Go to Website
  • en
  • de

Sebastian F.

Managing Director

Munich, Germany

Experience

Apr 2024 - Dec 2024
9 months

System Administration & DevOps

F-I-TS

  • Windows application migration
  • Windows Server 2022/2025, DHCP, Active Directory trust and reconfiguration, GPO management
  • Cloud service automation
  • Firewall/network management, debugging
Jan 2024 - Oct 2024
10 months

DevOps Engineer & Solutions Architect

SAB (Sächsische Aufbau Bank)

  • Linux application and OS operation (RedHat/Jenkins/JIRA/Bitbucket/Nexus/SonarQube)
  • Kubernetes support on a Kubeadm basis and OpenShift
  • Database support (PostgreSQL/Oracle)
  • Linux administration: OpenShift, Kubeadm, Docker, Docker Compose, Podman, containerization, Jenkins, Bitbucket, Jira, Confluence, GitLab, Nexus
Aug 2023 - Present
2 years 2 months

DevOps Engineer

Hessische Zentrale für Datenverarbeitung (HZD)

  • Rancher, RKE2, Elastic Stack, Longhorn, HashiCorp Vault, GitLab, GitLab Runner, GitLab Pipelines, GitLab API, Kyverno, OpenShift, Terraform, Ansible, shell scripting, Python scripting
  • Network management, software-defined networking
  • ITSM Remedy, VMware vCenter
Aug 2023 - Jan 2024
6 months

Linux / DevOps Engineer

Infineon Technologies AG

  • Windows/Linux Docker (container) build, CLI tools, OpenShift
  • Linux kernel/driver compilation
  • Automation for container integration
  • Horizon VDI automation
  • Tekton
Feb 2023 - Aug 2023
7 months

DevOps Engineer & Solutions Architect

Blacknet

  • Operation of OpenStack and Kubernetes platform
  • Platforms/tools used: Ceph Storage, OpenStack Zed/Antelope, Kubernetes K3s and RKE2, ELK Stack, Nextcloud, ownCloud oCIS, GitLab (Community/EE)
Jan 2023 - Oct 2023
10 months

Security Architect / Engineer

Bundes-Cloud Access Management

  • PAM procedures and requirements management
  • Cloud-native PAM
  • Identity and Access Management (IAM)
Jan 2023 - Oct 2023
10 months

Network / DevOps Engineer

LBBW

  • Azure Cloud Networking, Azure CLI
  • IPSEC tunneling, tunnel encryption
  • Fortinet Fortigate and Checkpoint firewall, FortiAnalyzer and FortiManager
Jan 2023 - Jun 2023
6 months

Network / DevOps Engineer

ITSG

  • Support for HashiCorp Vault and OpenShift topics, Layer 7 ingress routing
  • Process automation with Ansible/GitLab/Terraform
  • Pod Security Admission
  • Network policies
  • Software-defined networking (Cisco ACI and VMware NSX)
  • mTLS with mutual authentication
  • Kubernetes multi-cluster solutions, Operator Framework
Oct 2022 - Feb 2024
1 year 5 months

DevOps Engineer & Solutions Architect

BG Phoenics

  • Ansible deployment, creation of Ansible scripts
  • Installation and maintenance of AWX (Ansible Tower OSS)
  • Deployment of automated K3S Kubernetes services with Jenkins, Terraform, Ansible, Git (Bitbucket)
Jul 2022 - Sep 2023
1 year 3 months

Network / DevOps Engineer

FashionDigital/Peek-Cloppenburg

  • Google Cloud Platform, VMware vSphere 6.7 / 8.0
  • Migration of on-prem VMware environment to GCP VMware Hosted
  • Migration with VMware HCX
  • Network management with VMware NSX and NSX-T
  • Windows application migrations
  • Terraform builds on GCP, GitHub
Jul 2022 - Dec 2022
6 months

DevOps Engineer / Architect

Infineon Technologies AG

  • Defined, implemented and set up a deliverable Linux software development environment for fast start-up and system harmonization for all users (e.g. virtualization, containerization)
  • Automated and managed host types to apply defined configurations and orchestrations (Ansible, API, ...)
  • Analyzed several market options for software development virtualization (VirtualBox, Vagrant, etc.) in terms of functionality, maintenance and performance
  • Selected and implemented client base images
  • Implemented and documented procedures to define self-managed IT base client images
  • Defined an IT standard service for software teams to scale their Linux regression farms, including all connections to VM/VDI requests and management
  • Set up a VM refresh triggered by the user/CI for Windows clients, including support for Windows Docker, WSL2
Feb 2022 - Apr 2022
3 months

DevOps Engineer

DB Cargo

  • Migrated OpenShift application deployment from version 4.3 to 4.9
Jan 2022 - Jun 2022
6 months

DevSecOps Engineer

CompuGroup Medical

  • Implemented a service mesh with Istio
  • Set up an ELK stack with security (SSL/TLS) to provide secured Elasticsearch and new APM functionality
  • Deployed ELK stack on Kubernetes
  • Configuration maps, ArgoCD deployment, demo deployment
  • Implemented and demonstrated HashiCorp Vault
  • Designed and built development systems using Helm charts
Nov 2021 - Feb 2022
4 months

DevOps Engineer

1&1 / IONOS

  • Proxmox virtualization, Debian Linux, CLI tools, Ceph, Ansible automation
  • Tekton
Feb 2021 - Sep 2021
8 months

DevOps Engineer + Architect

NordLB

  • Kubernetes architecture, Layer 7 ingress routing
  • Automated CI/CD, GitLab, GitHub
  • Implemented HashiCorp Vault with Kubernetes External Secrets
  • IT security mitigation in Kubernetes setup
  • Azure architecture, Azure cloud migration to on-premises Kubernetes
  • Gardener
  • Pod Security Admission, Kyverno
  • CLI tools
Feb 2021 - Jun 2021
5 months

Network & Linux System Engineer

Unbelievable Machine

  • Juniper SRX and Juniper switches
  • GitOps with ArgoCD, Harbor, Kafka
  • Fortinet FortiGate firewall management and configuration
  • FortiAnalyzer and FortiManager
Nov 2020 - Aug 2021
10 months

DevOps Engineer

DTAG (Deutsche Telekom)

  • Implementing CI/CD pipelines, Ansible, AWX/Ansible Tower, CLI tools, GitLab CI/CD, Jenkins/BlueOcean, Docker, Docker Compose
  • Kubernetes RKE setup
  • Deployment automation with Ansible/Helm, AWX/Ansible Tower
  • Creating and updating solution and service concepts according to the Service Development Framework (SEF and EPDF)
  • Collaborating on aligning, documenting, and approving solution and service concepts with operations teams and their service architects
  • Contributing to defining a solution approach and a service boundary
  • Involved in defining and performing solution tests, as well as preparing for solution deployments and migrations when needed
  • Participating in defining and executing service RFCs until the service is accepted as Ready4Service
  • Database design
Sep 2020 - Jul 2022
1 year 11 months

DevSecOps Engineer

Allianz Technology, PKI

  • ACME2 service and HashiCorp Vault plugin development and implementation
  • HashiCorp Vault cloud management and automation
  • ServiceNow, CMDB
  • DogTag PKI, Boulder CA, Go development, Kubernetes/Rancher, Docker, Docker Compose, architecture
  • Collaborating on aligning, documenting, and approving solution and service concepts with operations teams and their service architects
  • Contributing to defining a solution approach and a service boundary
  • Involved in defining and performing solution tests, as well as preparing for solution deployments and migrations when needed
  • Participating in defining and executing service RFCs until the service is accepted as Ready4Service
  • xWiki, database design, CMDB
May 2020 - Sep 2020
5 months

Network / System Architect

IBM ePA

  • System architecture, network management, project organization, IT security
  • Keycloak, multi-cluster Kubernetes / IBM Cloud, CLI tools, Puppet, Layer7 ingress routing, Operator framework
  • Pod Security Admission
  • Juniper SRX firewall, network policies and IKS (IBM Kubernetes Service) cluster management and IT security/infrastructure architecture
  • HCI, SDDC, vSAN, NSX
  • Software-defined networking (Cisco ACI and VMware NSX)
  • mTLS with mutual authentication
  • Harbor, Git, GitOps with ArgoCD
  • IBM Rational Synergy
  • JSON, YAML
  • Setting up, maintaining, and running CI/CD and continuous deployment pipelines for Java
  • Shell, Python, and Perl programming
  • Proxmox, CMDB
  • Package managers: apt, yum, zypper
  • Identity and access management (IAM)
Mar 2020 - Nov 2020
9 months

Network Engineer + SRE Engineer

Verivox

  • Fortinet FortiGate administration/configuration, FortiAnalyzer, FortiManager, and F5 load balancer
  • HashiCorp Vault
  • SDN-based network management
  • Logstash / Kibana
  • Google Cloud
Feb 2020 - Apr 2023
3 years 3 months

System & Network Administrator & Solutions Architect

Precigen Bioinformatics Germany GmbH (PBG)

  • Elastic Search, Windows system administration, system infrastructure and architecture
  • Network management, IT security, IDS/IPS
  • Linux, Tomcat system administration
  • Docker, Docker containers, Kubernetes, Ansible, OpenShift
  • NetAPP MetroCluster cDot and 7-Mode and EMC ISILON storage systems
  • Linux engineer, RHEL, 2nd/3rd level support
  • HCI, SDDC, vSAN, NSX
  • PAM procedures and requirements management, cloud-native PAM
  • Proxmox, Citrix XenServer, Citrix XenApp, Citrix VDI
  • Checkpoint, JITSI/JIBRI, xWiki
  • Database design
  • Firefox configuration via policies, deployment automation and SCCM distribution
  • VMware NSX / software-defined networking skills
  • TrendMicro DeepSecurity: maintenance, updates, installation, configuration and support tickets including handling VMware NSX topics
  • HashiCorp Vault
  • Harbor, Git, GitOps with ArgoCD
  • Setup, maintenance, operation of CI/CD and continuous deployment pipeline for Java
  • Java programming, XML, CMDB
  • Sonatype Nexus, SonarQube
  • PHP and JavaScript programming
  • Package managers: apt, yum, zipper, CLI tools
Dec 2019 - Mar 2020
4 months

Network & Security Engineer

Vermop Salmon GmbH

  • NetAPP MetroCluster cDot and 7-Mode
  • Network management, planning, configuration and documentation of designs with CISCO and NetExtreme switches/APs and firewalls
  • Management of CISCO ASA, CISCO NG firewalls and Checkpoint hardware
  • CISCO SD network management (ACI)
Sep 2019 - Nov 2019
3 months

Cloud & DevOps Engineer

Donner und Reuschel

  • Zscaler integration / Azure cloud migration, Azure cloud on premise
  • McAfee WebGateway, Checkpoint
Jul 2019 - Dec 2020
1 year 6 months

System & Security Administrator

STEP

  • Server support, network management
  • Administration of Server 2012(R2) / Exchange 2010 / Hyper-V 2012R2 (failover cluster)
  • PowerShell, SCCM
  • SonicWall firewall NSA 220
  • Security monitoring (penetration testing)
  • Server monitoring based on Zabbix
  • Active Directory planning, design and implementation
  • System infrastructure and architecture
  • OS patching
May 2019 - Mar 2023
3 years 11 months

DevOps Engineer & Solutions Architect

DB Netz AG

  • Ansible, Ansible Tower
  • Load balancers (loadbalancer.org, HAProxy, Nginx, routed)
  • Kubernetes multi-cluster solutions, Puppet, Operator Framework
  • JSON, YAML
May 2019 - Oct 2019
6 months

DevOps Engineer + Linux System Engineer

Robert Bosch

  • Kubernetes services, Layer7 Ingress routing
  • Jenkins, Docker, CI/CD pipeline, Ansible, architecture
  • OpenShift
  • Virtualization, Linux architecture and engineering, RHEL, CLI tools
May 2019 - Sep 2019
5 months

Security Architect & DevOps Engineer

Airplus Servicekarten GmbH

  • Microsoft Azure cloud implementations, Azure architecture, migration from on-premise to Azure cloud, Azure CLI, AKS (Azure Kubernetes Service)
  • PKI (Istio, EJBCA, Microsoft PKI), PCI compliance, documentation
  • Jenkins implementation, Terraform, Terraform Azure, IT security consulting
  • Fortinet, HashiCorp Vault
  • Monitoring with Prometheus / CheckMK, Logstash / Kibana
  • System infrastructure and architecture
  • Linux engineer, CLI tools, RHEL, 2nd/3rd level support
  • McAfee Web Gateway
Mar 2019 - Present
6 years 7 months

DevOps Engineer & Solutions Architect / Architect

ITZBund

  • Build, maintenance, and operation of CI/CD and continuous deployment pipelines
  • CLI tools, Java, Jenkins
  • Kubernetes multi-cluster management with ICP (IBM) and OCP (Red Hat), Gardener, Layer7 Ingress routing
  • Docker, Docker containers, Puppet, OpenShift
  • Automation of processes with zOperator Framework
  • Apache Maven
  • Azure architecture, on-premise Azure cloud
  • PAM procedures and requirements management, cloud-native PAM
  • Creation of Helm charts and repository management (Helm charts / container images) with Harbor
  • Atlassian JIRA/Confluence, Git, GitOps implementation with Argo CD
  • Tekton
  • Java and JavaScript programming, XML, JSON, YAML, Groovy scripting
  • Kyverno
  • Sonatype Nexus, SonarQube, Trivy
  • BSI IT baseline protection
  • Identity and Access Management (IAM)
  • Geo-redundancy
  • Logstash / Kibana
  • Linux engineer, RHEL, 2nd/3rd level support
  • Database design
  • Network policies
Oct 2018 - Feb 2020
1 year 5 months

SysAdmin & DevOps Engineer & Solutions Architect

Intrexon Biotechnology Germany GmbH (IBG)

  • CMDB, Elasticsearch
  • System administration, system infrastructure, and architecture
  • Network management, IT security
  • Linux system administration, Linux engineer, RHEL, packaging Debian packages
  • Windows and Apple Mac administration
  • VoIP with FusionPBX and Asterisk
  • Firewall administration based on pfSense
  • Debugging and customizing Active Directory configuration, PowerShell
  • Migration of AD to Server 2008 R2, connecting Mac/Windows/Linux clients to AD 2008 R2
  • Connecting / installing / configuring LDAP based on OpenLDAP
  • Firefox configuration via policies, deployment automation and SCCM distribution
  • Penetration testing
  • NetApp MetroCluster cDot and 7-Mode, and EMC Isilon storage systems
  • Security review and network hardening, data protection compliance audit
  • Implementation of a Windows-based PKI on Server 2008 R2
  • JBoss, GlassFish, Jenkins, Tomcat
  • KVM-based virtualization
  • Test runs with IBM Tivoli Identity Management (ITIM), Dell/Quest Identity and Access Management (IAM), ForgeRock OpenIDM/OpenDJ
  • Docker implementation for software encapsulation
  • Nova, Cinder, OpenStack / cloud implementation, Azure cloud, Azure architecture
  • On-premise migration to AWS
  • Chef server deployment implementation
  • Puppet environment, Ansible and script-based automation
  • PAM procedures and requirements management, cloud-native PAM, CLI tools
  • Security review and network hardening, penetration testing, IDS/IPS, Metasploit / Wireshark / OpenVAS, DefectDojo, Docker implementation
  • Monitoring with Zabbix / ELK stack / Prometheus
  • 2nd / 3rd level support, Cisco SD network management (ACI)
  • HCI, SDDC, vSAN, NSX
  • Database design
  • VMware NSX / software-defined networking skills
  • Trend Micro Deep Security: maintenance, updates, installation, configuration and support tickets including VMware NSX topics
  • PHP programming
  • Package managers: apt, yum, Zypper
May 2018 - Nov 2018
7 months

DevOps Engineer

Automotive BMW

  • Ansible, OpenShift, Nova, Cinder, OpenStack, REST API
  • Shell and Python programming, automation and Elasticsearch
  • ForgeRock stack: OpenIDM / OpenAM / LDAP
  • Database design
Mar 2018 - Jul 2018
5 months

Storage Engineer

Bausparkasse Schwäbisch Hall

  • Adjusting Icinga and Icinga plugins for Hitachi Storage
  • NetApp MetroCluster cDot and 7-Mode and EMC Isilon storage systems
Jan 2018 - Jun 2018
6 months

Network & DevOps Engineer

ITZ Bund

  • OpenShift deployment, Kubernetes
  • Backend cloud computing / microservices via containerization
  • JSON, YAML
  • Nova, Cinder, OpenStack, vCenter/KVM virtualization
  • Ansible automation, CLI tools, Docker, Docker containers
  • Helm, Harbor, GitOps with ArgoCD, Atlassian Jira
  • Linux support, networking
  • Prometheus/Zabbix monitoring, F5 load balancer configuration
  • Elasticsearch
  • AppSene DesktopNow Plus, Ivanti Workspace Manager
  • PAM procedures and requirement management, cloud-native PAM
  • Tekton
  • Linux engineer, RHEL, 2nd/3rd level support, CISCO SDNetwork Management (ACI)
  • Logstash / Kibana
  • BSI basic protection
  • Identity and Access Management (IAM)
Oct 2017 - Oct 2017
1 month

Network & DevOps / Server Engineer

Cataneo GmbH

  • Cisco ASA firewall, Puppet, Tomcat, Apache, Apache Maven
  • Proxmox KVM virtualization, Linux CentOS
  • AWS cloud implementation/automation
  • JSON, YAML
Sep 2017 - Aug 2018
1 year

DevOps Engineer

VW: Data Science

  • Platform migration to the Open Telekom Cloud
  • System and IT security architecture, planning, customization, and concept for implementation
  • Creation of architecture documentation according to TOGAF
  • Development and update of solution and service concepts according to the Service Development Framework (SEF and EPDF)
Jun 2017 - May 2018
1 year

DevOps & System Administration

Deutsche Post

  • Cassandra and MySQL configuration and performance optimizations in a cloud environment
  • Puppet, Elasticsearch
  • Monitoring analysis for oversight with Grafana and Graylog
  • JSON, YAML
Jun 2017 - Jun 2017
1 month
Munich, Germany

Network & System Administration & Solutions Architect

4C München

  • Attended a four-week Baramundi training
  • Supported Baramundi Application, Deployment / Patch Management project
  • McAfee Webgateway, Checkpoint
  • AWS cloud implementation / automation
  • Citrix XenServer, Citrix XenApp, Citrix VDI
  • Zscaler configuration and SCCM
  • Firefox configuration using policies, deployment automation and SCCM distribution
  • AirWatch
  • Extreme / Enterasys switch network management, NetSight
  • Cognos BI and Cognos Analytics administration
  • Jitsi / Jibri
  • VMware NSX / software-defined networking
Jan 2017 - Jun 2018
1 year 6 months

Network & DevOps Engineer

ITDZ Berlin

  • OpenShift deployment, Kubernetes multi-cluster, Operator Framework
  • Backend cloud computing / microservices via containerization
  • Nova, Cinder, OpenStack, vCenter/KVM virtualization
  • Ansible automation, Docker, Docker containers
  • Helm, Harbor, GitOps with ArgoCD, Atlassian Jira, Logstash / Kibana
  • Linux support, networking, software-defined networking (e.g. Cisco ACI Fabric)
  • Prometheus / Zabbix monitoring, F5 load balancer configuration
  • Elastic Search
  • AppSene DesktopNow Plus, Ivanti Workspace Manager
  • Linux engineering, CLI tools, RHEL, 2nd / 3rd level support, Cisco SDN management (ACI)
  • Database design, Keycloak
  • JSON, Yaml
Dec 2016 - Dec 2016
1 month

Network, Security & Solutions Architect

InterWorXs GmbH

  • Network and server support, DDoS protection
  • Linux / Unix, CLI tools, FreeBSD
  • Cisco ASA, Catalyst switches, NAS / iSCSI storage
  • OpenX administration and performance tuning
  • NetApp MetroCluster cDot and 7-Mode and EMC Isilon storage systems
  • Sophos UTM, Sophos Mobile Control
  • Security hardening on Linux and kernel level
  • Customization and compiling of the Linux kernel
  • JBoss, Apache, Apache Maven
  • English communication with developers from India and Pakistan
  • KVM-based virtualization, Nova, Cinder, OpenStack installation / management
  • Docker implementation for software solutions
  • Chef server implementation, building a private cloud
  • Research and testing with AWS regarding service outsourcing (modularity / flexibility / cost)
  • Splunk implementation / trials
  • Checkpoint firewall configuration and automation, Kafka
  • System / infrastructure architecture, ModSecurity
  • Jitsi / Jibri, AirWatch
  • Zabbix monitoring and Icinga
  • Linux engineering, RHEL, 2nd / 3rd level support
Jun 2016 - Apr 2017
11 months

DevOps & Linux Engineer

IBM / Talanx

  • Working based on ITIL
  • RedHat Enterprise Linux 6.x / 7.x (RHEL), RedHat IdM
  • Commvault, Git (GitLab), CLI tools, Harbor, IBM Rational Synergy, CMDB, RES Automator, SCCD / Maximo
  • Bash / Perl / Python / Jython programming, JSON
  • Puppet, Jenkins, Chef server infrastructure, Ruby / Chef cookbook development
  • VCO (VMware Orchestrator), vRealize deployment / automation
  • HCI, SDDC, vSAN, NSX
  • Nova, Cinder, OpenStack development / implementation
  • Checkpoint firewall configuration and automation
  • System / infrastructure architecture
  • Zscaler configuration
  • Zabbix monitoring
  • 2nd / 3rd level support
  • Domino and Lotus Notes
  • Shell, Python and Perl programming, GitOps with ArgoCD
  • Building, maintaining, operating CI/CD and continuous deployment pipeline for Java
  • Package manager: apt, yum, zipper
Jan 2016 - Oct 2016
10 months

System & Security Admin

Barmherzige Brüder Reichenbach

  • Firewall and IT security consulting/support for Juniper SRX firewall
  • Connecting Reichenbach to various other sites of the Barmherzige Brüder with different hardware (Sophos UTM, Sophos Mobile Control, Checkpoint firewall, Palo Alto firewall, WatchGuard, various L3 routers – HP, Cisco, etc.)
  • Troubleshooting and setup of Skype-for-Business configuration and hardening
Mar 2015 - Apr 2019
4 years 2 months

DevOps & Network Engineer & Service Offering Manager

IBM / Allianz

  • System / infrastructure architecture
  • SOM (Service Offering Manager), team leader, software tester
  • Work with Remedy and SM7 as ticketing systems, following ITIL processes
  • Linux engineer, CLI tools, RedHat IdM, RedHat Enterprise Linux (RHEL)
  • JBoss5/6, Apache 2.4, Maven
  • Commvault, shell and Python programming, Git, Subversion, Helm, Harbor, GitOps with ArgoCD
  • IBM Rational Synergy, CMDB
  • RedHat JON Manager / server / client, JBoss/Apache development
  • Puppet, Jenkins, Terraform, RES automation
  • AppSene DesktopNow Plus, Ivanti DSM, Workspace Manager, SCCD/Maximo, JBoss-Manager, MRPX
  • Apache, Apache Maven
  • vFiler/NetApp and EMC ISILON storage systems
  • Bash/Perl/Python/Jython programming, JSON
  • IBM Tivoli Monitoring (ITM) / Bluecare and IBM Tivoli Identity Management (ITIM)
  • Citrix Xenserver, Citrix Xen App, Citrix VDI
  • VCO (VMWare Orchestrator), vRealize deployment/automation
  • Nova, Cinder, OpenStack development, Jenkins, Chef server development
  • AWS cloud implementation/automation, AWS pattern architecture
  • Backend Cloud Computing / Microservices via Containerization
  • Software-defined networking (CISCO ACI and VMWare NSX)
  • Fortinet Fortigate, FortiAnalyzer, FortiManager, Checkpoint firewall configuration and automation
  • Shell, Python, PHP and Perl programming
  • Netscaler configuration, Elastic Search
  • NetApp Metro Cluster cDot and 7-Mode, Airwatch
  • 2nd/3rd Level Support
  • Domino and Lotus Notes
  • HCI, SDDC, vSAN, NSX, xWiki
  • Hashicorp Vault, Keycloak
  • Setup, maintenance, operation of Java CI/CD and continuous deployment pipeline
  • Package Manager: apt, yum, zipper
  • Identity and Access Management (IAM)
Mar 2014 - Jul 2019
5 years 5 months

Network & System Admin

Gruppe Nymphenburg Team Schuster GmbH

  • Server support, network management
  • Administration of Server 2012(R2) / Exchange 2010 / Hyper-V 2012R2 (failover cluster)
  • Powershell, SCCM
  • SonicWall Firewall NSA 220
  • Security monitoring (penetration testing)
  • Server monitoring based on Zabbix
  • Active Directory planning / design and implementation
  • System architecture and infrastructure
Mar 2014 - Dec 2014
10 months

System Administrator

Merkur / TZ

  • Implementation and installation of Linux based on CentOS/RedHat
  • Integration of Linux and LDAP via PAM interface
  • Setup of GIT version control system and GitLab
  • Implementation and setup of a mail gateway appliance based on Postfix/AMAVIS/SpamAssassin (used elements: ClamAV, AVG, Procmail, CBPolicyd, Amavis, SpamAssassin, various blacklists), including test runs and replacement of the old system
  • LVM management, DNS (Bind), DHCP, Apache/Nginx
  • Configuration of Solaris systems
  • Jenkins, JBoss, Tomcat, Icinga / Nagios management / configuration
  • Docker installation / setup / management
  • IBM Tivoli Identity Management (ITIM)
Oct 2013 - Oct 2018
5 years 1 month

Infrastructure & DevOps Engineer & Solutions Architect

Genomatix GmbH/AG

  • System/infrastructure architecture, Elastic Search, Talend, system administration
  • Network management, IT security
  • Linux system administration, Linux engineer, RedHat IdM, RHEL packaging, Debian packages, CLI tools
  • Windows and Apple Mac administration
  • VoIP with FusionPBX and Asterisk
  • Firewall administration based on PFSense
  • Debugging and adjustment of Active Directory configuration
  • Migration of AD to Server 2008 R2, integration of Mac / Windows (Chocolatey) / Linux clients to AD 2008 R2
  • Integration / installation / configuration of LDAP based on OpenLDAP
  • Powershell, SCCM
  • Firefox configuration via policies, deployment automation and SCCM distribution
  • Penetration testing
  • NetApp Metro Cluster cDot and 7-Mode and EMC ISILON storage systems
  • Security review and network hardening, data protection compliance review
  • Implementation of a Windows-based PKI on Server 2008 R2
  • JBoss, Glassfish, Jenkins, Tomcat
  • Virtualization based on KVM
  • Test runs with IBM Tivoli Identity Management (ITIM), Dell/Quest Identity and Access Management (IAM), ForgeRock OpenIDM/OpenDJ
  • Docker implementation for software encapsulation
  • Nova, Cinder, OpenStack/Azure cloud implementation and deployment, Kubernetes
  • Azure cloud, on-premise migration to AWS
  • Chef server deployment implementation
  • Puppet environment
  • Monitoring with Zabbix / Icinga / ELK Stack
  • Ansible and script-based automation
  • Security review and network hardening, penetration testing, IDS/IPS, Metasploit / Wireshark / OpenVAS, DefectDojo
  • Docker implementation, Docker containers, OpenShift
  • MOD Security, Airwatch
  • 2nd/3rd Level Support
  • HCI, SDDC, vSAN, NSX
  • JITSI/JIBRI
  • TrendMicro DeepSecurity: maintenance, updates, installation, configuration, and support tickets including handling VMWare NSX topics
  • Atlassian JIRA / Confluence
  • Hashicorp Vault
  • Setup, maintenance, operation of Java CI/CD and continuous deployment pipeline
  • Sonatype Nexus, Sonarqube, XML, CMDB
  • Package Manager: apt, yum, zipper
Oct 2013 - Feb 2014
5 months

System Administrator

Leiter & Cie GmbH

  • Implementation of an LDAP infrastructure based on OpenDC
  • Integration of LDAP into web servers, firewall hardware, and various web applications
  • OpenDJ, Splunk evaluation
Apr 2013 - Sep 2023
10 years 6 months
Munich, Germany

System/Network/Security Engineer

Hospital of the Merciful Brothers (KBBM)

  • Implementation or migration of Astaro Firewall from Symantec Enterprise Firewall V8.0
  • Network, server and user support, network infrastructure based on fiber connection
  • Security analysis, penetration testing, Linux kernel and system hardening, troubleshooting
  • Citrix XenServer, Citrix XenApp, Citrix VDI
  • Active Directory and Exchange integration issues (clean-up), upgrading Active Directory from 2003 to 2008R2, migrating Exchange from 2003 to 2010
  • Migration of Astaro FW Gatedefender 425 to Sophos UTM 425, Sophos Mobile Control
  • Penetration testing and security analysis using Metasploit, Wireshark, OpenVAS, Nessus and various tools, including custom Python programming and scripts
  • JBoss, Tomcat, Jetty, Jenkins, WebSphere, Splunk
  • Familiarization regarding service takeover
  • System/infrastructure architecture
  • Netscaler configuration, AirWatch
  • Extreme/Enterasys switch network management, NetSight
  • HCI, SDDC, vSAN, NSX
  • VMware NSX / software-defined networking knowledge
  • Trend Micro Deep Security: maintenance, updates, installation, configuration and support ticket handling, including VMware NSX topics
Oct 2012 - Apr 2017
4 years 7 months

SysAdmin & Security Engineer

German Society for International Cooperation GmbH (GIZ)

  • SonicWall configuration, setting up VPNs, creating gateways, server configuration
  • Tunnel encryption
  • Linux system replication (HA)
  • Design and configuration of LDAP infrastructure and authentication / firewall integration
  • Implementation of a PKI based on EJBCA as root CA system and Windows (2008R2, 2012/R2) as subordinate CA
  • Deployment of PKI certificates across the company infrastructure in the required branches
  • Evaluation of IBM Tivoli Identity Management (ITIM) and Dell/Quest Identity and Access Management (IAM)
  • Docker implementation for Java in-house development for SMS broadcast distribution
  • Splunk deployment (customization, configuration)
  • Java and JavaScript programming, XML
Sep 2012 - Sep 2012
1 month
Dubai, United Arab Emirates

Lecturer

German Society for International Cooperation GmbH (GIZ)

  • Conducting a training/orientation workshop (SonicWall N240)
Jun 2012 - Jun 2012
1 month

Network & Security Admin

IC Consult GmbH

  • Juniper firewall and VPN appliance SA 700
  • Windows Server environment
  • Linux (Debian, CentOS, Red Hat, Ubuntu, SELinux), Solaris (Sun Blade)
  • Cisco ASA 5501, Astaro Firewall SG240
  • Atlassian Jira/Confluence, OpenVPN
  • SSL certificate creation and CA management, tunnel encryption
  • DATEV (TS setup)
  • PKI on EJBCA and Windows certificate authorities based on Windows 2008R2 and 2012/R2
  • Kernel modifications, compiling and hardening the kernel, configuring kernel-based auditing functions
  • Upgrading Active Directory structure to Server 2008R2 / 2012, Group Policy configuration based on 2012 AD
  • Implementation of LDAP based on OpenDC and OpenLDAP
  • Penetration testing and security analysis with Metasploit, Wireshark, OpenVAS, Nessus and many other tools, including custom Python scripts
  • IBM Tivoli Identity Management (ITIM), Dell/Quest Identity and Access Management (IAM), ForgeRock OpenIDM/OpenDJ
  • Nova, Cinder, OpenStack implementation, outsourcing support for Azure Cloud
  • Zscaler configuration
Apr 2012 - Apr 2013
1 year 1 month

SysAdmin & Programmer

Bücher.de

  • Bash/PHP programming, scripting
  • Webserver, MySQL and Oracle administration
Apr 2012 - Apr 2012
1 month

System & DevOps Engineer

Society for Patient Assistance

  • Creation of RPM packages, compatibility testing
  • Server and system maintenance from Linux CentOS 5.8 to CentOS 6
  • Creation of a CentOS 6 template base machine
  • Creation of a new ICINGA instance based on V1.11.0 from originally 1.0.x
  • Configuration of Astaro firewall (site-to-site VPN, routing, mail security, firewall rules, NAT)
  • Kernel compilation, system and kernel hardening, compiling and adjusting drivers
  • Programming and creation of Bash, Perl, Python scripts
  • SVN implementation with AD integration
  • Installation/maintenance of Subversion / Icinga / Apache / Postfix / vCenter (vSphere)
  • Configuration and implementation of Subversion with LDAP authentication
  • Icinga/Nagios installation/configuration/management
  • JBoss, Websphere
  • Implementation of Chef server and Puppet environment comparison, deployment of Chef server environment
Apr 2012 - Apr 2012
1 month

Project Consultant

Sebastian Fohler

  • Installation of automated DNS server on Linux basis (Debian)
  • Recovery of dedicated Windows Server 2008 R2 (SVN, JIRA, Fisheye, MSSQL, MySQL)
  • Setting up new system and backup
Oct 2011 - Apr 2012
7 months

Project Consultant

Sebastian Fohler

  • Rollout of Windows 7 and full disk encryption using DriveLock
Apr 2011 - Dec 2016
5 years 9 months

SysAdmin & Linux Engineer

Perfect Staff GmbH

  • Setup of HA storage based on SLES 10 with Heartbeat
  • Compilation of Linux drivers and adjustment of the base kernel
Apr 2011 - Sep 2011
6 months
Munich, Germany

Infrastructure & Network Engineer

Hospital of the Merciful Brothers (KBBM)

  • Astaro firewall implementation or migration from Symantec Enterprise Firewall V8.0
  • Network, server, and user support, network infrastructure based on fiber connectivity
  • Security analysis, penetration testing, IDS/IPS, Linux kernel and system hardening, troubleshooting
  • Citrix XenServer, Citrix XenApp, Citrix VDI
  • Active Directory and Exchange integration errors (clean-up), PowerShell
  • Upgrading Active Directory from 2003 to 2008R2, migrating Exchange from 2003 to 2010
  • Migration of Astaro FW GateDefender 425 to Sophos UTM 425, Sophos Mobile Control
  • Penetration testing and security analysis with Metasploit / Wireshark / OpenVAS / Nessus and many other tools and custom Python programming and scripts
  • JBoss, Tomcat, Jetty, Jenkins, WebSphere, Splunk
  • Onboarding regarding service takeover
  • System and infrastructure architecture
  • Netscaler configuration, AirWatch
  • Extreme/Enterasys switch network management, NetSight
  • HCI, SDDC, vSAN, NSX
  • VMware NSX/software-defined networking knowledge
  • TrendMicro Deep Security: maintenance, updates, installation, configuration, and support tickets including handling VMware NSX topics
Jan 2011 - Sep 2011
9 months

Project Consultant

Sebastian Fohler

  • Concept for a Windows 7 client (Office 2010)
  • Preparation for deployment in conjunction with MS WDS/MDT and DriveLock
Oct 2010 - Dec 2014
4 years 3 months
Munich, Germany

System Administration

Ximantix GmbH

  • Windows Server 2003/2008/R2, Windows 7/XP clients
  • Hyper-V virtualization
  • 2010 ISA Server 2006
  • Active Directory design and setup
  • JBoss management
Sep 2010 - Jun 2021
10 years 10 months

Network & System Administration

Nick Hartmann Consultants GmbH & Co. KG

  • Network and server support
  • Cisco ASA, Windows Server 2008, Exchange 2007, HP switches
  • Windows Server 2008/R2, Windows 7/Vista/XP clients, Exchange 2007, SCCM, PowerShell
  • Firefox configuration via policies, deployment automation and SCCM distribution, Chocolatey
  • PowerShell, Cisco ASA, Panda Antivirus, Trend Micro Antivirus
  • VMware Server/ESXi, Hyper-V
  • Windows XP and Server 2003 migration to Windows 7 and Server 2008/Exchange 2007
  • SQL Server 2005
  • Active Directory migration and redesign based on Windows Server 2012 R2
  • Hyper-V failover/replica setup
  • JBoss on Windows
  • System/infrastructure architecture
  • AD concept planning/implementation, migration of the AD from 2008 to 2012/R2, cleanup of Server 2008 AD implementation after migration to 2012 R2
  • Astra phone system configuration
  • Exchange cross-forest migration (migration from an old, broken domain/forest to a newly created one, by exporting and importing databases, adjusting Exchange settings regarding the domain/forest)
  • Splunk evaluation
  • AirWatch
Sep 2010 - Dec 2016
6 years 4 months
Spain

Network & System Administration

Crossworxs S.L.

  • Network and server support
  • Linux/Unix, FreeBSD
  • Cisco ASA, Catalyst switches
  • NAS/iSCSI storage
  • OpenX administration and performance optimization
  • NetApp MetroCluster cDot and 7-Mode, EMC Isilon storage systems
  • Sophos UTM, Sophos Mobile Control
  • Security hardening on Linux and kernel level
  • Customization and personalization (compiling) of Linux kernel
  • DDoS protection
  • JBoss, Apache
  • English communication with developers from India and Pakistan
  • KVM-based virtualization, Nova, Cinder, OpenStack installation/management
  • Docker implementation for software solutions
  • Chef server implementation, building a private cloud
  • Research and testing with AWS regarding offloading services (modularity/flexibility/costs)
  • Splunk implementation/test runs
  • Apache Cassandra, Hadoop, CouchDB, Nginx, pfSense, OPNSense
  • Backend cloud computing/microservices via containerization, Kafka
  • System/infrastructure architecture, ModSecurity, AirWatch
May 2009 - Dec 2014
5 years 8 months

IT Engineer

Dell Inc. / Perfect Staff GmbH

  • vSphere v3.x–v5.x
  • WatchGuard firewall, network analysis
  • Windows Server/mail setup/repair (2008/R2/Exchange 2007/2017)
  • Fiber Channel setup/troubleshooting, 10GB network setup
  • Cisco firewall, SuSE Professional installation, Check Point firewall
  • Dell switches, Dell SAN (FC/iSCSI)
  • Dell/HP hardware (laptops/servers)
Apr 2009 - Apr 2009
1 month

IT Administrator

Frank-Confections GmbH

  • Configuration and installation of Server 2003 with multiple Mac OS X clients
Jan 2009 - Present
16 years 9 months

Managing Director

Far Galaxy Networks

  • Leading and managing internal projects using Scrum, Kanban, and Jira
  • Internal wikis: DocuWiki, migration to xWiki
  • In-house web, Exchange, and file servers, Chocolatey, PowerShell
Oct 2008 - Mar 2009
6 months

System Administrator

IT-IS AG / Haak-Saheem GmbH

  • Windows Server configuration, ISA Server configuration
  • Installation and configuration of Red Hat Linux
Jan 2007 - Dec 2007
1 year

Network Support, System Administration

Level5 Media GmbH

  • Network support, system administration
  • FreeBSD load balancer, OpenBSD firewall, Linux load balancing
  • Sendmail, Bind DNS, Apache, MySQL
  • HP switches, Cisco switches
  • Hardening and securing BSD and Linux systems
  • Communication in English with network support technicians in the Netherlands
Apr 2006 - Present
19 years 6 months

Linux Systems Administrator

Netextend GmbH

  • Debian Linux systems
  • Nagios monitoring
  • IDS with Snort or Astaro Firewall appliance
Apr 2006 - Dec 2010
4 years 9 months
Austria

Linux Web Server Administrator

Flashlabs Austria

  • Linux web server configuration and troubleshooting
Mar 2006 - Present
19 years 7 months

Network, Server & System Administration

4C Group AG

  • Network, client, and server support
  • Windows 2003/2008/R2, Exchange 2003/2007, FreeBSD
  • Windows clients (Windows 7, XP, 2000, Vista)
  • Cisco PIX/ASA firewall, Catalyst switches, etc.
  • VMware ESX (Virtual Infrastructure), Citrix XenServer, Citrix XenApp, Citrix VDI
  • Dell servers (2950, 2900, …), Dell PowerVault MD3000i/3600i, Cisco ASA/PIX, MPLS network
  • Planning/testing phase and rollout of Windows XP, migration to Windows 7 client with specialized Centertools DriveLock encryption and security policy
  • Windows Server 2003/Exchange 2003 migration to Server 2008(R2)/2012R2/Exchange 2010/2013
  • SQL Server 2000 migration to SQL Server 2005/2008/2008R2/2012/2014 and SQL Server 2008 R2
  • SharePoint 2010
  • PBX configuration (Astra system, Siemens, Asterisk)
  • DATEV (TS setup)
  • Active Directory migration from 2003 to 2008/R2 and 2012
  • System Center Essentials 2010, then upgrade project from SCE 2010 to SCCM 2012 (deployment and packaging)
  • OpenStack evaluation via test system (installation/configuration/optimization)
  • AWS cloud implementation/automation, AirWatch
  • Extreme/Enterasys switch network management, NetSight
  • Jitsi/Jibri
Mar 2006 - Present
19 years 7 months

Linux Server Configuration, Client Support

Performance Factory GmbH

  • Linux server configuration
  • Client support for Windows and Mac workstations
Mar 2006 - Mar 2008
2 years 1 month

Network & Server Support

Media Solutions GmbH

  • Network and server support
  • Windows 2003, Exchange 2003
  • ISA Server 2000 and 2006
  • VMware Server (GSX Server)
  • Nagios monitoring, WebTrends 8/SDC
  • Apache, Linux (Red Hat, Debian)
Mar 2006 - Mar 2006
1 month
Estonia

Linux Support

Kairosenterprises OÜ

  • Linux support
  • Bind nameserver configuration
  • Postfix mail server
Feb 2006 - Dec 2014
8 years 11 months
Munich, Germany

Network & Server Support, Project Management

Compleo AG

  • Network and server support
  • RedHat/CentOS Linux mail server and project management
Nov 2005 - Dec 2008
3 years 2 months
Frankfurt, Germany

SuSE Linux support

Spieletips GmbH

  • SuSE Linux support
  • Nortel AD300/400 switch load-balancing setup
Sep 2005 - Dec 2011
6 years 4 months
Zürich, Switzerland

Gentoo Linux server support

E-Devinvent GmbH

  • Gentoo Linux server support
  • Juniper/Cisco/HP/Zyxel switches (managed), Cisco ASA firewall
  • OpenBSD load balancing setup with HAProxy, Nginx, Apache, Lighttpd, Bind
  • MySQL and PostgreSQL including cluster setup, iSCSI setups, NFS, failover management (SAN)
  • Dell Intel/HP/Ratitan hardware
  • OpenX configuration and setup
  • Xen hypervisor, VMWare vSphere
  • OpenBSD PF firewall including CARP load balancing and failover
  • PXE setup, DHCP, PFSense, Open
  • Encryption of tunnels, IPSec Free/Open and Strongswan
  • FreeBSD, KVM virtualization, IPv6 migration
  • CheckPoint firewall, DDoS protection
  • HP-UX and AIX systems
  • NetAPP MetroCluster cDot and 7-Mode and EMC Isilon storage systems
  • Tomcat, JBoss, Jetty, Jenkins
  • Splunk introduction into operations, MOD Security
  • English communication with technicians and staff in the Netherlands
Nov 2004 - Jan 2005
3 months

Programmer and Administrator

Compusafe Data Systems AG

  • Programming and administration of a heterogeneous network
Mar 2004 - Present
21 years 7 months

Network, client, and server support

Rottmanns IT Services

  • Network, client, and server support
  • Windows 2003/2008/R2, Exchange 2003/2007, FreeBSD
  • Windows clients (Windows 7, XP, 2000, Vista)
  • Cisco PIX/ASA firewall, Catalyst switches, etc.
  • VMWare ESX (Virtual Infrastructure)
  • Dell servers (2950, 2900, …), Dell PowerVault MD 3000i
  • Cisco ASA/PIX, MPLS network
  • Planning/test phase and rollout of Windows XP migration to Windows 7 clients with special Centertools DriveLock encryption and security policy
  • Windows Server 2003/Exchange 2003 migration to Server 2008 (R2)/Exchange 2010
  • SQL Server 2000 migration to SQL Server 2005 and SQL Server 2008 R2
  • SharePoint 2010
  • Telephone system configuration (Aastra system, Siemens, Asterisk)
  • DATEV (TS setup)
  • Active Directory migration from 2003 to 2008/R2 and 2012
  • Tomcat, JBoss, Jenkins
  • Exchange cross-forest migration (migration from an old defective domain/forest to a newly created one by exporting and importing the databases), adjustment of Exchange settings regarding the domain/forest
Mar 2004 - Jan 2005
11 months

Programmer and Administrator

MKW GmbH

  • Programming and administration of a heterogeneous network
Feb 2001 - Sep 2004
3 years 8 months

System Server Support, IT Training Preparation

Prokoda Training und Services GmbH

  • Support of system servers and preparation of IT training (Windows in all versions, Linux from version 6.4 to 8.2 – Professional and Personal, SuSE Linux Enterprise Server 7.0 to 8.0 and SuSE Open-exchange Server)
  • Specifically preparation and upgrades of SuSE Linux installations
  • Extreme, Cisco, and HP managed switches
  • AD planning for training courses, preparation of AD migration courses
  • Airwatch
  • Extreme/Enterasys switch network management, Netsight
Feb 2001 - Apr 2003
2 years 3 months

Heterogeneous Network Support

Belenus GmbH

  • Support of a heterogeneous network of Windows NT and FreeBSD machines
  • Administration of HP-UX and AIX systems
  • AD management based on Server 2003
Jan 2001 - Mar 2003
2 years 3 months

IT Consultant

Coromandel GmbH

  • Various projects in heterogeneous networks for different clients (drug counseling, real estate agents, social institutions)
Sep 2000 - Dec 2002
2 years 4 months

Linux Administrator, PHP Programmer

Thinkconnection

  • Linux administration (RedHat 6.3 – 7.2 and SuSE 6.4 – 7.3) for various clients (event agencies, law firms, tax consultants, investment advisors, German Ski Association)
  • Additionally PHP programming for a client web interface for Thinkconnection and for various websites
  • Domino and Lotus Notes
Apr 1999 - Mar 2000
1 year

Perl/PHP Programmer, Linux Server Administrator

Mercateo AG

  • Perl, PHP programming
  • Linux server administration (SuSE 6.4)
  • Analysis of Apache logs

Summary

  • Installation, configuration, and administration of Windows Server in general, as well as all common Linux distributions and their servers (DNS, SQL, Apache, Tomcat, NginX, SELinux, etc.)

  • Installation and configuration of MS software SharePoint, AD, PowerShell, Exchange

  • Virtualization, geo-redundancy, Nova, Cinder, OpenStack

  • Backups, recovery, data protection, and encryption

  • Network support, firewall (installation and configuration) and penetration testing, security analysis, Sophos Mobile Control

  • Cloud implementation. MySQL, MariaDB, PostgreSQL, MongoDB. Java, Eclipse, Maven, Git

  • Stress-resistant

  • Meticulous

  • Analytical

Languages

German
Native
English
Advanced

Education

Oct 1999 - Jun 2004

Fern University in Hagen

Diploma in Computer Science · Computer Science · Hagen, Germany

Certifications & licenses

LPIC-2

SÜ2

Need a freelancer? Find your match in seconds.
Try FRATCH GPT
More actions

Similar Freelancers

Discover other experts with similar qualifications and experience

Frank E.

DevOps

View Profile
Alexander W.

Senior IT Consultant

View Profile
Christian F.

Architecture Management

View Profile
Konstantinos M.

IT System Engineer / Senior Service Desk Consultant

View Profile
Ales L.

Senior DevOps Consultant (Freelance)

View Profile
Florian B.

Jitsi - Video conferencing system with AI-powered simultaneous translation (Prototype)

View Profile
Jürgen F.

AR/VR/XR Architect

View Profile
Patrick E.

Freelancer | Kubernetes Expert (Kubestronaut) | Cloud Engineer

View Profile
Tezcan D.

Solution Architect / Project Manager

View Profile
Jens R.

System Architect, Enterprise Architect

View Profile
Reza S.

SRE Engineer

View Profile
Alagi M.

Project Manager & IT Security Architect Logging & Monitoring for QRadar & Splunk, ISO 27001

View Profile
Martin G.

Member of the Product Management and Product Owner Team for Private Cloud Platform

View Profile
Pierre G.

Senior Consultant in Cloud Computing, IT Security, IT Compliance, and Automation Architect

View Profile
Andreas S.

Lead Developer

View Profile
fratch Part of Bitkom logo
linkedIncrunchbaseyoutube
  • English
  • Deutsch

2025 © FRATCH.IO GmbH. All rights reserved.