Go to Website
  • en
  • de

Sebastian F.

Managing Director

Munich, Germany

Experience

Apr 2024 - Dec 2024
9 months

System Administration & DevOps

F-I-TS

  • Windows application migration
  • Windows Server 2022/2025, DHCP, Active Directory trust and reconfiguration, GPO management
  • Cloud service automation
  • Firewall/network management, debugging
Jan 2024 - Oct 2024
10 months

DevOps Engineer & Solutions Architect

SAB (Saxon Development Bank)

  • Linux application and OS operation (RedHat/Jenkins/JIRA/Bitbucket/Nexus/SonarQube)
  • Kubernetes support on a Kubeadm basis and OpenShift
  • Database support (PostgreSQL/Oracle)
  • Linux administration: OpenShift, Kubeadm, Docker, Docker Compose, Podman, containerization, Jenkins, Bitbucket, Jira, Confluence, GitLab, Nexus
Aug 2023 - Present
2 years 5 months

DevOps Engineer

Hessian Center for Data Processing (HZD)

  • Rancher, RKE2, Elastic Stack, Longhorn, HashiCorp Vault, GitLab, GitLab Runner, GitLab pipelines, GitLab API, Kyverno, OpenShift, Terraform, Ansible, shell scripting, Python scripting
  • Network management, software-defined networking
  • ITSM Remedy, VMware vCenter
Aug 2023 - Jan 2024
6 months

Linux / DevOps Engineer

Infineon Technologies AG

  • Windows/Linux Docker (container) build, CLI tools, OpenShift
  • Linux kernel/driver compilation
  • Automation for container integration
  • Horizon VDI automation
  • Tekton
Feb 2023 - Aug 2023
7 months

DevOps Engineer & Solutions Architect

Blacknet

  • Operation of OpenStack and Kubernetes platform
  • Platforms/tools used: Ceph storage, OpenStack Zed/Antelope, Kubernetes K3s and RKE2, ELK Stack, Nextcloud, ownCloud oCIS, GitLab (Community/EE)
Jan 2023 - Oct 2023
10 months

Security Architect / Engineer

Bundes-Cloud Access Management

  • PAM procedures and requirements management
  • Cloud-native PAM
  • Identity and Access Management (IAM)
Jan 2023 - Oct 2023
10 months

Network / DevOps Engineer

LBBW

  • Azure Cloud Networking, Azure CLI
  • IPSEC tunneling, tunnel encryption
  • Fortinet Fortigate and Checkpoint firewall, FortiAnalyzer and FortiManager
Jan 2023 - Jun 2023
6 months

Network / DevOps Engineer

ITSG

  • Support for Hashicorp Vault and OpenShift topics, Layer7 ingress routing
  • Automation of processes with Ansible/GitLab/Terraform
  • Pod Security Admission
  • Network Policies
  • Software-defined networking (Cisco ACI and VMware NSX)
  • mTLS with mutual authentication
  • Kubernetes multi-cluster solutions, Operator framework
Oct 2022 - Feb 2024
1 year 5 months

DevOps Engineer & Solutions Architect

BG Phoenics

  • Ansible deployment, creation of Ansible scripts
  • Installation and maintenance of AWX (Ansible Tower OSS)
  • Deployment of automated K3s Kubernetes services with Jenkins, Terraform, Ansible, Git (Bitbucket)
Jul 2022 - Sep 2023
1 year 3 months

Network / DevOps Engineer

FashionDigital/Peek-Cloppenburg

  • Google Cloud Platform, VMware vSphere 6.7 / 8.0
  • Migration of on-prem VMware environment to GCP VMware Hosted
  • Migration with VMware HCX
  • Network management with VMware NSX and NSX-T
  • Windows application migrations
  • Terraform builds on GCP, GitHub
Jul 2022 - Dec 2022
6 months

DevOps Engineer / Architect

Infineon Technologies AG

  • Definition, implementation, and setup of a deliverable Linux SW development environment for quick startup and system harmonization for all users (e.g., virtualization, containerization)
  • Automation and management of host types to apply defined configurations and orchestrations (Ansible, API, ...)
  • Analysis of various market options for software development virtualization (VirtualBox, Vagrant, etc.) regarding functionality, maintenance, and performance
  • Selection and implementation of client base images
  • Implementation and documentation of procedures to define self-managed IT base client images
  • Definition of an IT standard service for software teams to scale their Linux regression farms, including all connections to VM/VDI requests and management
  • Setup of a VM refresh, triggered by the user/CI for Windows clients, including support for Windows Docker and WSL2
Feb 2022 - Apr 2022
3 months

DevOps Engineer

DB Cargo

  • Migration of OpenShift application deployment from version 4.3 to 4.9
Jan 2022 - Jun 2022
6 months

DevSecOps Engineer

CompuGroup Medical

  • Implementation of a service mesh using Istio
  • Setup of an ELK stack with security (SSL/TLS) to provide Elasticsearch security and new APM functionality
  • Deployment of the ELK stack on k8s
  • Config maps, ArgoCD deployment, demo deployment
  • Implementation and demo of HashiCorp Vault
  • Design and build of development systems with Helm charts
Nov 2021 - Feb 2022
4 months

DevOps Engineer

1&1 / IONOS

  • Proxmox virtualization, Debian Linux, CLI tools, Ceph, Ansible automation
  • Tekton
Feb 2021 - Sep 2021
8 months

DevOps Engineer + Architect

NordLB

  • Kubernetes architecture, Layer 7 ingress routing
  • CI/CD automation, GitLab, GitHub
  • Implementation of HashiCorp Vault with Kubernetes external secrets
  • IT security mitigation in Kubernetes setup
  • Azure architecture, Azure cloud migration to on-premise Kubernetes
  • Gardener
  • Pod Security Admission, Kyverno
  • CLI tools
Feb 2021 - Jun 2021
5 months

Network & Linux System Engineer

Unbelievable Machine

  • Juniper SRX and Juniper switches
  • GitOps with ArgoCD, Harbor, Kafka
  • Fortinet Fortigate firewall management and configuration
  • FortiAnalyzer and FortiManager
Nov 2020 - Aug 2021
10 months

DevOps Engineer

DTAG (Deutsche Telekom)

  • Implementation of CI/CD pipelines, Ansible, AWX/Ansible Tower, CLI tools GitLab CI/CD, Jenkins/BlueOcean, Docker, Docker Compose
  • Kubernetes RKE setup
  • Deployment automation with Ansible/Helm, AWX/Ansible Tower
  • Creation and updating of solution and service concepts according to the Service Development Framework (SEF and EPDF)
  • Collaboration in aligning, describing, and approving solution and service concepts with the operating units and their service architects
  • Collaboration in deriving a solution approach and a service interface
  • Collaboration in deriving and executing solution tests, as well as preparing solution deployments and any migrations
  • Collaboration in deriving and executing service requests for change (RfCs) up to service acceptance according to Ready4Service
  • Database design
Sep 2020 - Jul 2022
1 year 11 months

DevSecOps Engineer

Allianz Technology, PKI

  • Development and implementation of ACME2 service and HashiCorp Vault plugins
  • HashiCorp Vault cloud management and automation
  • ServiceNow, CMDB
  • DogTag PKI, Boulder CA, Go development, Kubernetes/Rancher, Docker, Docker Compose, architecture
  • Collaboration in aligning, describing, and approving solution and service concepts with the operating units and their service architects
  • Collaboration in deriving a solution approach and a service interface
  • Collaboration in deriving and executing solution tests, as well as preparing solution deployments and any migrations
  • Collaboration in deriving and executing service requests for change (RfCs) up to service acceptance according to Ready4Service
  • xWiki, database design, CMDB
May 2020 - Sep 2020
5 months

Network / System Architect

IBM ePA

  • System architecture, network management, project organization, IT security
  • Keycloak, multi-cluster Kubernetes/IBM Cloud, CLI tools, Puppet, Layer7 ingress routing, Operator Framework
  • Pod Security Admission
  • Juniper SRX firewall, network policies and IKS (IBM Kubernetes Service) cluster management and IT security/infrastructure architecture
  • HCI, SDDC, vSAN, NSX
  • Software-defined networking (Cisco ACI and VMware NSX)
  • mTLS with mutual authentication
  • Harbor, Git, GitOps with ArgoCD
  • IBM Rational Synergy
  • JSON, YAML
  • Setup, maintenance, and operation of CI/CD and continuous deployment pipelines for Java
  • Shell, Python, and Perl programming
  • Proxmox, CMDB
  • Package manager: apt, yum, zipper
  • Identity and access management (IAM)
Mar 2020 - Nov 2020
9 months

Network Engineer + SRE Engineer

Verivox

  • Fortinet Fortigate administration/configuration, FortiAnalyzer, FortiManager, and F5 load balancers
  • HashiCorp Vault
  • Network management based on SDN
  • Logstash/Kibana
  • Google Cloud
Feb 2020 - Apr 2023
3 years 3 months

System & Network Administrator & Solutions Architect

Precigen Bioinformatics Germany GmbH (PBG)

  • Elastic Search, Windows system administration, system infrastructure and architecture
  • Network management, IT security, IDS/IPS
  • Linux, Tomcat system administration
  • Docker, Docker containers, Kubernetes, Ansible, OpenShift
  • NetApp MetroCluster cDot and 7-Mode, EMC Isilon storage systems
  • Linux engineer, RHEL, 2nd/3rd level support
  • HCI, SDDC, vSAN, NSX
  • PAM procedures and requirements management, cloud-native PAM
  • Proxmox, Citrix XenServer, Citrix XenApp, Citrix VDI
  • Checkpoint, Jitsi/Jibri, xWiki
  • Database design
  • Firefox configuration via policies, deployment automation and SCCM distribution
  • VMware NSX / software-defined networking skills
  • Trend Micro Deep Security: maintenance, updates, installation, configuration and support tickets including VMware NSX topics
  • HashiCorp Vault
  • Harbor, Git, GitOps with ArgoCD
  • Building, maintaining and operating CI/CD and continuous deployment pipelines for Java
  • Java programming, XML, CMDB
  • Sonatype Nexus, SonarQube
  • PHP and JavaScript programming
  • Package managers: apt, yum, zypper, CLI tools
Dec 2019 - Mar 2020
4 months

Network & Security Engineer

Vermop Salmon GmbH

  • NetApp MetroCluster cDot and 7-Mode
  • Network management, planning, configuration and documentation of concepts with Cisco and NetExtreme switches/APs and firewalls
  • Management of Cisco ASA, Cisco NG firewalls and Checkpoint hardware
  • Cisco SD network management (ACI)
Sep 2019 - Nov 2019
3 months

Cloud & DevOps Engineer

Donner und Reuschel

  • Zscaler integration/Azure cloud migration, Azure cloud on-premises
  • McAfee WebGateway, Checkpoint
Jul 2019 - Dec 2020
1 year 6 months

System & Security Administrator

STEP

  • Server support, network management
  • Support for Server 2012(R2)/Exchange 2010/Hyper-V 2012R2 (failover cluster)
  • PowerShell, SCCM
  • SonicWall NSA 220 firewall
  • Security monitoring (penetration testing)
  • Server monitoring with Zabbix
  • Active Directory planning/design and implementation
  • System infrastructure and architecture
  • OS patching
May 2019 - Mar 2023
3 years 11 months

DevOps Engineer & Solutions Architect

DB Netz AG

  • Ansible, Ansible Tower
  • Load balancers (loadbalancer.org, HAProxy, Nginx, Routed)
  • Kubernetes multi-cluster solutions, Puppet, Operator Framework
  • JSON, YAML
May 2019 - Oct 2019
6 months

DevOps Engineer + Linux System Engineer

Robert Bosch

  • Kubernetes services, Layer 7 Ingress routing
  • Jenkins, Docker, CI/CD pipeline, Ansible, architecture
  • OpenShift
  • Virtualization, Linux architecture and engineering, RHEL, CLI tools
May 2019 - Sep 2019
5 months

Security Architect & DevOps Engineer

Airplus Servicekarten GmbH

  • Microsoft Azure cloud implementations, Azure architecture, migration on-premise to Azure cloud, Azure CLI, AKS (Azure Kubernetes services)
  • PKI (ISTIO, EJBCA, Microsoft PKI), PCI compliance, documentation
  • Jenkins implementation, Terraform, Terraform Azure, IT security consulting
  • Fortinet, HashiCorp Vault
  • Monitoring with Prometheus / CheckMK, Logstash / Kibana
  • System infrastructure and architecture
  • Linux engineer, CLI tools, RHEL, 2nd/3rd level support
  • McAfee Web Gateway
Mar 2019 - Present
6 years 10 months

DevOps Engineer & Solutions Architect / Architect

ITZBund

  • Setup, maintenance, operation of CI/CD and continuous deployment pipeline
  • CLI tools, Java, Jenkins
  • Kubernetes multi-cluster management with ICP (IBM) and OCP (Red Hat), Gardener, Layer 7 Ingress routing
  • Docker, Docker containers, Puppet, OpenShift
  • Automation of processes with zOperator framework
  • Apache Maven
  • Azure architecture, on-premise Azure cloud
  • PAM procedures and requirements management, cloud-native PAM
  • Creation of Helm charts and repository management (Helm charts / container images) with Harbor
  • Atlassian JIRA/Confluence, Git, GitOps implementation with Argo CD
  • Tekton
  • Java and JavaScript programming, XML, JSON, YAML, Groovy scripting
  • Kyverno
  • Sonatype Nexus, SonarQube, Trivy
  • BSI basic protection
  • Identity and access management (IAM)
  • Geo-redundancy
  • Logstash / Kibana
  • Linux engineer, RHEL, 2nd/3rd level support
  • Database design
  • Network policies
Oct 2018 - Feb 2020
1 year 5 months

SysAdmin & DevOps Engineer & Solutions Architect

Intrexon Biotechnology Germany GmbH (IBG)

  • CMDB, Elastic Search
  • System administration, system infrastructure and architecture
  • Network management, IT security
  • Linux system administration, Linux engineer, RHEL, packaging Debian packages
  • Windows and Apple Mac administration
  • VoIP with FusionPBX and Asterisk
  • Firewall administration based on pfSense
  • Debugging and adjusting Active Directory configuration, PowerShell
  • Migration of AD to Server 2008 R2, connecting Mac/Windows/Linux clients to AD 2008 R2
  • Setup / installation / configuration of LDAP based on OpenLDAP
  • Firefox configuration via policies, deployment automation and SCCM distribution
  • Penetration testing
  • NetApp MetroCluster cDot and 7-Mode and EMC Isilon storage systems
  • Security review and hardening of the network, data protection compliance review
  • Implementation of a Windows-based PKI on Server 2008 R2
  • JBoss, GlassFish, Jenkins, Tomcat
  • Virtualization based on KVM
  • Test runs with IBM Tivoli Identity Management (ITIM), Dell/Quest Identity and Access Management (IAM), ForgeRock OpenIDM/OpenDJ
  • Docker implementation for software encapsulation
  • Nova, Cinder, OpenStack / cloud implementation, Azure cloud, Azure architecture
  • On-premise migration to AWS
  • Chef server deployment implementation
  • Puppet environment, Ansible and script-based automation
  • PAM procedures and requirements management, cloud-native PAM, CLI tools
  • Security review and hardening of the network, penetration testing, IDS/IPS, Metasploit / Wireshark / OpenVAS, DefectDojo, Docker implementation
  • Monitoring with Zabbix / ELK stack / Prometheus
  • 2nd/3rd level support, Cisco SDN network management (ACI)
  • HCI, SDDC, vSAN, NSX
  • Database design
  • VMware NSX / software-defined networking skills
  • Trend Micro Deep Security: maintenance, updates, installation, configuration and support tickets including handling VMware NSX topics
  • PHP programming
  • Package managers: apt, yum, Zypper
May 2018 - Nov 2018
7 months

DevOps Engineer

Automotive BMW

  • Ansible, OpenShift, Nova, Cinder, OpenStack, REST API
  • Shell and Python programming, automation and Elastic Search
  • ForgeRock stack OpenIDM / OpenAM / LDAP
  • Database design
Mar 2018 - Jul 2018
5 months

Storage Engineer

Bausparkasse Schwäbisch Hall

  • Adapt Icinga and Icinga plugins for Hitachi storage
  • NetApp Metro Cluster cDot and 7-Mode and EMC Isilon storage systems
Jan 2018 - Jun 2018
6 months

Network & DevOps Engineer

ITZ Bund

  • OpenShift deployment, Kubernetes
  • Backend cloud computing / micro-services via containerization
  • JSON, Yaml
  • Nova, Cinder, OpenStack, vCenter/KVM virtualization
  • Ansible automation, CLI tools, Docker, Docker containers
  • Helm, Harbor, GitOps with ArgoCD, Atlassian Jira
  • Linux Support, Networking
  • Prometheus/Zabbix monitoring, F5 load balancer configuration
  • Elastic Search
  • AppSene DesktopNow Plus, Ivanti Workspace Manager
  • PAM procedures and requirements management, cloud-native PAM
  • Tekton
  • Linux Engineer, RHEL, 2nd/3rd Level Support, CISCO SDNetwork Management (ACI)
  • Logstash / Kibana
  • BSI baseline protection
  • Identity and Access Management (IAM)
Oct 2017 - Oct 2017
1 month

Network & DevOps / Server Engineer

Cataneo GmbH

  • Cisco ASA FW, Puppet, Tomcat, Apache, Apache Maven
  • Proxmox KVM virtualization, Linux CentOS
  • AWS cloud implementation / automation
  • JSON, Yaml
Sep 2017 - Aug 2018
1 year

DevOps Engineer

VW: Data Science

  • Platform migration to the Open Telekom Cloud
  • System and IT security architecture: planning, customization, and implementation concept
  • Creation of architecture documentation according to TOGAF
  • Creation and updating of solution and service concepts according to the Service Development Framework (SEF and EPDF)
Jun 2017 - May 2018
1 year

DevOps & System Administration

Deutsche Post

  • Cassandra and MySQL configuration and performance optimizations in a cloud environment
  • Puppet, Elastic Search
  • Analysis of monitoring with Grafana and Graylog
  • JSON, Yaml
Jun 2017 - Jun 2017
1 month
Munich, Germany

Network & System Administration & Solutions Architect

4C München

  • Participation in a four-week Baramundi training
  • Support for Baramundi Application, Deployment / Patch Management project
  • McAfee WebGateway, Check Point
  • AWS cloud implementation / automation
  • Citrix XenServer, Citrix XenApp, Citrix VDI
  • Zscaler configuration and SCCM
  • Firefox configuration via policies, deployment automation and SCCM distribution
  • AirWatch
  • Extreme / Enterasys switch network management, NetSight
  • Cognos BI and Cognos Analytics administration
  • JITSI / JIBRI
  • VMware NSX / software-defined networking knowledge
Jan 2017 - Jun 2018
1 year 6 months

Network & DevOps Engineer

ITDZ Berlin

  • OpenShift deployment, Kubernetes multi-cluster, Operator Framework
  • Backend cloud computing / microservices via containerization
  • Nova, Cinder, OpenStack, vCenter/KVM virtualization
  • Ansible automation, Docker, Docker containers
  • Helm, Harbor, GitOps with ArgoCD, Atlassian Jira, Logstash / Kibana
  • Linux support, networking, software-defined networking (e.g. Cisco ACI Fabric)
  • Prometheus/Zabbix monitoring, F5 load balancer configuration
  • Elasticsearch
  • AppSense DesktopNow Plus, Ivanti Workspace Manager
  • Linux engineering, CLI tools, RHEL, 2nd/3rd level support, Cisco SD Network Management (ACI)
  • Database design, Keycloak
  • JSON, YAML
Dec 2016 - Dec 2016
1 month

Network, Security & Solutions Architect

InterWorXs GmbH

  • Network and server support, DDoS protection
  • Linux/Unix, CLI tools, FreeBSD
  • Cisco ASA, Catalyst switches, NAS/iSCSI storage
  • OpenX administration and performance tuning
  • NetApp MetroCluster cDot and 7-Mode and EMC Isilon storage systems
  • Sophos UTM, Sophos Mobile Control
  • Security hardening at Linux and kernel level
  • Customizing and configuring (compiling) the Linux kernel
  • JBoss, Apache, Apache Maven
  • English communication with developers from India and Pakistan
  • KVM-based virtualization, Nova, Cinder, OpenStack installation / management
  • Docker implementation for software solutions
  • Chef server implementation, creating a private cloud
  • Research and testing with AWS regarding service offloading (modularity / flexibility / cost)
  • Splunk implementation / test runs
  • Check Point firewall configuration and automation, Kafka
  • System / infrastructure architecture, MOD Security
  • JITSI/JIBRI, AirWatch
  • Zabbix monitoring and Icinga
  • Linux engineering, RHEL, 2nd/3rd level support
Jun 2016 - Apr 2017
11 months

DevOps & Linux Engineer

IBM / Talanx

  • Working based on ITIL
  • Red Hat Enterprise Linux 6.x / 7.x (RHEL), Red Hat IdM
  • Commvault, Git (GitLab), CLI tools, Harbor, IBM Rational Synergy, CMDB, RES Automator, SCCD / Maximo
  • Bash / Perl / Python / Jython programming, JSON
  • Puppet, Jenkins, Chef server infrastructure, Ruby/Chef cookbook development
  • VCO (VMware Orchestrator), vRealize deployment / automation
  • HCI, SDDC, vSAN, NSX
  • Nova, Cinder, OpenStack development / implementation
  • Check Point firewall configuration and automation
  • System / infrastructure architecture
  • Zscaler configuration
  • Zabbix monitoring
  • 2nd / 3rd level support
  • Domino and Lotus Notes
  • Shell, Python and Perl programming, GitOps with ArgoCD
  • Building, maintaining, operating CI/CD and continuous deployment pipeline for Java
  • Package managers: apt, yum, zipper
Jan 2016 - Oct 2016
10 months

System & Security Admin

Barmherzige Brüder Reichenbach

  • Firewall and IT security consulting/support for Juniper SRX firewall
  • Connecting Reichenbach to various other Barmherzige Brüder locations with different hardware (Sophos UTM, Sophos Mobile Control, Check Point firewall, Palo Alto firewall, WatchGuard, different L3 routers – HP, Cisco, etc.)
  • Troubleshooting and setting up Skype for Business configuration and security
Mar 2015 - Apr 2019
4 years 2 months

DevOps & Network Engineer & Service Offering Manager

IBM / Allianz

  • System / infrastructure architecture
  • SOM (Service Offering Manager), team leader, software tester
  • Tasks with Remedy and SM7 as ticketing systems, working based on ITIL
  • Linux engineer, CLI tools, RedHat IdM, RedHat Enterprise Linux (RHEL)
  • JBoss 5/6, Apache 2.4, Maven
  • Commvault, shell and Python scripting, Git, Subversion, Helm, Harbor, GitOps with ArgoCD
  • IBM Rational Synergy, CMDB
  • RedHat JON Manager / Server / Client, JBoss / Apache development
  • Puppet, Jenkins, Terraform, RES automation
  • AppSene DesktopNow Plus, Ivanti DSM, Workspace Manager, SCCD/Maximo, JBoss Manager, MRPX
  • Apache, Apache Maven
  • vFiler/NetApp and EMC Isilon storage systems
  • Bash / Perl / Python / Jython scripting, JSON
  • IBM Tivoli Monitoring (ITM) / Bluecare and IBM Tivoli Identity Management (ITIM)
  • Citrix XenServer, Citrix Xen App, Citrix VDI
  • VCO (VMware Orchestrator), vRealize deployment / automation
  • Nova, Cinder, OpenStack development, Jenkins, Chef Server development
  • AWS cloud implementation / automation, AWS pattern architecture
  • Backend cloud computing / microservices via containerization
  • software-defined networking (CISCO ACI and VMware NSX)
  • Fortinet FortiGate, FortiAnalyzer, FortiManager, Checkpoint firewall configuration and automation
  • shell, Python, PHP and Perl scripting
  • Netscaler configuration, ElasticSearch
  • NetApp MetroCluster cDOT and 7-mode, AirWatch
  • 2nd/3rd level support
  • Domino and Lotus Notes
  • HCI, SDDC, vSAN, NSX, xWiki
  • HashiCorp Vault, Keycloak
  • setup, maintenance and operation of CI/CD and continuous deployment pipeline for Java
  • package managers: apt, yum, zipper
  • identity and access management (IAM)
Mar 2014 - Jul 2019
5 years 5 months

Network & System Admin

Gruppe Nymphenburg Team Schuster GmbH

  • server support, network management
  • management of Server 2012(R2) / Exchange 2010 / Hyper-V 2012 R2 (failover cluster)
  • PowerShell, SCCM
  • SonicWall firewall NSA 220
  • security monitoring (penetration testing)
  • server monitoring using Zabbix
  • Active Directory planning, design and implementation
  • system architecture and infrastructure
Mar 2014 - Dec 2014
10 months

System Administrator

Merkur / TZ

  • implementation and installation of Linux on CentOS / RedHat basis
  • connecting Linux and LDAP via PAM interface
  • setup of GIT version control system and Git, GitLab
  • implementation, installation and creation of a mail gateway appliance based on Postfix / AMAVIS / SpamAssassin (used elements: ClamAV, AVG, Procmail, CBPolicyd, Amavis, SpamAssassin, various blacklists), including test runs and replacement of the old system
  • LVM management, DNS (Bind), DHCP, Apache/Nginx
  • configuration of Solaris systems
  • Jenkins, JBoss, Tomcat, Icinga / Nagios management / configuration
  • Docker installation / setup / management
  • IBM Tivoli Identity Management (ITIM)
Oct 2013 - Oct 2018
5 years 1 month

Infrastructure & DevOps Engineer & Solutions Architect

Genomatix GmbH/AG

  • system / infrastructure architecture, ElasticSearch, Talend, system administration
  • network management, IT security
  • Linux system administration, Linux engineer, RedHat IdM, RHEL packaging, Debian packages, CLI tools
  • Windows and Apple macOS administration
  • VoIP with FusionPBX and Asterisk
  • firewall administration using PFSense
  • debugging and adjusting Active Directory configuration
  • migration of AD to Server 2008 R2, connecting macOS / Windows (Chocolatey) / Linux clients to AD 2008 R2
  • connecting / installing / configuring LDAP on OpenLDAP basis
  • PowerShell, SCCM
  • Firefox configuration via policies, deployment automation and SCCM distribution
  • penetration testing
  • NetApp MetroCluster cDOT and 7-mode, and EMC Isilon storage systems
  • security review and hardening of the network, data protection compliance check
  • implementation of a Windows-based PKI on Server 2008 R2
  • JBoss, GlassFish, Jenkins, Tomcat
  • virtualization on KVM basis
  • test runs with IBM Tivoli Identity Management (ITIM), Dell/Quest Identity and Access Management (IAM), ForgeRock OpenIDM / OpenDJ
  • Docker implementation for software containerization
  • Nova, Cinder, OpenStack / Azure cloud implementation and deployment, Kubernetes
  • Azure cloud, on-premise migration to AWS
  • Chef server deployment implementation
  • Puppet environment
  • monitoring with Zabbix / Icinga / ELK stack
  • Ansible and script-based automation
  • network security review and hardening, penetration testing, IDS/IPS, Metasploit / Wireshark / OpenVAS, DefectDojo
  • Docker implementation, Docker containers, OpenShift
  • ModSecurity, AirWatch
  • 2nd/3rd level support
  • HCI, SDDC, vSAN, NSX
  • Jitsi/Jibri
  • Trend Micro Deep Security: maintenance, updates, installation, configuration and support tickets including handling VMware NSX topics
  • Atlassian JIRA / Confluence
  • HashiCorp Vault
  • setup, maintenance and operation of CI/CD and continuous deployment pipeline for Java
  • Sonatype Nexus, SonarQube, XML, CMDB
  • package managers: apt, yum, zipper
Oct 2013 - Feb 2014
5 months

System Administrator

Leiter & Cie GmbH

  • implementation of an LDAP infrastructure on OpenDC basis
  • integration of LDAP into web servers, firewall hardware and various web applications
  • OpenDJ, Splunk evaluation
Apr 2013 - Sep 2023
10 years 6 months
Munich, Germany

System/Network/Security Engineer

Krankenhaus der Barmherzigen Brüder (KBBM)

  • Astaro firewall implementation and migration from Symantec Enterprise Firewall V8.0
  • Network, server and user support, network infrastructure based on fiber connection
  • Security analysis, penetration testing, Linux kernel and system hardening, troubleshooting
  • Citrix XenServer, Citrix XenApp, Citrix VDI
  • Active Directory and Exchange integration errors (cleanup), upgrading Active Directory from 2003 to 2008 R2, migrating Exchange from 2003 to 2010
  • Migration of Astaro FW GateDefender 425 to Sophos UTM 425, Sophos Mobile Control
  • Penetration testing and security analysis with Metasploit, Wireshark, OpenVAS, Nessus, various tools and custom Python programming and scripts
  • JBoss, Tomcat, Jetty, Jenkins, WebSphere, Splunk
  • Onboarding for service takeover
  • System/infrastructure architecture
  • Netscaler configuration, AirWatch
  • Extreme/Enterasys switch network management, Netsight
  • HCI, SDDC, vSAN, NSX
  • VMware NSX/software-defined networking knowledge
  • TrendMicro DeepSecurity: maintenance, updates, installation, configuration and support tickets including handling VMware NSX topics
Oct 2012 - Apr 2017
4 years 7 months

SysAdmin & Security Engineer

Gesellschaft für Internationale Zusammenarbeit GmbH (GIZ)

  • SonicWall configuration, VPN setup, gateway creation, server configuration
  • Tunnel encryption
  • Linux system replication (HA)
  • Setup and configuration of LDAP infrastructure and authentication / firewall integration
  • Implementation of a PKI using EJBCA as the root CA and Windows (2008 R2, 2012 R2) as subordinate CA
  • Deployment of PKI certificates across the entire company infrastructure to the required branches
  • Evaluation of IBM Tivoli Identity Management (ITIM) and Dell/Quest Identity and Access Management (IAM)
  • Docker implementation for in-house Java development for SMS broadcast distribution
  • Splunk implementation (customization, configuration)
  • Java and JavaScript programming, XML
Sep 2012 - Sep 2012
1 month
Dubai, United Arab Emirates

Lecturer

Gesellschaft für Internationale Zusammenarbeit GmbH (GIZ)

  • Conducting a training/introductory workshop (SonicWall N240)
Jun 2012 - Jun 2012
1 month

Network & Security Admin

IC Consult GmbH

  • Juniper firewall and VPN appliance SA 700
  • Windows Server environment
  • Linux (Debian, CentOS, RedHat, Ubuntu, SELinux), Solaris (Sun Blade)
  • Cisco ASA 5501, Astaro Firewall SG240
  • Atlassian JIRA/Confluence, OpenVPN
  • SSL certificate creation and CA management, tunnel encryption
  • DATEV (TS setup)
  • PKI on EJBCA and Windows certification authorities based on Windows 2008 R2 and 2012 R2
  • Kernel customization, kernel compilation and hardening, configuration of kernel-based auditing functions
  • Upgrading Active Directory structure to Server 2008 R2 / 2012, Group Policy configuration based on 2012 AD
  • LDAP implementation using OpenDC and OpenLDAP
  • Penetration testing and security analysis with Metasploit, Wireshark, OpenVAS, Nessus and many other tools and custom Python scripts
  • IBM Tivoli Identity Management (ITIM), Dell/Quest Identity and Access Management (IAM), ForgeRock OpenIDM/OpenDJ
  • Nova, Cinder, OpenStack implementation, Azure cloud offloading support
  • Zscaler configuration
Apr 2012 - Apr 2013
1 year 1 month

SysAdmin & Programmer

Bücher.de

  • Bash/PHP programming, scripting
  • Web server, MySQL and Oracle administration
Apr 2012 - Apr 2012
1 month

System & DevOps Engineer

Patient Assistance Association

  • Creating RPM packages and performing compatibility checks
  • Maintaining servers and systems, upgrading from CentOS 5.8 to CentOS 6
  • Creating a CentOS 6 base template machine
  • Setting up a new ICINGA instance based on V1.11.0, originally from 1.0.x
  • Configuring Astaro firewall (site-to-site VPN, routing, mail security, firewall rules, NAT)
  • Compiling the kernel, hardening the system and kernel, compiling and customizing drivers
  • Writing and creating Bash, Perl, and Python scripts
  • Implementing SVN with AD integration
  • Installing and maintaining Subversion, Icinga, Apache, Postfix, and vCenter (vSphere)
  • Configuring and implementing Subversion with LDAP authentication
  • Installing, configuring, and managing Icinga/Nagios
  • JBoss, Websphere
  • Implementing a Chef server and comparing it with a Puppet environment, deploying the Chef server environment
Apr 2012 - Apr 2012
1 month

Project Consultant

Sebastian Fohler

  • Installing automated DNS servers on a Linux (Debian) base
  • Recovering a dedicated Windows Server 2008 R2 (SVN, JIRA, Fisheye, MSSQL, MySQL)
  • Setting up a new system and backup
Oct 2011 - Apr 2012
7 months

Project Consultant

Sebastian Fohler

  • Rolling out Windows 7 and full disk encryption using DriveLock
Apr 2011 - Dec 2016
5 years 9 months

SysAdmin & Linux Engineer

Perfect Staff GmbH

  • Setting up HA storage based on SLES 10 with Heartbeat
  • Compiling Linux drivers and customizing the base kernel
Apr 2011 - Sep 2011
6 months
Munich, Germany

Infrastructure & Network Engineer

Hospital of the Merciful Brothers (KBBM)

  • Implementing or migrating the Astaro firewall from Symantec Enterprise Firewall V8.0
  • Network, server, and user support; network infrastructure based on fiber links
  • Security analysis, penetration testing, IDS/IPS, Linux kernel and system hardening, troubleshooting
  • Citrix XenServer, Citrix XenApp, Citrix VDI
  • Cleaning up Active Directory and Exchange integration issues, PowerShell
  • Upgrading Active Directory from 2003 to 2008R2, migrating Exchange from 2003 to 2010
  • Migrating Astaro FW GateDefender 425 to Sophos UTM 425, Sophos Mobile Control
  • Performing penetration testing and security analysis using Metasploit, Wireshark, OpenVAS, Nessus, and many other tools, including custom Python scripts
  • JBoss, Tomcat, Jetty, Jenkins, Websphere, Splunk
  • Getting up to speed for service takeover
  • System and infrastructure architecture
  • Configuring NetScaler, AirWatch
  • Managing Extreme/Enterasys switch networks with NetSight
  • HCI, SDDC, vSAN, NSX
  • VMware NSX and software-defined networking knowledge
  • TrendMicro Deep Security: maintenance, updates, installation, configuration, and support tickets, including VMware NSX-related issues
Jan 2011 - Sep 2011
9 months

Project Consultant

Sebastian Fohler

  • Planning and design of a Windows 7 client (Office 2010)
  • Preparing deployment using MS WDS/MDT and DriveLock
Oct 2010 - Dec 2014
4 years 3 months
Munich, Germany

System Administration

Ximantix GmbH

  • Windows Server 2003/2008/R2, Windows 7/XP clients
  • Hyper-V virtualization
  • ISA Server 2006
  • Active Directory design and setup
  • JBoss management
Sep 2010 - Jun 2021
10 years 10 months

Network & System Administration

Nick Hartmann Consultants GmbH & Co. KG

  • Network and server support
  • Cisco ASA, Windows Server 2008, Exchange 2007, HP switches
  • Windows Server 2008/R2, Windows 7/Vista/XP clients, Exchange 2007, SCCM, PowerShell
  • Firefox configuration using policies, deployment automation and SCCM distribution, Chocolatey
  • PowerShell, Cisco ASA, Panda Antivirus, Trend Micro Antivirus
  • VMware Server/ESXi, Hyper-V
  • Migration from Windows XP and Server 2003 to Windows 7 and Server 2008/Exchange 2007
  • SQL Server 2005
  • Active Directory migration and redesign based on Windows Server 2012 R2
  • Hyper-V failover/replica setup
  • JBoss on Windows
  • System/infrastructure architecture
  • AD planning/implementation, migrating AD from 2008 to 2012/R2, clean-up of Server 2008 AD implementation after migration to 2012 R2
  • Configuration of Astra phone system
  • Exchange cross-forest migration (migrating from an old broken domain/forest into a newly created one by exporting and importing databases, adjusting Exchange settings for the domain/forest)
  • Splunk evaluation
  • AirWatch
Sep 2010 - Dec 2016
6 years 4 months
Spain

Network & System Administration

Crossworxs S.L.

  • Network and server support
  • Linux/Unix, FreeBSD
  • Cisco ASA, Catalyst switches
  • NAS/iSCSI storage
  • OpenX administration and performance tuning
  • NetApp MetroCluster cDot and 7-Mode and EMC Isilon storage systems
  • Sophos UTM, Sophos Mobile Control
  • Security hardening at Linux and kernel level
  • Customizing and compiling Linux kernels
  • DDoS protection
  • JBoss, Apache
  • English communication with developers from India and Pakistan
  • KVM-based virtualization, Nova, Cinder, OpenStack installation/management
  • Docker implementation for software solutions
  • Chef server implementation, building a private cloud
  • Research and testing with AWS for service offloading (modularity/flexibility/costs)
  • Splunk implementation/test runs
  • Apache Cassandra, Hadoop, CouchDB, Nginx, PFSense, OPNSense
  • Backend cloud computing/microservices via containerization, Kafka
  • System/infrastructure architecture, mod_security, AirWatch
May 2009 - Dec 2014
5 years 8 months

IT Engineer

Dell Inc. / Perfect Staff GmbH

  • vSphere v3.x – v5.x
  • WatchGuard firewall, network analysis
  • Windows Server/mail setup/repair (2008/R2/Exchange 2007/2017)
  • Fiber Channel setup/troubleshooting, 10GB network setup
  • Cisco firewall, SUSE Professional installation, Check Point firewall
  • Dell switches, Dell SAN (FC/iSCSI)
  • Dell/HP hardware (laptops/servers)
Apr 2009 - Apr 2009
1 month

IT Administrator

Frank-Confections GmbH

  • Configuration and Installation of Server 2003 with multiple Mac OS X clients
Jan 2009 - Present
17 years

Managing Director

Far Galaxy Networks

  • Leading and Managing internal projects using Scrum, Kanban, and Jira
  • Internal Wikis: DocuWiki, migration to xWiki
  • In-house Web, Exchange, and File Servers, Chocolatey, PowerShell
Oct 2008 - Mar 2009
6 months

System Administrator

IT-IS AG / Haak-Saheem GmbH

  • Windows Server Configuration, ISA Server Configuration
  • Installation and Configuration of RedHat Linux
Jan 2007 - Dec 2007
1 year

Network Support, System Administration

Level5 Media GmbH

  • Network Support, System Administration
  • FreeBSD Load Balancer, OpenBSD Firewall, Linux Load Balancing
  • Sendmail, BIND DNS, Apache, MySQL
  • HP Switches, Cisco Switches
  • Hardening and Securing BSD and Linux Systems
  • English Communication with Network Support Technicians in the Netherlands
Apr 2006 - Present
19 years 9 months

Linux Systems Administrator

Netextend GmbH

  • Debian Linux Systems
  • Nagios Monitoring
  • IDS with Snort or Astaro Firewall Appliance
Apr 2006 - Dec 2010
4 years 9 months
Austria

Linux Web Server Administrator

Flashlabs Österreich

  • Linux web server configuration and troubleshooting
Mar 2006 - Present
19 years 10 months

Network, Server & System Administration

4C Group AG

  • Network, client and server support
  • Windows 2003/2008/R2, Exchange 2003/2007, FreeBSD
  • Windows clients (Windows 7, XP, 2000, Vista)
  • Cisco PIX/ASA firewall, Catalyst switches, etc.
  • VMWare ESX (virtual infrastructure), Citrix Xenserver, Citrix Xen-App, Citrix VDI
  • Dell servers (2950, 2900, …), Dell PowerVault MD 3000i/3600i, Cisco ASA/PIX, MPLS network
  • Planning and testing phase and rollout of Windows XP, migration to Windows 7 client with special Centertools DriveLock encryption and security policy
  • Windows Server 2003/Exchange 2003 migration to Server 2008 (R2)/2012 R2/Exchange 2010/2013
  • SQL Server 2000 migration to SQL Server 2005/2008/2008 R2/2012/2014 and SQL Server 2008 R2
  • SharePoint 2010
  • PBX configuration (Astra system, Siemens, Asterisk)
  • DATEV (TS setup)
  • Active Directory migration from 2003 to 2008 (R2) and 2012
  • System Center Essentials 2010, then upgrade project from SCE 2010 to SCCM 2012 (distribution and packaging)
  • OpenStack evaluation using a test system (installation/configuration/optimization)
  • AWS cloud implementation/automation, Airwatch
  • Extreme/Enterasys switch network management, Netsight
  • JITSI/JIBRI
Mar 2006 - Present
19 years 10 months

Linux server configuration, client support

Performance Factory GmbH

  • Linux server configuration
  • Client support for Windows and Mac workstations
Mar 2006 - Mar 2008
2 years 1 month

Network & Server Support

Media Solutions GmbH

  • Network and server support
  • Windows 2003, Exchange 2003
  • ISA Server 2000 and 2006
  • VMWare Server (GSX Server)
  • Nagios monitoring, Webtrends 8/SDC
  • Apache, Linux (RedHat, Debian)
Mar 2006 - Mar 2006
1 month
Estonia

Linux Support

Kairosenterprises OÜ

  • Linux support
  • Bind nameserver configuration
  • Postfix mail server
Feb 2006 - Dec 2014
8 years 11 months
Munich, Germany

Network & Server Support, Project Management

Compleo AG

  • Network and server support
  • RedHat/CentOS Linux mail server and project management
Nov 2005 - Dec 2008
3 years 2 months
Frankfurt, Germany

SuSE Linux Support

Spieletips GmbH

  • SuSE Linux support
  • Nortel AD300/400 switches load-balancing setup
Sep 2005 - Dec 2011
6 years 4 months
Zürich, Switzerland

Gentoo Linux Server Support

E-Devinvent GmbH

  • Gentoo Linux server support
  • Juniper/Cisco/HP/Zyxel managed switches, Cisco ASA firewall
  • OpenBSD load-balancing setup with HAProxy, Nginx, Apache, Lighttpd, Bind
  • MySQL and PostgreSQL including cluster setup, iSCSI setups, NFS, failover management (SAN)
  • Dell Intel/HP/Ratitan hardware
  • OpenX configuration and setup
  • Xen hypervisor, VMware vSphere
  • OpenBSD PF firewall including CARP load-balancing and failover
  • PXE setup, DHCP, PFSense, Open
  • Encrypting tunnels, IPSec Free/Open and Strongswan
  • FreeBSD, KVM virtualization, IPv6 migration
  • CheckPoint firewall, DDoS protection
  • HP-UX and AIX systems
  • NetApp MetroCluster cDot and 7-Mode and EMC ISILON storage systems
  • Tomcat, JBoss, Jetty, Jenkins
  • Introducing Splunk into operations, MODSecurity
  • English communication with technicians and staff in the Netherlands
Nov 2004 - Jan 2005
3 months

Programmer and Administrator

Compusafe Data Systems AG

  • Programming and administration of heterogeneous networks
Mar 2004 - Present
21 years 10 months

Network, Client, Server Support

Rottmanns IT Services

  • Network, client, server support
  • Windows 2003/2008/R2, Exchange 2003/2007, FreeBSD
  • Windows clients (Windows 7, XP, 2000, Vista)
  • Cisco PIX/ASA firewall, Catalyst switches, etc.
  • VMware ESX (Virtual Infrastructure)
  • Dell servers (2950, 2900, …), Dell PowerVault MD 3000i
  • Cisco ASA/PIX, MPLS network
  • Planning/testing phase and rollout of Windows XP migration to Windows 7 clients with special Centertools DriveLock encryption and security policy
  • Windows Server 2003/Exchange 2003 migration to Server 2008(R2)/Exchange 2010
  • SQL Server 2000 migration to SQL Server 2005 and SQL Server 2008 R2
  • SharePoint 2010
  • Telephone system configuration (Astra system, Siemens, Asterisk)
  • DATEV (TS setup)
  • Active Directory migration from 2003 to 2008/R2 and 2012
  • Tomcat, JBoss, Jenkins
  • Exchange Cross-Forest migration (migration from an old defective domain - forest - to a newly created one by exporting and importing databases), adjusting Exchange settings regarding the domain's/forest's
Mar 2004 - Jan 2005
11 months

Programmer and Administrator

MKW GmbH

  • Programming and administration of a heterogeneous network
Feb 2001 - Sep 2004
3 years 8 months

System Server Support, IT Training Preparation

Prokoda Training und Services GmbH

  • Maintenance of system servers and preparation of IT training courses (Windows in all versions, Linux from version 6.4 to 8.2 Professional and Personal, additionally SuSE Linux Enterprise Server 7.0 to 8.0 and SuSE Open Exchange Server)
  • Specific preparation and upgrades of SuSE Linux installations
  • Extreme, Cisco, and HP managed switches
  • AD planning for training courses and preparing AD migration courses
  • AirWatch
  • Extreme and Enterasys switch network management with Netsight
Feb 2001 - Apr 2003
2 years 3 months

Heterogeneous Network Support

Belenus GmbH

  • Support of a heterogeneous network of Windows NT and FreeBSD machines
  • Administration of HP-UX and AIX systems
  • AD administration on Server 2003
Jan 2001 - Mar 2003
2 years 3 months

IT Consultant

Coromandel GmbH

  • Various assignments in heterogeneous networks for different clients (drug counseling, real estate agents, social institutions)
Sep 2000 - Dec 2002
2 years 4 months

Linux Administrator, PHP Programmer

Thinkconnection

  • Linux administration (Red Hat 6.3 to 7.2 and SuSE 6.4 to 7.3) for various clients (event agencies, law firms, tax consultants, investment advisors, German Ski Association)
  • Additional PHP programming on a client web interface for Thinkconnection and for various websites
  • Domino and Lotus Notes
Apr 1999 - Mar 2000
1 year

Perl/PHP Programmer, Linux Server Administrator

Mercateo AG

  • Perl, PHP Programming
  • Linux server administration (SuSE 6.4)
  • Apache log analysis

Summary

  • Installation, configuration, and administration of Windows Server in general, as well as all common Linux distributions and their servers (DNS, SQL, Apache, Tomcat, NginX, SeLinux, etc.)

  • Installation, configuration of MS software SharePoint, AD, PowerShell, Exchange

  • Virtualization, geo-redundancy, Nova, Cinder, OpenStack

  • Backups, recovery, data protection, and encryption

  • Network support, firewall (installation and configuration) and penetration testing, security analysis, Sophos Mobile Control

  • Cloud implementation. MySQL, MariaDB, PostgreSQL, MongoDB. Java, Eclipse, Maven, Git

  • Stress resistant

  • Meticulous

  • Analytical

Languages

German
Native
English
Advanced

Education

Oct 1999 - Jun 2004

Fern University in Hagen

Diploma in Computer Science · Computer Science · Hagen, Germany

Certifications & licenses

LPIC-2

SÜ2

Need a freelancer? Find your match in seconds.
Try FRATCH GPT
More actions

Similar Freelancers

Discover other experts with similar qualifications and experience

Frank E.

DevOps

View Profile
Ales L.

Senior DevOps Consultant (Freelance)

View Profile
Jürgen K.

Cloud & IT Service Management with Azure & ServiceNow (freelance)

View Profile
Alexander W.

Senior IT Consultant

View Profile
Tezcan D.

Solution Architect / Project Manager

View Profile
Bernhard B.

Senior Security Architect - Technical Consultant - Project Manager - Network Engineer

View Profile
Alagi M.

Project Manager & IT Security Architect Logging & Monitoring for QRadar & Splunk, ISO 27001

View Profile
Reza S.

SRE Engineer

View Profile
Jürgen F.

AR/VR/XR Architect

View Profile
Leif S.

Freelance IT Consultant and Software Architect

View Profile
Konstantinos M.

IT System Engineer / Senior Service Desk Consultant

View Profile
Pierre G.

Senior Consultant in Cloud Computing, IT Security, IT Compliance, and Automation Architect

View Profile
Kai H.

Backend Python Engineer

View Profile
Martin G.

Member of the Product Management and Product Owner Team for Private Cloud Platform

View Profile
Christian F.

Architecture Management

View Profile
fratch Part of Bitkom logo
linkedIncrunchbaseyoutube
  • English
  • Deutsch

2025 © FRATCH.IO GmbH. All rights reserved.