Since the beginning of 2024, I have been working once again with RWE Supply & Trading. Within this project, I implemented the group-wide security guidelines for critical infrastructure and cloud-based applications. In preparation, I conducted comprehensive audits, modernised legacy components, and resolved technical debt across several complex frontend and backend systems (Java 21, .NET 9, C#, TypeScript, Angular) used by globally operating trading desks. I aligned these systems with a unified, forward-looking DevSecOps strategy (Azure DevOps, build pipelines, Infrastructure as Code, Terraform, AWS and Azure providers). Subsequently, I significantly advanced and implemented key security areas?threat modelling, encryption, identity & access management, secrets management, backup & recovery, logging & monitoring, and the automation of security controls (including Azure Advanced Security, Orca, AWS Inspector, and Terraform)?for all mentioned applications. The engagement concludes at the end of December, with all objectives achieved and every work package successfully delivered.
After successful implementation, I requested that my position be filled by internal employees. I was involved in the HR process, interviewed suitable candidates, and worked with the product owner to find a viable solution
Strategic, group-wide reporting system for fulfilling all regulatory requirements in the REMIT environment, fully qualified RRM with more than 1,000 clients, > 4 million transactions per year, strict client separation
Consulting OSGi, Java Instrumentation
AOP and Bytecode Manipulation
Connection from Mule ESB and Tibco Business Works to nJAMS
Zertifikat
Fullstack Developer
Software Architect
Hybrid Cloud Solution Architect
Technical Project Lead
Profile:
I am particularly interested in complex architecture and development tasks. I am a full-stack developer (front-end and back-end) with over 25 years of project experience. Daily training enables me to offer state-of-the-art solutions in the areas of Java, Kotlin, microservices, DevOps, and cloud computing. I am characterized by an unconditional will to succeed, pragmatic approaches to solutions, a fast pace of work, an enjoyment of a wide variety of technologies, and an enthusiasm for making a difference as part of a team.
Key Skills
Languages
German | Native
English | fluent / business-proficient
Frameworks
Microservices, Quarkus, Spring Boot, Spring GraphQL, Spring Webflux, Spring Cloud, AxonIQ, Java Microprofile, JEE Container, Apache Camel, Apache Spark, OSGi, Drools, Guvnor, JBPM, Flowable, Lombok, RxJava, ReactiveX, Flyway, Liquibase, JAXB, JPA, Hibernate, Mockito, Spock, Selenium, Pandas, NumPy, PyTorch, Seaborn, LangChain, LangGraph, MCP, RAG
Security
PKI, SAML, OAuth2.0, OpenID Connect 2.0, EntraID, Keycloak, JWT, RBAC, OWASP, BSI, AWS SecurityHub, AWS IAM RolesAnywhere, AWS GuardDuty, AWS Secrets Manager, AWS KMS, AWS Policies and SecurityGroups, AWS Inspector, Azure Key Vault, GitHub Advanced Security for Azure DevOps
Communication Standards
ActiveMQ, Apache Kafka, AWS SQS, AWS STN, REST, GraphQL, OpenAPI, Swagger, SOAP, XML, XSLT, gRPC, Google Protobuf, JSON, GSON, RMI, CORBA, TCP/IP, UDP, DNS, SMTP, IMAP, SSL/TLS, PGP
DevOps
Azure DevOps, AWS CloudWatch, ECS, EC2, CloudMap, Route53, EKS, Orca, SonarQube, JFrog, Nexus, Jenkins, TestNG, Junit, Spock, Cucumber, Mockito, Apache Maven, Gradle, Docker, git, Gitlab, Kubernetes, Helm, Terraform, Ansible
Frontend
Node.js, NPM, PNPM, yarn, eslint, Vite, Vitest, React Router 7, Angular, CSS3, Tailwind 4, shadcn/ui, D3, PWA, SPA, SSR, Storybook, Design Systems
Tools
IntelliJ, WebStorm, VSCode, CLion, PyCharm, Eclipse, Jupyter, Figma, Sparx Systems Enterprise Architect, UML, LeanIX, Prometheus, Grafana
Focus
Software Engineering, Software Architecture, Technische Projektleitung, Entwicklung, Coaching, Reviews, SCRUM, Kanban, Archimate, Arc42, TOGAF
Special Interests
Mathematics (graph theory, statistics, linear algebra), deep learning, DevOps, cloud strategies, identity and access management, cloud security, clean code, agile methods, microservices, UI technologies (WebAssembly with Rust), pragmatic solutions
Certificates
iSQI CPSA-F Software Architect
Stanford University Machine Learning
Neo4j Neo4j Certified Professional
Project Reports
As technical lead and developer, I designed and built the regulatory reporting platform for REMIT reporting of physical and financial energy trading transactions as a SaaS solution for the RWE Group between 2015 and 2022. The platform is a fully certified RRM (Registered Reporting Mechanism), approved by ACER across Europe. Today, all RWE subsidiaries and more than 1,000 trading partners rely on this service.
Afterwards, EnBW AG engaged me to modernise its on-premises reporting infrastructure for the EMIR and REMIT regulatory regimes and to migrate it in alignment with the company?s hybrid cloud strategy (Azure and AWS) from January 2023 onward. Instead of continuing to extract transactions directly from the trading system, we introduced an event-driven microservice architecture using Spring Boot and Kafka to eliminate tight coupling between components.
I also supported Talanx AG in the implementation of its portfolio management platform for institutional clients, gaining deep insights into domain-driven design, event sourcing, and CQRS.
Since the beginning of 2024, I have been working once again with RWE Supply & Trading. Within this project, I implemented the group-wide security guidelines for critical infrastructure and cloud-based applications. In preparation, I conducted comprehensive audits, modernised legacy components, and resolved technical debt across several complex frontend and backend systems (Java 21, .NET 9, C#, TypeScript, Angular) used by globally operating trading desks. I aligned these systems with a unified, forward-looking DevSecOps strategy (Azure DevOps, build pipelines, Infrastructure as Code, Terraform, AWS and Azure providers).
Subsequently, I significantly advanced and implemented key security areas?threat modelling, encryption, identity & access management, secrets management, backup & recovery, logging & monitoring, and the automation of security controls (including Azure Advanced Security, Orca, AWS Inspector, and Terraform)?for all mentioned applications. The engagement concludes at the end of December, with all objectives achieved and every work package successfully delivered.
Since the beginning of 2024, I have been working once again with RWE Supply & Trading. Within this project, I implemented the group-wide security guidelines for critical infrastructure and cloud-based applications. In preparation, I conducted comprehensive audits, modernised legacy components, and resolved technical debt across several complex frontend and backend systems (Java 21, .NET 9, C#, TypeScript, Angular) used by globally operating trading desks. I aligned these systems with a unified, forward-looking DevSecOps strategy (Azure DevOps, build pipelines, Infrastructure as Code, Terraform, AWS and Azure providers). Subsequently, I significantly advanced and implemented key security areas?threat modelling, encryption, identity & access management, secrets management, backup & recovery, logging & monitoring, and the automation of security controls (including Azure Advanced Security, Orca, AWS Inspector, and Terraform)?for all mentioned applications. The engagement concludes at the end of December, with all objectives achieved and every work package successfully delivered.
After successful implementation, I requested that my position be filled by internal employees. I was involved in the HR process, interviewed suitable candidates, and worked with the product owner to find a viable solution
Strategic, group-wide reporting system for fulfilling all regulatory requirements in the REMIT environment, fully qualified RRM with more than 1,000 clients, > 4 million transactions per year, strict client separation
Consulting OSGi, Java Instrumentation
AOP and Bytecode Manipulation
Connection from Mule ESB and Tibco Business Works to nJAMS
Zertifikat
Fullstack Developer
Software Architect
Hybrid Cloud Solution Architect
Technical Project Lead
Profile:
I am particularly interested in complex architecture and development tasks. I am a full-stack developer (front-end and back-end) with over 25 years of project experience. Daily training enables me to offer state-of-the-art solutions in the areas of Java, Kotlin, microservices, DevOps, and cloud computing. I am characterized by an unconditional will to succeed, pragmatic approaches to solutions, a fast pace of work, an enjoyment of a wide variety of technologies, and an enthusiasm for making a difference as part of a team.
Key Skills
Languages
German | Native
English | fluent / business-proficient
Frameworks
Microservices, Quarkus, Spring Boot, Spring GraphQL, Spring Webflux, Spring Cloud, AxonIQ, Java Microprofile, JEE Container, Apache Camel, Apache Spark, OSGi, Drools, Guvnor, JBPM, Flowable, Lombok, RxJava, ReactiveX, Flyway, Liquibase, JAXB, JPA, Hibernate, Mockito, Spock, Selenium, Pandas, NumPy, PyTorch, Seaborn, LangChain, LangGraph, MCP, RAG
Security
PKI, SAML, OAuth2.0, OpenID Connect 2.0, EntraID, Keycloak, JWT, RBAC, OWASP, BSI, AWS SecurityHub, AWS IAM RolesAnywhere, AWS GuardDuty, AWS Secrets Manager, AWS KMS, AWS Policies and SecurityGroups, AWS Inspector, Azure Key Vault, GitHub Advanced Security for Azure DevOps
Communication Standards
ActiveMQ, Apache Kafka, AWS SQS, AWS STN, REST, GraphQL, OpenAPI, Swagger, SOAP, XML, XSLT, gRPC, Google Protobuf, JSON, GSON, RMI, CORBA, TCP/IP, UDP, DNS, SMTP, IMAP, SSL/TLS, PGP
DevOps
Azure DevOps, AWS CloudWatch, ECS, EC2, CloudMap, Route53, EKS, Orca, SonarQube, JFrog, Nexus, Jenkins, TestNG, Junit, Spock, Cucumber, Mockito, Apache Maven, Gradle, Docker, git, Gitlab, Kubernetes, Helm, Terraform, Ansible
Frontend
Node.js, NPM, PNPM, yarn, eslint, Vite, Vitest, React Router 7, Angular, CSS3, Tailwind 4, shadcn/ui, D3, PWA, SPA, SSR, Storybook, Design Systems
Tools
IntelliJ, WebStorm, VSCode, CLion, PyCharm, Eclipse, Jupyter, Figma, Sparx Systems Enterprise Architect, UML, LeanIX, Prometheus, Grafana
Focus
Software Engineering, Software Architecture, Technische Projektleitung, Entwicklung, Coaching, Reviews, SCRUM, Kanban, Archimate, Arc42, TOGAF
Special Interests
Mathematics (graph theory, statistics, linear algebra), deep learning, DevOps, cloud strategies, identity and access management, cloud security, clean code, agile methods, microservices, UI technologies (WebAssembly with Rust), pragmatic solutions
Certificates
iSQI CPSA-F Software Architect
Stanford University Machine Learning
Neo4j Neo4j Certified Professional
Project Reports
As technical lead and developer, I designed and built the regulatory reporting platform for REMIT reporting of physical and financial energy trading transactions as a SaaS solution for the RWE Group between 2015 and 2022. The platform is a fully certified RRM (Registered Reporting Mechanism), approved by ACER across Europe. Today, all RWE subsidiaries and more than 1,000 trading partners rely on this service.
Afterwards, EnBW AG engaged me to modernise its on-premises reporting infrastructure for the EMIR and REMIT regulatory regimes and to migrate it in alignment with the company?s hybrid cloud strategy (Azure and AWS) from January 2023 onward. Instead of continuing to extract transactions directly from the trading system, we introduced an event-driven microservice architecture using Spring Boot and Kafka to eliminate tight coupling between components.
I also supported Talanx AG in the implementation of its portfolio management platform for institutional clients, gaining deep insights into domain-driven design, event sourcing, and CQRS.
Since the beginning of 2024, I have been working once again with RWE Supply & Trading. Within this project, I implemented the group-wide security guidelines for critical infrastructure and cloud-based applications. In preparation, I conducted comprehensive audits, modernised legacy components, and resolved technical debt across several complex frontend and backend systems (Java 21, .NET 9, C#, TypeScript, Angular) used by globally operating trading desks. I aligned these systems with a unified, forward-looking DevSecOps strategy (Azure DevOps, build pipelines, Infrastructure as Code, Terraform, AWS and Azure providers).
Subsequently, I significantly advanced and implemented key security areas?threat modelling, encryption, identity & access management, secrets management, backup & recovery, logging & monitoring, and the automation of security controls (including Azure Advanced Security, Orca, AWS Inspector, and Terraform)?for all mentioned applications. The engagement concludes at the end of December, with all objectives achieved and every work package successfully delivered.