Jitsi - Videoconferencing System with AI-Powered Simultaneous Translation (Prototype)

Set up and customize a containerized Jitsi instance for live speech recognition (VOSK) and automatic translation (LibreTranslate, LMU fairseq) in real time.

Developed and implemented a quantitative investment strategy using GPT-3.5 to analyze 20,000 earnings call transcripts from the 500 largest US companies over a 10-year period. Performed data analysis and backtests in Python and C#.

Developed the ZEISS Connected Quality Platform – an advanced solution for monitoring measurement systems, managing measurement plans and quality processes, and directly retrieving raw system data. My focus was on building the robust .NET infrastructure with features like Keycloak-based authentication, RabbitMQ messaging, MSSQL database management, deployment of Angular/React single-page applications (SPAs), TLS encryption, backup solution integration, monitoring, and support for operations on both Windows on-premises systems and Kubernetes clusters. The major challenge was making the platform run seamlessly across Windows on-premises and Kubernetes while also providing an optimal local development environment on Windows for efficient debugging and development.

• Set up various Kubernetes clusters:
• Designed and implemented isolated Connected Quality Platform instances in separate Kubernetes namespaces, provisioning infrastructure components (MSSQL, RabbitMQ, Keycloak, reverse proxy, Kubernetes dashboard, HashiCorp Vault).
• Developed missing components to enable a full CI/CD process and self-healing concept: SQL Server configurator (Bash), Kubernetes dashboard proxy for secure access (JavaScript), Kubernetes deployment status controller for the CI/CD pipeline.
• For different use cases, I set up fully automated Kubernetes clusters in several variations: 1) standard AKS with cloud resources, 2) Rancher K3s in Docker on Windows desktop, 3) K3s in an Ubuntu VM, 4) Windows Server VM with nested virtualization of an Ubuntu VM running K3s, 5) IoT Hub Edge cloud deployment, 6) Red Hat OpenShift as a potential self-hosted SaaS solution in the customer’s data center.
• Automated the container image build process (Docker, Podman, Buildah), built container images from scratch, created minimal images, debugged and tested to ensure functionality, and documented and maintained them for reusability and transparency.
• Implemented different deployment strategies:
• GitOps with Kustomize templates for various environments, Mozilla SOPS for encrypted secrets in the Git repository, and a custom GitOps operator for monitoring container registries for image tags and automated cluster deployment.
• Dynamic deployment via Octopus Deploy using Helm charts, generated automatically by the master pipeline with automated SemVer versioning on Git merge.
• GitOps deployment with FluxCD for improved automation and traceability.
• Proof-of-concept for an Internal Developer Platform (IDP) (Humanitec, score.yaml, Backstage).
• Developed a master CI/CD pipeline for 15 projects/services using Azure YAML pipelines:
• Uniform execution of source code builds (msbuild, npm, maven, docfx, pandoc), unit tests, security scans for CVE analysis (Black Duck) including FOSS SBOM generation, end-to-end tests (with Selenium and Playwright), and creation of nightly status reports in Microsoft Teams channels.
• Generated deployment scripts (Helm charts, Kustomize, Python, Jinja2, Bash, MSI installers) and set up a clear deployment interface via Octopus Deploy.
• Automated release versioning based on Git branches (main, features/, releases/) instead of manual, complex models like GitFlow or GitHub Flow.
• Maintained and later consolidated CI/CD platforms and technologies (GitLab, GitHub Actions, Tekton).
• Migrated projects into a mono-repository (Azure DevOps) and created sync mechanisms for a large parallel project (Atlassian) that later became part of the project.
• Automated creation of feature branch environments with the latest built versions.
• Improved performance through caching and skipping sub-pipelines.
• Developed a Windows installer for the entire Connected Quality Platform (approx. 10 services):
• Packaged all services with the WiX Toolset (Heat, Candle, Light), wrote custom C# actions for Windows service configuration, used the WiX template engine to create installation dialogs, and validated and installed certificates in the certificate store.
• Developed a Python-based CLI to optimize interaction with the mono-repository in local dev environments to improve developer experience (DevX):
• Python scripts to provide all dependencies for local development (Dotnet, MSSQL, Node.js, RabbitMQ, Java JDK) for quick onboarding of new team members and a unified local development setup in the corporate environment.
• Provided unified “build, configure, deploy” steps specifying relevant “targets” (projects) with the option to attach projects directly in debug mode from Visual Studio (Python, Jinja2 templates).
• Performance optimizations via caching build files by calculating MD5 hashes of project folders.
• Tested multiple methods to develop an effective local build system: Bazel was incompatible, PowerShell too error-prone, and Cake Build too slow.
• Infrastructure automation and implementation of Infrastructure as Code (IaC) concepts:
• Provisioned Azure resources (VMs, storage, databases, virtual networks, Key Vault, DNS zone, ACR webhooks, Logic Apps) using ARM/Bicep templates, Terraform, and Ansible.
• Provisioned Azure resources with the Crossplane framework and developed Kubernetes controllers to implement custom resource definitions.
• Operated Kubernetes clusters, Linux virtual machines, and Windows servers:
• Installed, configured, and maintained Linux systems, including server services like Apache and Nginx.
• Automated maintenance and admin tasks on Linux systems with shell scripts and Ansible.
• Implemented security measures and performed regular updates for hardening.
• Troubleshot and optimized system resources in Linux environments.
• Built a monitoring system with OpenTelemetry (logging, tracing, metrics) for Windows servers using Grafana, Loki, Prometheus, and Tempo. Created a dashboard with the four Golden Signals (Latency, Traffic, Errors, Saturation) and instrumented .NET and Angular applications.
• Created a “living” documentation with the docfx template engine, supported release note creation using the pandoc template engine (Markdown, LaTeX, HTML, PDF), and Docker scripts.
• As a member of the architecture team, I was repeatedly involved in areas like agile SCRUM-based software development, using Azure DevOps and Atlassian tools (Jira, Confluence) for efficient planning and execution.
• Implemented security standards and compliance in the software development process:
• Modernized secrets management by integrating HashiCorp Vault during the migration to OpenShift, complemented by developing a .NET configuration provider as a multi-external-secrets provider.
• Established SecOps practices: building container images from scratch, conducting code reviews to check container contents, integrating automated security scans into CI/CD pipelines to scan libraries for known CVEs, proactively preventing vulnerabilities with threat modeling, and remediating identified security issues.
• Created FOSS disclosures/licenses and software bills of materials (SBOMs) for compliance and software supply chain requirements.
• Designed and documented the planned backup and recovery strategy and disaster recovery for Kubernetes and Windows servers.
• Architected and implemented backend systems (databases, proxy, reverse proxy, web server):
• Implemented a Pub/Sub library for RabbitMQ in C# with custom attributes for API-controller-like usage, replacing the Dapr Pub/Sub client (via reverse engineering).
• Developed a Keycloak configurator in JavaScript with a custom DSL that allows dev teams to intuitively define "roles and permissions" and automate Keycloak configuration for increased efficiency and accuracy.
• Implemented a reverse proxy and single-page application web server in C# using the YARP library to reduce tech variety (replacing Traefik, Nginx, Apache) and secure connections with SSL certificates.
• Developed .NET project structures by implementing the cell architecture and ports-and-adapters pattern, supported by comprehensive testing paradigms like TDD and BDD with Gherkin, contract tests with Pact, and promoted domain-driven design (DDD) to align software architecture with complex business requirements for flexible, business-oriented solutions.

Extended the Microsoft System Center Configuration Manager (SCCM) to meet Daimler’s scale, supporting over 150,000 clients. When designing and developing a scalable and testable architecture, I focused on integrating the right technical components, including authentication via IWA and JWT, database integration with MSSQL, and RabbitMQ as a message bus. Introducing automated CI/CD pipelines and infrastructure automation was also a core part of my role.

• Implement automated DevOps processes and infrastructure management:
• Set up Azure DevOps CI/CD pipelines for automated builds, tests, and deployments.
• Manage the infrastructure stack: Windows Server 2019, Microsoft SQL 2019, IIS 10, .NET Framework 4.7.2, .NET Core 3.1, NuGet, RabbitMQ.
• Provision Azure resources (VMs, storage accounts, databases, virtual networks, Key Vault, DNS zone, ACR webhooks) using an Infrastructure as Code approach with ARM templates and PowerShell scripts.
• Software development in C# and JavaScript:
• Implement a cell-based and fractal architecture with middleware concepts and clear interfaces (Ports & Adapters).
• Optimize the software development process by:
• Introducing example mapping (requirements engineering), Gherkin acceptance tests (living documentation), and feature slicing (visual breakdown of technical features).
• Defining coding standards to improve code reviews and establishing pair programming for better knowledge transfer.
• Technologically refining system architectures for efficiency and cloud integration.
• Evaluating technologies for connecting the local system to the cloud, including self-hosted Azure APIM, Azure Functions, and Docker.
• Creating an interface between Windows-based local authentication (IWA) and cloud-based token authentication (JWT).
• Designing a modular and testable system based on cell architecture to reduce manual tests from 90% to 10%.

In my project at VIDEO OASE, a video marketing portal, I created a serverless proof of concept and used UX tools for prototyping to develop the portal’s structure in close collaboration with the client. I implemented core features like user registration, login and logout, password reset and change, protected routes, a simple search function, and a tool to import data from Excel.

• Built a search portal based on Google Firebase serverless technologies with JavaScript, React, Bootstrap, and PayPal.
• Developed core features, including user registration, login/logout, password management, route protection, simple search, a PayPal payment option, and an Excel data import tool.
• Collaboratively prototyped with the client using UX tools (Proto.io) to illustrate the user experience before actual development.

In my role as a developer on two projects for BALLUFF, a leading company in automation technology, I developed the test framework for an IO-Link device using C++ and Python and automated the required formal documentation to meet the demanding TÜV certification standards. In a separate project, I implemented the firmware for an Arduino board that enabled integration of RFID and barcode scanners.

• Implemented C/C++ unit tests (CppUnit) for the embedded C code of the IO-Link device.
• Improved error handling and implemented stress tests in Python; documented the test infrastructure with Doxygen, and set up and configured build jobs on Jenkins (Unix, Bash). This contributed significantly to the formal documentation needed to meet TÜV certification requirements.
• Rewrote the Arduino firmware by implementing a state machine and applying clean code practices.
• Integrated an RFID tag reader and a barcode reader by implementing the USB protocol and configuring both devices.
• Fixed software bugs on custom-designed and soldered Arduino boards.

For SYNATEC, I worked on a traceability software for automotive systems and developed features to manage XML files, improve event traceability, and handle increased message throughput. I identified and fixed memory leaks and crashes and integrated the fixes into the existing architecture, while measuring and optimizing system performance.

• Developed software in C/C++ and Qt to manage XML files, improve event traceability, and handle higher message throughput.
• Identified and fixed memory leaks and system crashes, integrated corrections into the existing architecture, and performed performance measurements.

Developed a platform for real-time tracking of TV commercials using modern technologies like C/C++, Go, Kafka, and PostgreSQL on Linux. During development, I encountered a critical bug in the form of a memory leak (integer overflow), which I analyzed in depth over three months. I used tools like Valgrind to locate memory leaks, gprof to identify performance bottlenecks, and system monitoring tools to observe CPU time and memory usage (caching, paging, swapping), ultimately fixing the issue and stopping a daily system crash. Setting up, configuring, and troubleshooting Linux servers was also part of my tasks (video tuner cards, smart card signal decryption).

• Implemented a "TV Video Cutter" for real-time tracking of TV ads (C, ffmpeg, pthreads).
• Implemented a dynamic ring buffer in C to handle streaming video data.
• Developed microservices and libraries in Go, including a store-and-forward client for distributed messaging (Kafka, Zookeeper, Sarama, PostgreSQL).
• Implemented the TVIB REST API for real-time triggers like banner synchronization in Go.
• Built browser applications for managing videos and client reports (Angular 1.0, Node, Express).
• Created a deployment system on Amazon AWS (Chef, Autotools, Docker).
• Set up video tuner cards and configured smart cards for signal decryption (Unix, Bash, C++, Python), and configured DVBlast for streaming multiple TV channels over TCP/IP.
• Administered Linux systems and improved system performance by locating memory leaks (Valgrind), identifying and fixing performance bottlenecks (gprof), and monitoring CPU time and memory usage (caching, paging, swapping).

In the startup SMOOSTER, I played a key role in advancing their content management system. I used modern technologies like Ruby on Rails and JavaScript to implement core features and integrate a robust authentication system. I also carried out frontend test automation and improved media distribution through efficient caching and content delivery networks (CDN). Additionally, I solved scaling issues and optimized the system for better search engine ranking (SEO).

• Developed new features for the "smooster" content management platform using Ruby, JavaScript, and MongoDB.
• Integrated an authentication system with Omniauth, REST, and AJAX.
• Applied Test-Driven Development (TDD) and Clean Code, including refactoring over 40% of the software to create clean views, thin controllers, normalized models, and follow REST principles.
• Expanded frontend test automation using RSpec and Selenium.
• Improved media distribution with efficient caching and content delivery networks (CDN) on Amazon AWS (Bash, Linux).
• Scaled customer websites through load balancing and conversion rate optimization using SEO via social media.

During my time as a Trainee and Windows Server Administrator at Siemens AG, I gained extensive experience in software development.

• Programmed microcontrollers using assembly and embedded C/C++, and implemented LCD drivers for C167 microcontrollers (16-bit, real-time operating system RTOS, CAN bus).
• Programmed and configured Siemens automation systems (SIMATIC S7).
• Operated and monitored over 100 Siemens servers, including managing Windows accounts, file, share, and print services, server updates, and server management.