Ralf R.

Security Architecture & Automation

Belp, Switzerland

Experience

Feb 2024 - Oct 2025
1 year 9 months
Nuremberg, Germany

Security Architect

Bundesagentur für Arbeit

  • Analyzed the existing HashiCorp Vault installation and its covered use cases
  • Migrated the HashiCorp Vault clusters and adapted them to the BA’s PKI operations
  • Connected the Vault clusters to the BA’s third-party PKI
  • Planned and implemented Vault automation
  • Planned, implemented, and integrated Vault into the BA’s IAM system
  • Planned and implemented Vault protection with an HSM
  • Managed certificates and private keys in Vault
  • Highly automated the BA’s use cases
  • Administered Vault clusters
  • Technologies used: HashiCorp Vault Enterprise, Terraform, Ansible, openssl, PKI
Dec 2023 - Feb 2024
3 months
Munich, Germany

Vault CA Consultant

Xempus AG

  • Analyzed and assessed running Vault clusters
  • Advised on and created an internal root CA
  • Built a new state-of-the-art Vault cluster for intermediate CAs
  • Wrote product documentation compliant with ISO 27001
  • Provided general support on an IaC project (cloud migration)
  • Trained internal staff
  • Technologies used: Vault, Terraform, Ansible, openssl, PKI
Jun 2023 - Sep 2023
4 months
Essen, Germany

HashiCorp Nomad Consultant

E.ON SE

  • Supported the time-critical migration and integration of 16 Nomad clusters
  • Improved cluster availability and switched to TLS encryption
  • Provided comprehensive knowledge transfer on Nomad, Consul, Vault, Terraform, and Packer
  • Technologies used: Nomad, Consul, Vault, Terraform, Packer, Traefik, Amazon Web Services
May 2023 - Nov 2023
7 months
Stuttgart, Germany

Cloud Architect

Porsche AG (via Rackspace)

  • Designed an AWS landing zone and infrastructure for a 3D modeling software
  • Implemented it as infrastructure-as-code with Terraform
  • Technologies used: Terraform, Amazon Web Services, Elastic Kubernetes Service (EKS)
Oct 2022 - Jan 2023
4 months
Cologne, Germany

HashiCorp Terraform & Vault Expert

DEVK Deutsche Eisenbahn Versicherung AG

  • Supported building a PKI infrastructure with Vault OSS and Enterprise Plus
  • Pre-sales and integration of Vault OSS and Enterprise Plus
  • Designed and developed a Terraform backend for Vault provisioning
  • Technologies used: Terraform, Vault
Apr 2022 - Sep 2022
6 months
Bern, Switzerland

HashiCorp Terraform Integration Partner

T-Systems (Schweiz AG) / Schweizerische Bundesbahnen SBB

  • Developed core dynamic Terraform modules for Open Telekom Cloud
  • Created Packer templates for custom images of RHEL 7/8/9, Windows Server 2022/2019/2016
  • Technologies used: Terraform, Terraform Enterprise, Packer, Vault
Aug 2021 - Jun 2022
11 months
Gummersbach, Germany

Oracle Cloud Infrastructure Architect / Terraform Expert

Opitz Consulting Deutschland GmbH

  • Updated the production Terragrunt environment from Terraform OSS 0.12 to 1.0, about 450 state files with 1800 resources
  • Created an AS-IS analysis of the current Terraform environment including CI/CD processes
  • Refactored code
  • Designed and delivered a custom Terraform training program for the client’s staff
  • Technologies used: Terraform, Terragrunt, Packer, Ansible, Oracle Cloud Infrastructure, CI/CD toolset
Apr 2021 - Aug 2021
5 months
Bern, Switzerland

Head of Managed Cloud Services

Diso AG

  • Led the entire IT department after the CIO left the company
  • Designed and built business cases and migration scenarios for managed cloud services on Oracle Cloud Infrastructure
  • ISO 27001:2013 recertification
  • Managed about 90 department employees, reporting to the CEO
  • Part-time employment
Jun 2019 - Sep 2020
1 year 4 months
Bern, Switzerland

ICT Specialist

Eidg. Departement für Verteidigung, Bevölkerungsschutz & Sport

  • Designed and introduced full infrastructure automation at the Swiss Army Command Base (FUB)
  • Supported the shift from waterfall processes to agile project management
  • Provided general support for the “Renewal” projects & value streams
  • Technologies used: HashiCorp Packer, Terraform, Vault, Consul, DevOps, Scrum
Jan 2018 - Feb 2019
1 year 2 months
Frankfurt, Germany

Cloud Architect

BearingPoint Software Solutions GmbH

  • Designed & implemented continuous deployment with Terraform for Abacus 360 on Oracle Cloud
  • Designed and implemented the entire cloud architecture in OCI
  • Benchmarked and migrated IBM SoftLayer bare metal IaaS to OCI
  • Technologies used: CentOS 7, Terraform, Packer, Vault, Oracle Database, Oracle Cloud Infrastructure
Jan 2008 - Sep 2013
5 years 9 months
Bern, Switzerland

Senior UNIX Administrator

Swisscom (Schweiz) AG

  • Technical lead for the Operational Support Systems team, responsible for monitoring and 2nd-level support of about 65,000 network devices and servers for Swisscom’s large business clients
  • Operated 24/7 network management services and operational support systems and their underlying infrastructure (OS, DNS, LDAP, SNMP, TACACS, etc.)
  • Designed, built, and tuned a geo-redundant SAN, responsible for storage and servers up to the Fibre Channel switch, volume layout, benchmarking
  • Introduced geographic high availability for 300 servers with Solaris Cluster 3.2 (automatic failover)
  • Moved and modernized the department data center, including network zoning, OS, application, and hardware updates, and a virtualization concept for physical servers
  • Designed and implemented a release management process per ITIL v3 and ISO 30000 for the department
  • Participated in outsourcing projects for Credit Suisse and AXA Winterthur
  • Technologies used: Oracle Solaris 10, Red Hat Enterprise Linux 6, Solaris Cluster, DNS, LDAP, SNMP, TACACS, SAN/NAS, Git, cfengine, Solaris Zones, SPARC M3000 and M5000
Jan 2004 - Oct 2008
4 years 10 months
Karlsruhe, Germany

Senior Solaris Administrator

WEB.DE / 1&1 Internet AG

  • Sole technical responsibility for the business-critical Solaris systems of United Internet AG (parent of 1&1 Internet AG, GMX, WEB.DE, United Internet Media) and the advertising and profiling infrastructure, engineering and operating thousands of Apache web server farms
  • Consolidated the advertising systems of all subsidiaries under United Internet Media AG
  • Migrated WEB.DE’s data center into 1&1’s after the acquisition
  • Operated 45,000 physical servers for 1&1 and WEB.DE under Linux and Solaris 10
  • Introduced geographic redundancy for critical database backends with Sun Cluster 3.2
  • Modernized and migrated Sybase databases to a scalable x86 platform under Solaris 10
  • Implemented and operated WEB.DE homepages, portal servers, and SSL offloaders (Apache, CORBA, SUSE Enterprise Linux), about 1500 physical servers handling around 1 billion page impressions per month
  • Served as deputy IT portal team lead
  • Technologies used: SUSE Enterprise Linux 7–9, Debian Linux, Solaris 10, Sun SPARC and x64 hardware, Sybase, Apache 1.3 and 2.x, SSL, Oracle Database 8 and 9, Nagios, Solaris Cluster 3.2, J2EE Directory Server 5
Oct 2002 - Dec 2003
1 year 3 months
Karlsruhe, Germany

System Administrator, Freelancer

Diverse Auftraggeber

  • Project work for various clients in system administration and LAN setup
  • Technologies used: Debian Linux, SUSE Linux, Solaris 8, Windows 2000 Server, DNS, Apache 1.3, SSL
Sep 2001 - Sep 2002
1 year 1 month
Ettlingen, Germany

UNIX System Administrator

iXpoint GmbH

  • Worked in the system administration department of the IT service provider
  • Set up and maintained Solaris servers for business clients, including Condor / Thomas Cook, Birkel, Deutsche Flugsicherung
  • Built complex mail servers
  • Administered firewall systems
  • Technologies used: Solaris 8, Exim 4, Apache 1.3, Check Point Firewall 4.1 & NG
Jan 2000 - Aug 2001
1 year 8 months
Karlsruhe, Germany

System Administrator

Concept! Technology GmbH

  • Built and managed heterogeneous server farms
  • Technologies used: SUSE Linux 7.0, Microsoft Windows 2000 Server, Solaris 8, sendmail

Summary

I am a cloud architect and infrastructure automation specialist with over 25 years of experience in system engineering and IT operations.

My focus is on integrating and migrating complex cloud environments (OCI, AWS) and developing scalable automation solutions with the HashiCorp toolset (Terraform, Vault, Consul, Nomad, Packer) and the Red Hat Ansible Automation Platform.

I help companies transition from traditional IT infrastructures to dynamic, agile cloud architectures and modernize internal workflows.

In addition to technical expertise, I bring many years of experience leading critical transformation projects in regulated and high-security environments.

Languages

German
Native
English
Advanced

Education

Feb 1995 - Dec 1999

Technical University of Kaiserslautern

No degree · Technoinformatics · Kaiserslautern, Germany

Sep 1992 - Sep 1993

Technical University of Kaiserslautern

Computer Science · Kaiserslautern, Germany

Aug 1989 - Jul 1992

Staatliches Speyer-Kolleg

General university entrance qualification (Abitur) · Speyer, Germany

...and 1 more

Certifications & licenses

Oracle Cloud Infrastructure 2024 Certified Architect Associate

Oracle Cloud Infrastructure 2024 Generative AI Professional

AWS Certified Solutions Architect - Associate

Microsoft Certified: Azure Fundamentals

Vault: Certified HashiCorp Implementation Partner

Oracle Cloud Infrastructure 2021 Certified Cloud Operations Associate

Linux Foundation Kubernetes Fundamentals

HashiCorp Certified Consul Associate

HashiCorp Certified Vault Associate

Terraform: Certified HashiCorp Implementation Partner

Linux Foundation Certified Linux Administrator

HashiCorp Certified Terraform Associate

Oracle Certified Associate, Oracle Solaris 11

Need a freelancer? Find your match in seconds.
Try FRATCH GPT
More actions