Offenbach am Main (+200km) Frankfurt am Main (+200km)
Deutschland, Schweiz, Österreich
möglich
Projekte
Projekte
1 year 4 months
2025-01 - now
Implemented API security policies
Senior IT Consultant
Senior IT Consultant
Implemented API security policies (authentication, authorisation, access control) using Azure API Management (APIM), ensuring compliance with GDPR and regulatory security standards.
Integrated security quality gates into Azure DevOps CI/CD pipelines, incorporating automated security checks and SonarQube-aligned static code analysis practices into the deployment lifecycle.
Conducted CVE analysis and vulnerability assessments on migrated APIs and infrastructure components, deriving and implementing practical mitigation measures.
Implemented AIOps-aligned observability and application security monitoring stack (Azure Monitor, Log Analytics, Application Insights) for proactive anomaly detection and incident response
Automated secure infrastructure provisioning using Terraform (IaC) and Ansible, enforcing security baseline configurations across Azure cloud environments.
Produced structured security documentation covering threat assessments, API configurations, compliance requirements and operational runbooks ? ensuring clear knowledge transfer across teams
Acted as central technical security liaison between development, network and security teams ? coordinating Secure-by-Design principles and security requirements across the platform migration project
Embedded Secure-by-Design and Secure Coding best practices across the full development lifecycle of a GDPR-compliant enterprise platform (Java/Spring Boot) serving BMW, Mercedes-Benz, Porsche, Lloyds Bank and Telefonica
Conducted source code analyses and SonarQube SAST scans on every build, proactively identifying and remediating security vulnerabilities (CVE analysis) in direct collaboration with development teams
Performed OWASP ZAP DAST testing against platform APIs and web interfaces, interpreted scan results and derived practical mitigation options discussed directly with developers
Conducted application threat modelling sessions, assessing feasibility and proportionality of security measures in alignment with OWASP Top 10 and BSI IT Baseline Protection principles
Translated abstract GDPR and security compliance requirements into concrete, development-ready technical tasks ? acting as the central liaison between the security working group and engineering teams
Integrated OWASP Dependency Check into GitLab CI/CD pipelines for continuous software composition analysis (SCA) and third-party vulnerability tracking
Implemented authentication, authorisation and RBAC mechanisms (Spring Security, Keycloak, OAuth2/OpenID Connect) ensuring secure API access and identity management across microservices
Established automated end-to-end testing (Selenium/JUnit/Mockito) and enforced quality gates via SonarQube, achieving 80% test coverage and consistent security baseline across releases
Operated Kubernetes clusters (Argo CD) with Datadog and Application Insights for application security monitoring, alerting and anomaly detection; handled incidents with full RCA documentation
Planned and conducted practical secure coding training sessions for the development team, covering OWASP Top 10, common vulnerability patterns and secure API design
Drove DevSecOps practices including GitLab CI/CD pipeline hardening, AWS infrastructure provisioning via Terraform, and automated security task execution using Ansible
BusyLamp GmbH
Germany
1 year 10 months
2018-12 - 2020-09
Implemented enterprise-grade authentication and authorisation solutions
Full Stack Senior Developer
Full Stack Senior Developer
Implemented enterprise-grade authentication and authorisation solutions (Spring Security, OAuth2) across regulated banking platforms, ensuring compliance with strict security and access control requirements.
Designed and integrated REST APIs and enterprise system interfaces, ensuring interoperability and data consistency across distributed financial platforms.
Worked extensively with identity-related integration patterns including token-based authentication, session management and secure API access in high-security banking environments.
Collaborated directly with client security, architecture and business teams to analyse requirements, document solutions and ensure successful knowledge transfer.
Drove DevOps adoption (Jenkins, Maven, Git, CI/CD) and contributed to technical leadership, architecture reviews and developer mentoring across multiple client engagements.
European Central Bank (ECB), CACEIS Investors Services, Toronto Dominion (TD) Bank
Frankfurt, Munich, Germany, London, Canada
12 years 4 months
2006-09 - 2018-12
Implemented enterprise-grade authentication and authorisation solutions
Full Stack Senior Developer
Full Stack Senior Developer
Implemented enterprise-grade authentication and authorisation solutions (Spring Security, OAuth2) across regulated banking platforms, ensuring compliance with strict security and access control requirements
Designed and integrated REST APIs and enterprise system interfaces, ensuring interoperability and data consistency across distributed financial platforms
Worked extensively with identity-related integration patterns including token-based authentication, session management and secure API access in high-security banking environments
Collaborated directly with client security, architecture and business teams to analyse requirements, document solutions and ensure successful knowledge transfer
Drove DevOps adoption (Jenkins, Maven, Git, CI/CD) and contributed to technical leadership, architecture reviews and developer mentoring across multiple client engagements
European Central Bank (ECB), CACEIS Investors Services, Toronto Dominion (TD) Bank
Frankfurt, Munich, Germany, London, Canada
Aus- und Weiterbildung
Aus- und Weiterbildung
finance (IT) Master?s degree in finance (IT)
CERTIFICATIONS:
AWS Certified Cloud Practitioner
Post Graduate Diploma in Computer Application (PGDCA)
Certified Scrum Master (CSM)
Certified DevOps Master
Sun Certified Java Programmer and Web Component Developer
Results-driven Senior Software Engineer and Security Specialist with over 15 years of experience delivering enterprise-grade distributed systems across banking, legal tech, and utilities sectors. Proven hands-on expertise in DevSecOps practices, Secure-by-Design principles, and application security ? including SAST (SonarQube), DAST (OWASP ZAP), CVE analysis, and security quality gate integration into CI/CD pipelines. Strong foundation in Java/Spring Security, OAuth2/OpenID Connect, GDPR compliance, and BSI IT Baseline Protection requirements. Experienced technical lead and mentor in translating abstract security and compliance specifications into concrete, development-ready tasks ? acting as a trusted liaison between security working groups and engineering teams. Actively expanding expertise in cloud security, AIOps-driven observability, and AI-assisted threat detection, with a long-term career focus on Application, Cloud and Infrastructure Security Architecture
SKILLS:
Cloud: AWS, Azure
IAM & Security: OAuth2, OpenID Connect, SAML, SCIM, Keycloak, Okta Spring Security, Role-Based Access Control (RBAC), API Security, Token Management, Microsoft EntraID, Microsoft AD
Backend: Java, Spring Boot, Spring Security (Keycloak), Spring Data JPA, Spring Cloud, Hibernate, Python
API and Integration: RESTful APIs, OpenAPI Specification, Azure API Management (APIM), Apache Kafka
Offenbach am Main (+200km) Frankfurt am Main (+200km)
Deutschland, Schweiz, Österreich
möglich
Projekte
Projekte
1 year 4 months
2025-01 - now
Implemented API security policies
Senior IT Consultant
Senior IT Consultant
Implemented API security policies (authentication, authorisation, access control) using Azure API Management (APIM), ensuring compliance with GDPR and regulatory security standards.
Integrated security quality gates into Azure DevOps CI/CD pipelines, incorporating automated security checks and SonarQube-aligned static code analysis practices into the deployment lifecycle.
Conducted CVE analysis and vulnerability assessments on migrated APIs and infrastructure components, deriving and implementing practical mitigation measures.
Implemented AIOps-aligned observability and application security monitoring stack (Azure Monitor, Log Analytics, Application Insights) for proactive anomaly detection and incident response
Automated secure infrastructure provisioning using Terraform (IaC) and Ansible, enforcing security baseline configurations across Azure cloud environments.
Produced structured security documentation covering threat assessments, API configurations, compliance requirements and operational runbooks ? ensuring clear knowledge transfer across teams
Acted as central technical security liaison between development, network and security teams ? coordinating Secure-by-Design principles and security requirements across the platform migration project
Embedded Secure-by-Design and Secure Coding best practices across the full development lifecycle of a GDPR-compliant enterprise platform (Java/Spring Boot) serving BMW, Mercedes-Benz, Porsche, Lloyds Bank and Telefonica
Conducted source code analyses and SonarQube SAST scans on every build, proactively identifying and remediating security vulnerabilities (CVE analysis) in direct collaboration with development teams
Performed OWASP ZAP DAST testing against platform APIs and web interfaces, interpreted scan results and derived practical mitigation options discussed directly with developers
Conducted application threat modelling sessions, assessing feasibility and proportionality of security measures in alignment with OWASP Top 10 and BSI IT Baseline Protection principles
Translated abstract GDPR and security compliance requirements into concrete, development-ready technical tasks ? acting as the central liaison between the security working group and engineering teams
Integrated OWASP Dependency Check into GitLab CI/CD pipelines for continuous software composition analysis (SCA) and third-party vulnerability tracking
Implemented authentication, authorisation and RBAC mechanisms (Spring Security, Keycloak, OAuth2/OpenID Connect) ensuring secure API access and identity management across microservices
Established automated end-to-end testing (Selenium/JUnit/Mockito) and enforced quality gates via SonarQube, achieving 80% test coverage and consistent security baseline across releases
Operated Kubernetes clusters (Argo CD) with Datadog and Application Insights for application security monitoring, alerting and anomaly detection; handled incidents with full RCA documentation
Planned and conducted practical secure coding training sessions for the development team, covering OWASP Top 10, common vulnerability patterns and secure API design
Drove DevSecOps practices including GitLab CI/CD pipeline hardening, AWS infrastructure provisioning via Terraform, and automated security task execution using Ansible
BusyLamp GmbH
Germany
1 year 10 months
2018-12 - 2020-09
Implemented enterprise-grade authentication and authorisation solutions
Full Stack Senior Developer
Full Stack Senior Developer
Implemented enterprise-grade authentication and authorisation solutions (Spring Security, OAuth2) across regulated banking platforms, ensuring compliance with strict security and access control requirements.
Designed and integrated REST APIs and enterprise system interfaces, ensuring interoperability and data consistency across distributed financial platforms.
Worked extensively with identity-related integration patterns including token-based authentication, session management and secure API access in high-security banking environments.
Collaborated directly with client security, architecture and business teams to analyse requirements, document solutions and ensure successful knowledge transfer.
Drove DevOps adoption (Jenkins, Maven, Git, CI/CD) and contributed to technical leadership, architecture reviews and developer mentoring across multiple client engagements.
European Central Bank (ECB), CACEIS Investors Services, Toronto Dominion (TD) Bank
Frankfurt, Munich, Germany, London, Canada
12 years 4 months
2006-09 - 2018-12
Implemented enterprise-grade authentication and authorisation solutions
Full Stack Senior Developer
Full Stack Senior Developer
Implemented enterprise-grade authentication and authorisation solutions (Spring Security, OAuth2) across regulated banking platforms, ensuring compliance with strict security and access control requirements
Designed and integrated REST APIs and enterprise system interfaces, ensuring interoperability and data consistency across distributed financial platforms
Worked extensively with identity-related integration patterns including token-based authentication, session management and secure API access in high-security banking environments
Collaborated directly with client security, architecture and business teams to analyse requirements, document solutions and ensure successful knowledge transfer
Drove DevOps adoption (Jenkins, Maven, Git, CI/CD) and contributed to technical leadership, architecture reviews and developer mentoring across multiple client engagements
European Central Bank (ECB), CACEIS Investors Services, Toronto Dominion (TD) Bank
Frankfurt, Munich, Germany, London, Canada
Aus- und Weiterbildung
Aus- und Weiterbildung
finance (IT) Master?s degree in finance (IT)
CERTIFICATIONS:
AWS Certified Cloud Practitioner
Post Graduate Diploma in Computer Application (PGDCA)
Certified Scrum Master (CSM)
Certified DevOps Master
Sun Certified Java Programmer and Web Component Developer
Results-driven Senior Software Engineer and Security Specialist with over 15 years of experience delivering enterprise-grade distributed systems across banking, legal tech, and utilities sectors. Proven hands-on expertise in DevSecOps practices, Secure-by-Design principles, and application security ? including SAST (SonarQube), DAST (OWASP ZAP), CVE analysis, and security quality gate integration into CI/CD pipelines. Strong foundation in Java/Spring Security, OAuth2/OpenID Connect, GDPR compliance, and BSI IT Baseline Protection requirements. Experienced technical lead and mentor in translating abstract security and compliance specifications into concrete, development-ready tasks ? acting as a trusted liaison between security working groups and engineering teams. Actively expanding expertise in cloud security, AIOps-driven observability, and AI-assisted threat detection, with a long-term career focus on Application, Cloud and Infrastructure Security Architecture
SKILLS:
Cloud: AWS, Azure
IAM & Security: OAuth2, OpenID Connect, SAML, SCIM, Keycloak, Okta Spring Security, Role-Based Access Control (RBAC), API Security, Token Management, Microsoft EntraID, Microsoft AD
Backend: Java, Spring Boot, Spring Security (Keycloak), Spring Data JPA, Spring Cloud, Hibernate, Python
API and Integration: RESTful APIs, OpenAPI Specification, Azure API Management (APIM), Apache Kafka