Jitsi - Video conferencing system with AI-powered simultaneous translation (prototype)

Setup and customization of a containerized Jitsi instance for live speech recognition (VOSK) and automatic real-time translation (LibreTranslate, LMU fairseq).

Development and implementation of a quantitative investment strategy using GPT-3.5 to analyze 20,000 earnings-call transcripts of the 500 largest US companies over a 10-year period. Data analysis and backtests implemented in Python & C#.

Developed the ZEISS Connected Quality Platform – an advanced solution for monitoring measurement systems, managing measurement plans and quality processes, and directly retrieving raw system data. My focus was building the powerful .NET infrastructure with features like Keycloak-based authentication, RabbitMQ messaging, MSSQL database management, deployment of Angular/React single-page applications (SPAs), TLS encryption, backup solution integration, monitoring, and support for both Windows on-premises systems and Kubernetes clusters. The key challenge was making the platform run seamlessly across Windows on-premises and Kubernetes while ensuring an optimal local Windows development environment for efficient debugging and development.

• Setup of various Kubernetes clusters:
• Design and implementation of isolated Connected Quality platforms in separate Kubernetes namespaces, provisioning infrastructure components (MSSQL, RabbitMQ, Keycloak, reverse proxy, Kubernetes Dashboard, HashiCorp Vault).
• Developed missing components for a complete CI/CD process and self-healing concept: SQL Server configurator (Bash), Kubernetes Dashboard proxy for access security (JavaScript), Kubernetes deployment status controller for the CI/CD process.
• Based on different use cases, I deployed Kubernetes clusters in various configurations fully automated: 1) classic AKS with cloud resources, 2) Rancher K3s in Docker for Windows desktop, 3) K3s in an Ubuntu VM, 4) Windows Server VM with nested virtualization of an Ubuntu VM with K3s, 5) IoT Hub edge cloud deployment, 6) RedHat OpenShift as potential self-hosted SaaS solution in the customer’s data center.
• Automation of the container image build process (Docker, Podman, Buildah), creating container images 'from scratch', minimal images, debugging and testing for functionality assurance, documentation and maintenance for reusability and transparency.
• Implementation of different deployment strategies:
• GitOps with Kustomize templates for multiple environments, Mozilla SOPS secrets for encrypted secrets in Git, custom GitOps operator to monitor container registries for image tags and automate cluster deployments.
• Dynamic deployment via Octopus Deploy using Helm charts generated by the automatic master pipeline with SemVer versioning on Git merge.
• Implemented GitOps deployment using FluxCD for better automation and traceability.
• Proof-of-concept for an internal developer platform (Humanitec, score.yaml, Backstage).
• Developed a 'master' CI/CD pipeline for 15 projects/services with Azure YAML pipelines:
• Unified execution of source code builds (msbuild, npm, maven, docfx, pandoc), unit tests, CVE security scans (BlackDuck) including FOSS SBOM creation, end-to-end tests (Selenium, Playwright), and nightly status reports to MS Teams channels.
• Generation of deployment scripts (Helm charts, Kustomize, Python, Jinja2, Bash, MSI installers) and setup of a clear deployment interface via Octopus Deploy.
• Automatic release versioning based on Git branches (master, features/, releases/) instead of manual complex models like GitFlow or GitHub Flow.
• Maintenance and later consolidation of CI/CD platforms and technologies (GitLab, GitHub Actions, Tekton).
• Migration of projects into a monorepo (Azure DevOps) and creation of sync mechanisms for a large parallel Atlassian project later integrated.
• Automatic creation of feature-branch environments with the currently built versions.
• Performance optimizations via caching and skipping sub-pipelines.
• Developed a Windows installer for the complete Connected Quality Platform (approx. 10 services):
• Packaging all services with the WiX Toolset (Heat, Candle, Light), writing custom actions in C# to configure Windows services, using the WiX template engine for installation dialogs, validating and installing certificates in the certificate store.
• Developed a Python-based CLI to optimize interaction with the monorepo in local dev environments to enhance developer experience:
• Python scripts to provision all dependencies for local development (Dotnet, MSSQL, NodeJS, RabbitMQ, Java JDK) for quick onboarding and a unified local dev setup in the corporate environment.
• Provided uniform 'build, configure, deploy' steps specifying relevant 'targets' (projects) with the option to include projects directly in debug mode from Visual Studio (Python, Jinja2 templates).
• Performance optimizations by caching build files via MD5 hash of project folders.
• Tested multiple approaches to develop an effective local build system: Bazel was incompatible, PowerShell error-prone, Cake Build too slow.
• Infrastructure automation and IaC concepts:
• Provisioned Azure resources (VMs, storage, databases, virtual networks, Key Vault, DNS zone, ACR webhooks, Logic Apps) with ARM/Bicep templates, Terraform, and Ansible.
• Provisioned Azure resources via Crossplane framework and developed Kubernetes controllers for custom resource definitions.
• Operated Kubernetes clusters, Linux VMs, and Windows servers:
• Installed, configured, and maintained Linux systems including server services like Apache and Nginx.
• Automated Linux maintenance tasks with shell scripts and Ansible.
• Implemented security measures and regular updates for hardening.
• Troubleshooting and resource optimization in Linux systems.
• Built a monitoring system with OpenTelemetry (logging, tracing, metrics) for Windows servers using Grafana, Loki, Prometheus, and Tempo; created dashboards for the four golden signals and instrumented .NET and Angular apps.
• Created 'living' documentation (docfx template engine), supported release notes generation with pandoc (Markdown, LaTeX, HTML, PDF) and Docker scripts.
• As an architecture team member, I participated in agile SCRUM-based development using Azure DevOps and Atlassian tools (Jira, Confluence) for efficient planning and execution.
• Implemented security standards and compliance in the software process:
• Modernized secrets management by integrating HashiCorp Vault during migration to OpenShift, supplemented by a .NET configuration provider as a multi-external-secrets provider.
• Established SecOps practices: creating container images from scratch, conducting code reviews of container content, integrating automated security scans in CI/CD pipelines for CVE detection, proactive threat modeling, and remediation of identified vulnerabilities.
• Created FOSS disclosures/licenses and software bill of materials (SBOMs) according to compliance and supply chain requirements.
• Implemented and documented backup, recovery, and disaster recovery strategies for Kubernetes and Windows servers.
• Architecture and implementation of backend systems (databases, proxy, reverse proxy, web server):
• Implemented a C# PubSub library for RabbitMQ with custom attributes for controller-like usage, replacing the Dapr Pub-Sub client via reverse engineering.
• Developed a Keycloak configurator in JavaScript with a custom DSL, enabling developer teams to define roles and permissions intuitively and automate Keycloak configuration.
• Implemented a reverse proxy and single-page application web server in C# with YARP to minimize tech diversity (replacing Traefik, Nginx, Apache) and secure SSL connections.
• Developed .NET project structures using cell architecture and ports-and-adapters pattern, supported by TDD, BDD with Gherkin, and Pact contract tests, promoting DDD for business-aligned solutions.

Scaled the Microsoft System Center Configuration Manager (SCCM) to Daimler’s enterprise size, supporting over 150,000 clients. Designing and developing a scalable, testable architecture, I integrated authentication systems (IWA, JWT), MSSQL database integration, and RabbitMQ as messaging bus. Automated CI/CD pipelines and infrastructure automation were central to my responsibilities.

• Implemented automated DevOps processes and infrastructure management:
• Set up Azure DevOps CI/CD pipelines for automated builds, tests, and deployments.
• Managed infrastructure stack: Windows Server 2019, Microsoft SQL 2019, IIS 10, .NET Framework 4.7.2, .NET Core 3.1, NuGet, RabbitMQ.
• Provisioned Azure resources (VMs, storage accounts, databases, virtual networks, Key Vault, DNS zone, ACR webhooks) via ARM templates and PowerShell.
• Software development in C# and JavaScript:
• Implemented cell-based, fractal architecture with middleware concepts and clear interfaces (Ports & Adapters).
• Optimized development processes by:
• Introducing example mapping (requirements engineering), Gherkin acceptance tests (living documentation), and feature slicing (visual representation of technical scenarios).
• Defining coding standards to improve code reviews and establishing pair programming for better knowledge transfer.
• Technology evaluation for cloud integration, including self-hosted Azure APIM, Azure Functions, and Docker.
• Created an interface between Windows-based local authentication (IWA) and cloud-based token authentication (JWT).
• Designed a modular, testable system based on cell architecture to reduce manual testing from 90% to 10%.

In my project at VIDEO OASE, a video marketing portal, I created a serverless proof of concept and used UX tools for prototyping, collaborating closely with the client to design the portal structure. I implemented core functions like user registration, login/logout, password reset/change, protected routes, a simple search, and a data import tool from Excel.

• Implemented a search portal based on Google Firebase serverless technologies with JavaScript, React, Bootstrap, and PayPal.
• Developed key features including user registration, login/logout, password management, route protection, simple search, PayPal payment option, and an Excel data import tool.
• Collaborative prototyping with the client using UX tools (Proto.io) to illustrate the user experience before development.

As a developer on two projects for BALLUFF, a leader in automation technology, I built the test framework for an IO-Link device with C++ and Python and automated formal documentation to meet stringent TÜV certification standards. In a separate project, I implemented firmware on an Arduino board to integrate RFID and barcode scanners.

• Implemented C/C++ unit tests (CppUnit) for the embedded C code of the IO-Link device.
• Improved error handling and implemented stress tests in Python; documented the test infrastructure with Doxygen, and set up Jenkins build jobs (Unix, Bash), contributing to formal documentation for TÜV certification.
• Rewrote Arduino firmware with a state machine and Clean Code practices.
• Connected an RFID tag reader and a barcode scanner by implementing the USB protocol and configuring both devices.
• Fixed software bugs on custom-designed and soldered Arduino boards.

At SYNATEC, I worked on traceability software for automotive systems, developing features to manage XML files, improve event traceability, and handle increased message throughput. I identified and fixed memory leaks and crashes and integrated the fixes into the existing architecture, continuously measuring and optimizing system performance.

• Developed software in C/C++ and Qt to manage XML files, improve event traceability, and handle high message throughput.
• Identified and resolved memory leaks and system crashes, integrating fixes into the existing architecture and conducting performance measurements.

Developed a platform for real-time tracking of TV commercials using modern technologies like C/C++, Go, Kafka, and PostgreSQL on Linux. During development, I encountered a critical memory leak (integer overflow), which I analyzed over three months. I used tools like Valgrind to locate leaks, gprof to find performance bottlenecks, and OS monitoring tools to track CPU time and memory usage (caching, paging, swapping) to ultimately fix the issue and stop daily system crashes. Setting up, configuring, and troubleshooting on Linux servers (video tuner cards, smart card decryption) was also part of my duties.

• Implemented a "TV Video Cutter" for real-time ad tracking (C, ffmpeg, pthreads).
• Developed a dynamic ring buffer in C for streaming video data.
• Implemented microservices and libraries in Go, including a store-and-forward client for distributed messaging (Kafka, Zookeeper, Sarama, PostgreSQL).
• Developed the TVIB REST API for real-time triggers like banner synchronization in Go.
• Created browser applications for video and client report management (Angular 1.0, Node, Express).
• Built a deployment system on AWS (Chef, Autotools, Docker).
• Set up video tuner cards and configured smartcards for signal decryption (Unix, Bash, C++, Python); configured DVBlast for streaming multiple TV channels over TCP/IP.
• Administered Linux systems and improved performance by locating memory leaks (Valgrind), identifying and fixing performance bottlenecks (gprof), and monitoring CPU time and memory usage (caching, paging, swapping).

At startup SMOOSTER, I played a key role in enhancing their content management system. I used modern technologies like Ruby on Rails and JavaScript to implement core functionalities and integrate a robust authentication system. I also implemented frontend test automation and improved media distribution through efficient caching and CDN. Additionally, I solved scaling issues and optimized the system for better SEO.

• Developed new features for the "smooster" CMS using Ruby, JavaScript, and MongoDB.
• Integrated an authentication system with Omniauth, REST, and AJAX.
• Applied TDD and Clean Code, refactoring over 40% of the software to achieve clean views, thin controllers, normalized models, and REST principles.
• Expanded frontend test automation with RSpec and Selenium.
• Enhanced media distribution with efficient caching and CDNs on AWS (Bash, Linux).
• Scaled customer websites via load balancing and optimized conversion rates through SEO and social media.

During my time as a trainee and Windows Server Administrator at Siemens AG, I gained extensive experience in software development.

• Programmed microcontrollers in assembly and embedded C/C++ and implemented LCD drivers for C167 microcontrollers (16-bit, RTOS, CAN bus).
• Programmed and configured Siemens automation systems (SIMATIC S7).
• Operated and monitored over 100 Siemens servers including Windows account management, file, share, and print services, server updates, and server management.