, Kafka, Zookeeper, Protobuf, and Java Spring Boot.
  • Built a frontend application for e-commerce item management using ReactJS, react-redux, and react-router.
  • Set up and automated local development environment on a VM with VirtualBox, Linux, Bash, Vagrant, and Ansible.
  • Applied software craftsmanship to ensure Clean Code, including technical debt management, CQRS, Interface Segregation Principle, pair programming, and TDD.
  • Refined Scrum process by introducing acceptance tests as fixed agreements between stakeholders and developers using the ROBOT test framework.
Dec 2015 - Apr 2016
5 months
Germany

Embedded Software Developer

BALLUFF

As a developer on two projects for BALLUFF, a leader in automation technology, I built the test framework for an IO-Link device with C++ and Python and automated formal documentation to meet stringent TÜV certification standards. In a separate project, I implemented firmware on an Arduino board to integrate RFID and barcode scanners.

  • Implemented C/C++ unit tests (CppUnit) for the embedded C code of the IO-Link device.
  • Improved error handling and implemented stress tests in Python; documented the test infrastructure with Doxygen, and set up Jenkins build jobs (Unix, Bash), contributing to formal documentation for TÜV certification.
  • Rewrote Arduino firmware with a state machine and Clean Code practices.
  • Connected an RFID tag reader and a barcode scanner by implementing the USB protocol and configuring both devices.
  • Fixed software bugs on custom-designed and soldered Arduino boards.
Nov 2015 - Nov 2015
1 month
Germany

Software Developer

DAIMLER

During a short engagement at Daimler, I helped optimize performance of material-mapping software for vehicle components. I focused on data processing optimization by implementing caching mechanisms and documented the mapping algorithms. Additionally, I identified and fixed build system issues.

  • Performance optimization of material-mapping software by implementing data caching in C/C++ with the Qt framework and detailed documentation of the algorithms.
  • Fixed build system errors using Unix, Bash, and QMake.
Oct 2015 - Oct 2015
1 month
Germany

Software Developer

SYNATEC

At SYNATEC, I worked on traceability software for automotive systems, developing features to manage XML files, improve event traceability, and handle increased message throughput. I identified and fixed memory leaks and crashes and integrated the fixes into the existing architecture, continuously measuring and optimizing system performance.

  • Developed software in C/C++ and Qt to manage XML files, improve event traceability, and handle high message throughput.
  • Identified and resolved memory leaks and system crashes, integrating fixes into the existing architecture and conducting performance measurements.
May 2015 - Oct 2015
6 months
Germany

Embedded Software Developer

T-Systems

In a T-Systems project, I optimized software functions of the on-board unit (OBU) in the European truck toll system. I achieved significant improvements in boot times of these embedded Linux systems by identifying bottlenecks with standard Unix tools. By implementing parallel threads, systems started more efficiently. A proof of concept for reducing shared library load times via prelinking and cross-compiling on an ARMv6 architecture was developed but not implemented for security reasons.

  • Measured startup times on embedded devices using standard Unix tools (Bash, AWK, Sed, Grep, /proc).
  • Improved startup times by fixing performance bottlenecks and restructuring sequential startup processes for parallel thread execution in C/C++.
  • Implemented suspend/wakeup functions in the embedded Linux service architecture API layer.
  • Developed a proof of concept to accelerate load times via shared-library prelinking using cross-compiling (ARMv6, Unix, CMake).
Sep 2013 - May 2015
1 year 9 months

Fullstack Developer

STORYFEED

Developed a platform for real-time tracking of TV commercials using modern technologies like C/C++, Go, Kafka, and PostgreSQL on Linux. During development, I encountered a critical memory leak (integer overflow), which I analyzed over three months. I used tools like Valgrind to locate leaks, gprof to find performance bottlenecks, and OS monitoring tools to track CPU time and memory usage (caching, paging, swapping) to ultimately fix the issue and stop daily system crashes. Setting up, configuring, and troubleshooting on Linux servers (video tuner cards, smart card decryption) was also part of my duties.

  • Implemented a "TV Video Cutter" for real-time ad tracking (C, ffmpeg, pthreads).
  • Developed a dynamic ring buffer in C for streaming video data.
  • Implemented microservices and libraries in Go, including a store-and-forward client for distributed messaging (Kafka, Zookeeper, Sarama, PostgreSQL).
  • Developed the TVIB REST API for real-time triggers like banner synchronization in Go.
  • Created browser applications for video and client report management (Angular 1.0, Node, Express).
  • Built a deployment system on AWS (Chef, Autotools, Docker).
  • Set up video tuner cards and configured smartcards for signal decryption (Unix, Bash, C++, Python); configured DVBlast for streaming multiple TV channels over TCP/IP.
  • Administered Linux systems and improved performance by locating memory leaks (Valgrind), identifying and fixing performance bottlenecks (gprof), and monitoring CPU time and memory usage (caching, paging, swapping).
Feb 2013 - Jul 2013
6 months
Germany

Fullstack Developer

TEAMONDO

At startup TEAMONDO, I designed and implemented a real-time communication server for HTML clients using WebSockets to support chat messages, click events, and other interactions. The focus was on system stability and scalability.

  • Developed a real-time communication server for HTML clients with WebSockets supporting chat messages and click events.
  • Focused on stability and scalability using NodeJS, Redis, Pub/Sub, MongoDB, and Socket.io on Unix systems.
Oct 2012 - Sep 2013
1 year

Fullstack Developer

SMOOSTER

At startup SMOOSTER, I played a key role in enhancing their content management system. I used modern technologies like Ruby on Rails and JavaScript to implement core functionalities and integrate a robust authentication system. I also implemented frontend test automation and improved media distribution through efficient caching and CDN. Additionally, I solved scaling issues and optimized the system for better SEO.

  • Developed new features for the "smooster" CMS using Ruby, JavaScript, and MongoDB.
  • Integrated an authentication system with Omniauth, REST, and AJAX.
  • Applied TDD and Clean Code, refactoring over 40% of the software to achieve clean views, thin controllers, normalized models, and REST principles.
  • Expanded frontend test automation with RSpec and Selenium.
  • Enhanced media distribution with efficient caching and CDNs on AWS (Bash, Linux).
  • Scaled customer websites via load balancing and optimized conversion rates through SEO and social media.
Nov 2011 - Sep 2012
11 months

Fullstack Developer

Freelance

As a freelance web developer, I created custom websites for various clients, advised on current technology use, and collaborated closely with designers on visual design. Throughout projects, I honed my communication skills to effectively meet client requirements regarding cost, performance, design, and technology.

  • Built websites using a lean stack (HTML/CSS, JavaScript).
  • Developed a custom CMS with Ruby on Rails on Amazon EC2 and Linux with PostgreSQL.
  • Gained extensive client communication skills for discussing project cost, performance, design, content, structure, technology, and editing features.
Oct 2007 - Sep 2010
3 years
Germany

Trainee and Windows Server Administrator

SIEMENS

During my time as a trainee and Windows Server Administrator at Siemens AG, I gained extensive experience in software development.

  • Programmed microcontrollers in assembly and embedded C/C++ and implemented LCD drivers for C167 microcontrollers (16-bit, RTOS, CAN bus).
  • Programmed and configured Siemens automation systems (SIMATIC S7).
  • Operated and monitored over 100 Siemens servers including Windows account management, file, share, and print services, server updates, and server management.

Summary

Senior DevOps specialist with over 10 years of professional experience, specializing in cloud and on-premises infrastructures. His expertise is regularly demonstrated by Florian Böhmak, successfully implementing scalable and secure applications through CI/CD best practices, containerization with Kubernetes, and Infrastructure as Code in .NET on cloud and on-premises systems.

Languages

German
Native
English
Advanced
Czech
Elementary
Russian
Elementary

Education

Oct 2010 - Jun 2013

Technische Universität Darmstadt

Computer Science · Darmstadt, Germany

Oct 2007 - Jun 2009

Siemens Technik Akademie

Applied Technologies in Information Systems and Computer Engineering · Erlangen, Germany

Certifications & licenses

Azure AI Engineer Associate (AI-102)

Azure Administrator Associate (AZ-104)

Azure Solutions Architect (AZ-305)