Fragen?
+41 44 511 86 86
Oder schreiben Sie uns:
Anfrage abschicken

Vertrauen Sie auf GULP
TOP Personal Dienstleister 2015 (Focus)
GULP Schweiz AG bester Personaldienstleister 2018
BMEnet Gütesiegel für eSourcing / IT-Dienstleister
IZS Siegel Geprüfte SV-Zahlungen

Fachlicher Schwerpunkt dieses Freiberuflers

Kubernetes & OpenShift - AWS Solution Architecture - Monitoring with Elastic Stack - Cloud Security - Security Monitoring, Consulting, Coaching

gulp_id_picture
Kontaktieren
Available from
May 4, 2020
Availability
100 %
on customer site
80 %
Areas

D4

D5

Cities
Düsseldorf
100 km
Contact Settings

I prefer getting offers for these sites. However, you may also contact me for interesting projects in other places.

Projects

10/2019 - Today

5 months

Cloud Foundation & Governance Workshop

Roles
Consultant
Tasks

Workshop is a Kickoff Event of a Cloud Foundation & Governance Program. Objective is to enable many Development and On-premise operations teams to move smoothly to the Cloud.

Activities

Concepts Presentations, Consulting, Experience Sharing, Recommendations.

Concepts, Techniques

Landing Zone, Continuous Compliance, Automation, DevOps Workflows.

Skills

GCP (Google Cloud Platform)

VPC

VPN

Cloud Storage

GKE (Google Kubernetes Engine)

Cloud Audit Logs

VPC Flow Logs

Event Threat Detection

Cloud Data Loss Prevention

CloudMesh

07/2019 - Today

8 months

Cloud Development

Roles
Cloud DevSecOps Architect
Tasks

Several AWS Cloud Products: AWS Serverless File Orchestration Platform, AWS Config Rules Development, OpenDistro for Elasticsearch, EC2 Metrics Dispatcher, Web Proxy for AWS Elasticsearch, JSON Logging.

Activities

Concept, Architecture, Design, Configuration and Software Development.

Methods, Techniques

Continuous Compliance, Infrastructure as Code, Automated Cloud Configuration and Discovery

Skills

Terraform

Packer

AWS IAM

AWS Glue

AWS EC2

AWS VPC

AWS Lambda (Java)

AWS SDK

AWS SQS

AWS Secret Manager

AWS AMI

Java SFTP API

AWS Config

AWS CloudWatch Metrics/Logs/ Logs Insights

MetricBeat

Logstash

OpenDistro for ElasticSearch

AWS Elasticsearch

Kibana

OpenID Connect

KeyCloak

06/2019 - 07/2019

2 months

Continuous Cloud

Roles
Cloud DevSecOps Architect
Customer
Compliance & Security (PoC)
Tasks

Automating Cloud Compliance Verification, Vulnerability Scanning and Threat Detection. Findings cover: Violated AWS account and workload settings, Violated Network and AWS Cloud Account Access Activities and VM Vulnerabilities. Incorrect Configurations and identified Threats are reported automatically to a SIEM (Security Information & Event Management System).

Activities

High Level Concept, Researching Tools and existing Solutions, PoC implementation, Incident Simulation

Methods, Techniques

Continuous Compliance, Vulnerability Scanning, Threat Detection, Automation, Anomaly Detection, Automated Incident Response

Skills

AWS EC2

AWS VPC

AWS Lambda

AWS GuardDuty

AWS Config

AWS Inspector

AWS Security Hub

AWS CloudTrail

AWS CloudWatch

FunctionBeat

Logstash

ElasticSearch

Ingestion Pipelines

Kibana

01/2019 - 05/2019

5 months

Cloud Governance

Roles
Cloud DevSecOps Architect
Customer
Retail
Tasks

Enabling 100+ Software Solutions’ Teams to natively provision and own Google Cloud Infrastructure and manage Google Projects (Costs & Security) transparently & smoothly.

Activities

Organizational and Technical Concepts, Interviewing Teams and Management, Implementing Proof –of-Concepts (Hybrid Cloud Service Mesh, Dynamic Secret Service for Containers, Dynamic Cloud Cost Distribution,  Project IAM), Terraform Blueprints (Dedicated VPCs, Private GKE, Private Vault Cluster), Consulting, Presenting results to Management, Handing over to Platform Team.

Methods, Techniques

Dynamic Secrets, Service Mesh (Dynamic Discovery, Resilience), Dynamic Microservices Security (Authentication, Authorization & Encryption), E2E Secure Connectivity to On-Premise Services, Cloud Billing Distribution, Google Folder/Projects Management, Roles & Rights in Cloud & Kubernetes, Secure Introduction of Cloud and Micro-Services Clients, Audit Logs.

Skills

Terraform

HashiCorp Vault

Vault Agent (Auto-Authentication & Caching)

HashiCorp Consul

Consul Connect

Istio

Helm

Jira

Confluence

GIT

GitLab CI

Google Cloud: IAM

VPC

GCE

GKE (private cluster)

Network

KMS

ILB

NAT

BigQuery

Stackdriver

11/2018 - 11/2018

1 month

Application Security Workshop

Roles
Trainer, Consultant
Customer
Energy
Tasks

This Workshop presents an Overview to Methods and Tools that enable developing and monitoring Secure Application Software in Docker Platforms (Kubernetes) and Cloud (Amazon Web Services)

Activities

Consulting, Preparation of Workshop materials, Demo, Hands-on Training, Recommendations

Methods, Techniques

Compliance, Threat Modeling, Privacy by Default, Blueprints, Proof-of-Concepts, Security Automation, Network Segmentation, OWASP Top 10, Static & Dynamic Security Testing, Web Penetration Testing, Web App Firewall, Container Firewall, Secret Management, Identity Management, Data Encryption (in Transit & at Rest), Key Rotation, Audit Logs, Events Correlation, Anomaly Detection, Alerting.

Skills

AWS

IAM

Cognito

Lambda

API Gateway

Web Application Firewall

GuardDuty

Certificate Manager

KMS

EC2

S3

Route53

EBS

ELB

CloudTrail

VPC Flow Logs

Cops (Kubernetes)

Calico

KubeAudit

Keycloak

Vault

Consul

Terraform

Vagrant

NeuVector

Elastic Stack

ElastAlert

OWASP ZAP

03/2018 - 10/2018

8 months

Digital (eGovernment) Platform Security

Roles
Security & Technical Solution Architect
Tasks

Social Data Protection, Zero-Trust Security Solution and Self-Audit Framework of a Digital (eGovernment) Platform (OpenShift/Kubernetes and Docker RESTful micro-services). This platform serves social insurance agencies.

Activities

Introducing Zero-Trust Security Solution Architecture, Starting Security Program, Security Risk Assessment with Product Management, Security Concept, Documenting & Prioritizing Security Backlog, Implementing Proof of Concepts, Documentation, Coaching Product Management and Architects & Development Teams, Hand-Over to Product Management,  Development and Operations Teams.

Methods

Cloud Security Alliance Guidance, GDPR, CIS-RAM, CIS Kubernetes & Docker Benchmarks, Dynamic Secrets, Scalable and Secure Access with Vault PKI, OWASP (Open Web Application Security Project), Vulnerability Scanning, Penetration Testing, Secure Software Build Pipeline, Continuous Delivery.

Skills

Docker

OpenShift

HashiCorp Vault

RESTful API

OpenID Connect

SSO

Keycloak

Wildfly

MariaDB

HAProxy

Logstash

ElasticSearch

Beats

Kibana

MariaDB

Jira

GIT

JEE

JMS

JMX

09/2018 - 09/2018

1 month

Vault Practice Workshop (eGovernment)

Tasks

This Workshop trains software developers and DevOps on security concepts (workflows, separation of responsibilities, secret paths, roles, authentication backends, secret backends, and policies). Additionally, the practical part covers static and dynamic  secrets, Vault-Kubernetes authentication backend, Automating PKI (Key/Certificate) Management, Data Encryption.

Methods, Techniques

Security by Design and by Default, Accountability (Audit-Logs), High Availability.

Skills

Hashicorp Vault

Hashicorp Consul

OpenShift/Kubernetes

MariaDB

Nginx

Docker

09/2018 - 09/2018

1 month

Security Analytics Workshop (Aviation)

Roles
Trainer, Consultant
Tasks

This Workshop presents Security Monitoring and Analytics features of Elastic stack. Additionally a tactical analysis methodology is presented to increase analysis efficiency and minimize false positives

Activities

Consulting, Preparation of Workshop materials, Demo, Recommendations

Methods, Techniques

SIEM (Security Information and Event Management) Basics, Tactical Analysis, Anomaly Detection, Alerting, Automated Prioritization and Filtering of Security Events, Minimizing False Positives.

Skills

ElasticSearch

Beats

Logstash

Kibana

Vagrant

Amazon Web Services (EC2

S3

Route53

EBS

ELB)

Kops (Kubernetes)

10/2017 - 03/2018

6 months

Digital (eGovernment) Platform Performance Monitoring

Roles
Technical Solution Architect
Tasks

Process (End2End) & Infrastructure Performance Monitoring Solution to monitor, detect and present performance bottlenecks of an eGovernment (Digital) Platform (OpenShift/Kubernetes and Docker RESTful microservices). This platform serves social insurance agencies.

Activities

Solution Architecture, Performance Monitoring Workshop, Monitoring Concept, Metrics & Logs Collection, Layers Dashboards design and implementation (Process Overview, RESTful API Performance, Docker Containers, Java Virtual Machine, Database Performance), Proof of Concept, Scripting, Deployment, Test, Performance (Metrics/Logs) Analysis and Correlating Events/Bottlenecks, Documentation, Rollout, Coaching and Knowhow Transfer, Handover to development teams.

Methods

Continuous Delivery, Continuous Testing, Continuous Improvement, Event Sourcing, CQRS ( Command Query Responsibility Segregation)

Skills

Docker

OpenShift

OC

JEE

JMS

JMX

RESTful API

WebSocket

OpenID Connect

SSO

Keycloak

Wildfly

MariaDB

HAProxy

Logstash

ElasticSearch

Beats

Kibana

Timelion

Jolokia

MariaDB

JMeter

GIT

12/2017 - 01/2018

2 months

Cloud Data Security (PoC)

Roles
Technical Solution Architect/DevOps Engineer
Tasks

A secure Kubernetes Platform running on-top of AWS infrastructure. Administrative access follows least privilege concept; Data is encrypted; Data integrity, availability and replication controls are implemented   

Activities

Research, Implementation, Integration, Testing

Methods/Benchmarks

AWS Security Best Practices, CIS AWS Foundations Benchmark, CIS Benchmark for Kubernetes, Infrastructure-as-Code

Skills

Tectonic Kubernetes

Kubernetes RBAC

Pod Security Policy

Terraform

Amazon Web Services: S3

IAM

KMS

EC2

EBS

CloudTrail

HashiCorp Vault

07/2017 - 09/2017

3 months

Digital Platform Monitoring

Roles
Technical Solution Architect
Customer
Energy
Tasks

Rollout Elastic stack (ElasticSearch, Logstash, Beats, Kibana) to monitor Digital Platform Infrastructure (Kubernetes and Docker micro-services). This should monitor Docker based (micro-) services that promote & sell energy digital products

Activities

Solution Architecture, Monitoring Workshop, Monitoring & Alerting Concept, Metrics & Logs Collection, Dashboards design and implementation, Proof of Concept, Deployment, Test, Blue Prints, Documentation, Rollout & Handover to product teams.

Methods

Continuous Delivery

Skills

Continuous Delivery

Docker

Kubernetes

Amazon Web Services

CloudWatch

Lambda

Kinesis

DynamoDB

Amazon ElasticSearch

Logstash

ElasticSearch

Elastic Cloud

Beats

Kibana

Timelion

04/2017 - 06/2017

3 months

Docker Swarm

Roles
Technical Solution Architect & DevOps Engineer
Customer
Energy
Tasks

Rollout Docker Swarm to run Docker microservices. This should host and run Docker based (micro-) services that promote & sell energy digital products

Activities

Solution Architecture, Monitoring Concept, Metrics & Logs
Collection with Elastic Beats and Splunk Forwarder, Proof of
Concept, Blue Prints, DevOps Support, Deployment, Test,
Documentation, Rollout & Handover to nearshore Operations
team.

Methods

Continuous Delivery, Scrum

Skills

Continuous Delivery

Scrum

Docker

Docker Swarm

Microsoft Azure

Beats

Splunk

DockerFlow

Apache Web Server

Docker

RESTful API

Beats

Kibana

Gatling

10/2016 - 03/2017

6 months

Digitalization Platform

Roles
Product Owner & Solution Architect
Customer
Energy
Tasks

Project aims at deploying and operating a Docker and WebApps cluster. It creates and implements operations model in addition to functional-, management-, monitoring and security requirements of a Cloud Platform. This should host and run Docker based (micro-) services to promote sell energy digital products.

Activities

Leading DevOps Team, Roadmap definition, Release & Sprint Planning, Grooming, Research, Solution Architecture, Blue Prints, Consulting, Monitoring Concept with Elastic Beats, Implementation, Test, Documentation.

Methods

Continuous Delivery, Scrum, Scrumban, Kanban

Skills

Continuous Delivery

Scrum

Scrumban

Kanban

Community & Enterprise DC/OS

Mesos

Marathon

Docker Swarm

DockerFlow

MS Azure

Docker

RESTful API

Vault (HashiCorp)

Amazon Web Services

Splunk

Ansible

ElasticSearch

Beats

Kibana

03/2016 - 09/2016

7 months

E-Commerce & IoT Digitalization Platform

Roles
DevOps Team Lead & Coach
Tasks

An online marketplace to sell digital contents that is used by kitchen machines. It serves about 1.5 million users worldwide

Activities

Guiding and leading a DevOps team in operating, maintaining and developing a Global Component. Managing Functional & Operational Requirements Backlog. Grooming & Planning. Tracking & Reporting to different Streams & Management. Organizing with several other teams

Methods

Scrumban, Kanban, SAFe (Scaled Agile Framework), Continuous Delivery, Agile Metrics, Predictability, Agile Forecasting

Skills

Scrumban

SAFe (Scaled Agile Framework)

Continuous Delivery

Products

Polarion

Jira

Jenkins

Docker

AWS (Amazon Web Services)

Hazelcast

Eureka

Nagios

Logstash

Kibana

Elastic Search

Hystrix

Grafana

Java

Spring Framework

Nginx

Telegraf

InfluxDB

Redis.

12/2015 - 01/2016

2 months

Agile Metrics Workshop

Roles
Trainer, Consultant
Customer
Steel Manufacturing
Tasks

This Workshop aims at increasing Predictability and shorten delivery cycle times. The ultimate goal is to avoid guessing and systematically make accurate Agile Forecasting with proven methodologies.

Activities

Consulting, Preparation of Workshop materials, Recommendations

Skills

Kanban

Little Law

Analysis with Cumulative Flow Diagram

Cycle Time Scatterplots

and Cycle Time Histogram

Projections

Simulations with SimML

Percentile based Forecasting

01/2015 - 12/2015

1 year

Migrating E-Learning Portal to Docker Containers Cloud

Roles
Project Manager, Cloud Architect
Tasks

Migration of an E-Learning platform that offers live and on-demand courses to professionals and students

Activities

Dockerizing Big Bundles Concept & Implementation

Orchestration Concept, Design & Implementation: Resiliency, Discovery, Automatic Configuration

Skills

Kanban

Docker

Mesos

Marathon

Consul

Elastic Search

04/2015 - 08/2015

5 months

Java 8 Rollout

Roles
Technical & Management Consultant
Customer
Energy
Tasks

Java Virtual Machines of more than 90 Java Applications (used by 4000+ employees) must upgrade to Java 8. This should resolve many security and concerns of missing support of older JVMs

Activities

Planning, Rollout coordination, Reporting

01/2015 - 03/2015

3 months

Health Insurance Portal

Roles
Interim Development Manager / Product Owner / Agile Coach
Tasks

A new generation Health Insurance Portal that enables officers to find information about insured persons much faster than the classic way.

Activities

Leading Development Teams, Coaching Scrum Masters, Product Owners & Teams, Introducing Self Organization & LeSS Practices, Organizing & Leading Retrospectives

Skills

Scrum

Scaling with LeSS (Large Scale Scrum)

JEE

01/2012 - 11/2014

2 years 11 months

Forming & Leading Development & Operations teams, Continuous Deployment Concept, Managing External Suppliers, Coordinating the DevOps activities, Coaching Scrum Masters, Coaching the product Owner

Roles
Project Manager, Solution Architect, Agile Coach
Customer
Traffic Information Portal
Tasks

Traffic Information Portal for the German Federal State North Rhine-Westphalia. This portal should enable car drivers, public transport passengers and bike rider to plan their directions and to get up-to-date and personalized information about traffic and possible delays in normal roads, high ways and public transport

Skills

Scrum-ban (Scrum + Kanban)

Liferay

JEE

Spring Framework

KVM

10/2010 - 07/2011

10 months

Agile Project Manager & Coach, Architect

Roles
Agile Project Manager & Coach, Architect
Customer
Promotion Definition Cockpit
Tasks

Promotion Definition Cockpit is a web application that automates and enhances marketing campaigns of a major mobile telecommunications provider in Germany.

Skills

Scrum

J2EE

Spring Framework

04/2010 - 01/2011

10 months

Customer Link DB & SIDCOM Mapper

Roles
Sub Project Manager, Agile Consultant
Tasks

CPCOM is a program that automates and enhances customer’s ordering processes of a major mobile & landline telecommunications provider in Germany

Skills

Hybrid (Scrum + Waterfall)

Tibco

J2EE

XML

XSL

09/2008 - 09/2009

1 year 1 month

Performance, Reliability & Serviceability Concept, Design & Implementation

Roles
Solution Architect, Consultant, Software Developer
Customer
Subscriber Profile Management
Tasks

MyCommunity is a program that integrates the subscriber’s social media contacts into his internet address book served by a major mobile & landline telecommunications provider in Germany

Skills

Waterfall

Spring Framework

Hibernate

06/2006 - 02/2008

1 year 9 months

Reliability & Serviceability Concept, Design & Implementation, Operations Support

Roles
Solution Architect, Consultant, Software Developer
Customer
Internet Surf Portal
Tasks

WebSessions is a mobile surf portal that enables prepaid subscribers to surf the internet right after payment. This portal has many interfaces to external & internal services. It enables a major mobile telecommunications provider in Germany to increase revenue of data services from prepaid customers.

Skills

Waterfall

Spring Framework

Hibernate

03/2006 - 08/2006

6 months

Solution Architect, Consultant, Software Developer, Operations Support

Roles
Solution Architect, Consultant, Software Developer, Operations S
Customer
SMS Handler
Skills

Waterfall

J2EE

Kannel (SMS Gateway)

11/2002 - 10/2005

3 years

Quality Gate for Resilience & Reliability, Developing Interfaces to new Data Services, Operations Support

Roles
Architect, Software Developer
Customer
General Service Provisioning
Skills

Waterfall

J2EE

JMS

SonicMQ

Weblogic

08/2004 - 06/2005

11 months

Negotiating/Coordinating Solutions with internal & external suppliers

Roles
Performance & Availability Manager
Customer
Global Intranet Operations
Tasks

Defining Performance, Availability & Serviceability Requirements for new Portal Software & Services

Finding Solutions for Status quo Problems

Skills

Profiling

JProfiler

Architecture Blueprints

Industries

  • Energy
  • E-Commerce
  • Telecommunications
  • Public Sector
  • Manufacturing
  • Insurance

Skills

Products / Standards / Experiences
Amazon ElasticSearch
Amazon Web Services
Apache Web Server
Beats
CloudWatch
Continuous Delivery
Docker
Docker Swarm
DockerFlow
DynamoDB
Elastic Cloud
ElasticSearch
Gatling
Kibana
Kinesis
Kubernetes
Lambda
Logstash
Microsoft Azure
RESTful API
Scrum
Splunk
Timelion

Practical Experiences 

  • Cloud Governance – Organization, Concept & Technologies.
  • Infrastructure-as-Code and Blueprints in AWS and GCP with Terraform and GitLab-CI. 
  • Service Mesh & Microservices Security with Consul Connect, Vault and Kubernetes.
  • Low-/Zero-Trust Security Microservices Architecture with Kubernetes, OpenShift & Vault. 
  • Monitoring (Availability & Performance) of Microservices on OpenShift & Kubernetes with Elastic Stack (Elasticsearch, Kibana, Beats, Logstash). 
  • Agile Methods: Scrum & Kanban.
  • DevOps Team Leadership/Management/Coaching.
  • Digitalization Product Ownership, Agile Project Management, Kanban, Scrum, LeSS (Large Scale Scrum), Agile Metrics, Agile Predictability, User Story Mapping. 
  • Cloud Security Alliance Guidance, GDPR, CIS-RAM (Risk Assessment Method), CIS Kubernetes & Docker Benchmarks, OWASP.
Language Skills
English
fluent
German
fluent
Key Aspects
  • Multi-Cloud Automation, Monitoring & Security (AWS, GCP, On-Premise & Kubernetes).
  • Concept & Implementation of Resilient & Scalable Cloud/Digital Platforms.
  • Cloud Governance Models - High Level Concepts & Technical Implementation.
  • Service-Mesh of Microservices and Legacy Applications.
  • Serverless Application Security.
Comments

Publications and Talks (on request)

Education and Training

01/2005 - 11/2009

4 years 11 months

Administration

Certification
Master of Business Administration
Institute
University of Wales

10/1989 - 06/1994

4 years 9 months

Telecommunications & Electro Physics

Certification
Bachelor of Science in Telecommunications & Electro Physics
Institute
Faculty of Engineering, University of Alexandria

Training History

Training & Certificates

09/2019 

Mitigating Security Vulnerabilities on Google Cloud Platform

 

07/2019

Elastic Vulnerability Risk Management

 

06/2019

AWS Certified SysOps Administrator Associate

09/2018                        

Security Onion 101

07/2018

SIEM with Tactical Analytics - sans.org

 

05/2018

Ansible for Amazon Web Services

 

03/2018

Cloud Security Knowledge (CCSK) - CCSK V4 PLUS

 

02/2018

AWS Solutions Architect – Associate 2018

 

01/2018

Terraform - Beginner to Advanced

 

11/2017

AWS Security Specialty 2018

 

04/2017

Elastic Security

 

11/2016

Elastic Logging

04/2016

Amazon Web Services Architecture

09/2015

Kanban Ace
Certified Kanban Ace Trainer (Agilelion Institute)

02/2015

LeSS (Large Scale Scrum)
Certificate Certified Less Practitioner (The LeSS Company B.V.)

08/2014

Kanban Ace Coach
Certificate Certified Kanban Ace Coach (Agilelion Institute)

05/2014

Certified SAFe Agilist

04/2014

Kanban Ace Practitioner (Agilelion Institute)

08/2010 – 07/2012

Executive Training: Perception, Communications, Team Development, Feedback, Conflict Management, Leadership, Stress Management & Burnout.

04/2012

Passionate Product Ownership
Certificate Certified Scrum Product Owner (Scrum Alliance)

09/2011

Qualification to Certified Scrum Professional
Certificate Certified Scrum Professional (Scrum Alliance)

03/2010

Scrum in depth
Certificate Certified Scrum Master (Scrum Alliance)

Kontaktieren