Cloud & Platform Architect specializing in enterprise-scale AWS environments, multi-account governance, and cloud-native platform engineering.
Aktualisiert am 02.04.2026
Profil
Freiberufler / Selbstständiger
Remote-Arbeit
Verfügbar ab: 01.01.2027
Verfügbar zu: 100%
davon vor Ort: 10%
AWS
Terraform
Kubernetes
Amazon RDS
MySQL
PostgreSQL
Amazon EC2
IAM
SSO
GitLab
GitHub
IT-Governance
IT-Compliance
CI/CD
German
Muttersprache
English
Business fluent

Einsatzorte

Einsatzorte

Bonn (+50km)
Deutschland
möglich

Projekte

Projekte

1 year 5 months
2024-08 - 2025-12

Architected and standardized a unified AWS network and security architecture

Senior AWS Cloud Engineer - Banking & Security
Senior AWS Cloud Engineer - Banking & Security
  • Architected and standardized a unified AWS network and security architecture across 45 AWS accounts, enabling consistent governance, connectivity, and compliance for enterprise customer environments.
  • Designed and operated a multi-cluster AWS EKS platform supporting production workloads, significantly improving scalability, availability, and operational reliability.
  • Implemented a GitOps delivery model using ArgoCD and Helm, enabling fully automated, auditable deployments and reducing manual release errors.
  • Automated infrastructure provisioning using Terraform and Terragrunt at scale, reducing environment setup time by up to 70% and eliminating configuration drift.
  • Established enterprise-grade backup and disaster recovery strategies with Velero and AWS Backup, ensuring reliable multi-cluster recovery and business continuity.
  • Introduced Rancher as a self-service Kubernetes platform, accelerating developer onboarding while maintaining centralized security and governance
  • Designed and implemented fine-grained AWS IAM concepts (roles, policies, trust relationships) to enforce least-privilege access across accounts, workloads, and CI/CD pipelines.
  • Developed AWS Lambda?based pre-provisioning workflows for databases, automating initialization, configuration, and access setup to support secure and consistent application onboarding.
  • Delivered consistent, high-quality outcomes as part of a 5-person AWS Solutions Architecture team, resulting in three consecutive contract renewals.
Sopra Financial Technology GmbH
Nuremberg, Bavaria
1 year
2023-08 - 2024-07

Designed and delivered a cloud infrastructure serving enterprise customers

Lead Cloud Architect (AWS) - HR & Security
Lead Cloud Architect (AWS) - HR & Security
  • Designed and delivered a secure, highly available AWS-based cloud infrastructure serving enterprise customers with isolated, customer-specific environments.
  • Architected and standardized a centralized AWS networking and security foundation across 10+ AWS accounts, ensuring consistent governance, reliable connectivity, and compliance across enterprise customer environments.
  • Acted as technical coach and trainer, upskilling engineering teams on cloud architecture, security best practices, and operational excellence.
  • Partnered directly with executive management and the CTO to support enterprise customer engagements, clearly explaining and defending advanced security architectures and implementation decisions.
  • Defined and implemented enterprise-grade security controls, including SIEM, encryption, and access logging, meeting strict customer and compliance requirements.
  • Built and operated a containerized platform using AWS ECS with both EC2 and Fargate, balancing cost efficiency, scalability, and operational flexibility.
  • Led the migration from CloudFormation to Terraform with Terragrunt, significantly improving infrastructure scalability, reusability, and long-term maintainability.
  • Implemented blue-green deployment strategies via GitLab CI, enabling zero-downtime releases and safer production deployments.
  • Defined and enforced scalable AWS IAM patterns, integrating role-based access control and cross-account permissions to securely govern users, services, and automation.
  • Implemented serverless database pre-provisioning using AWS Lambda, enabling automated setup of schemas, users, and configuration parameters prior to application deployment.
  • Improved application scalability and availability through AWS Load Balancers, ensuring consistent performance under varying workloads.
  • Established comprehensive monitoring and observability with Datadog, enabling proactive incident detection and performance optimization.
  • Delivered a highly reliable and secure platform that became a core component of the company?s digital and enterprise offerings.
  • Achieved four consecutive contract renewals, reflecting sustained delivery quality and strong stakeholder trust.
aconso AG
Bielefeld, NRW
10 months
2022-10 - 2023-07

end-to-end design and implementation

Lead Cloud Architect (AWS) - Healthcare & Security
Lead Cloud Architect (AWS) - Healthcare & Security
  • Led the end-to-end design and implementation of a secure cloud infrastructure from scratch, supporting a healthcare platform processing highly sensitive medical data.
  • Architected and operated multiple AWS ECS and AWS EKS clusters hosting a large-scale microservices architecture, ensuring scalability, reliability, and operational consistency.
  • Designed and enforced a secure, segmented AWS network topology using networks, subnets, routing, and security controls to isolate environments, protect critical services, and meet regulatory requirements.
  • Implemented robust AWS IAM architectures with clear separation of duties, least-privilege access, and service-to-service authentication to securely operate workloads handling sensitive healthcare data.
  • Standardized Docker-based development and runtime environments, aligning local, staging, and production setups to reduce integration issues and deployment friction.
  • Delivered a high-performance frontend architecture using Amazon CloudFront and S3, optimizing global content delivery, scalability, and user experience.
  • Implemented blue-green deployment pipelines using GitHub Actions, integrating automated testing to enable zero-downtime releases and significantly improve application stability.
  • Designed and enforced advanced encryption strategies using AWS KMS, strengthening data protection beyond default cloud-managed encryption.
  • Established comprehensive monitoring and observability with Datadog, enabling proactive issue detection across the full application and infrastructure stack.
  • Built and managed highly available data layers using multiple AWS Aurora MySQL 8.0 clusters and AWS ElastiCache Redis clusters.
  • Planned and automated the entire infrastructure lifecycle using Terraform and Terragrunt, ensuring reproducibility, scalability, and compliance-ready environments.
  • Ensured continuous compliance with GDPR, BSI, PCI, and ISO 27001, embedding security and regulatory requirements directly into infrastructure and deployment processes.
  • Provided fully isolated development, staging, and local environments for engineers and product owners, accelerating development velocity and improving cross-team collaboration.
Cura4You GmbH
Wachtberg, NRW
1 year
2021-11 - 2022-10

Migration of an organically grown AWS environment

Lead Cloud Architect (AWS) - High Availability & Compliance
Lead Cloud Architect (AWS) - High Availability & Compliance
  • Led the migration of an organically grown AWS environment to a highly available, production-grade cloud architecture, significantly improving reliability, scalability, and operational resilience
  • Took full ownership of stabilizing and modernizing AWS infrastructure in a high-growth startup (>40M? funding) amid frequent team changes and limited prior infrastructure stewardship.
  • Designed and enforced scalable AWS IAM structures with clearly defined roles, policies, and trust relationships, enabling secure access management across teams, services, and CI/CD workflows.
  • Refactored and standardized the AWS VPC foundation (network design, subnet segmentation, routing, and security controls) to improve isolation, availability, and operational robustness across environments.
  • Implemented AWS Lambda?based automation for database provisioning and ETL pipelines, enabling serverless initialization, data transformation, and integration workflows to support reliable and scalable data processing.
  • Architected and operated high-availability data layers using multiple AWS RDS MySQL 8.0 clusters and AWS ElastiCache Redis clusters, improving performance and data consistency.
  • Designed and implemented blue-green deployment pipelines using GitHub Actions, enabling zero-downtime releases and safer production rollouts.
  • Built and supported local development environments and CI/CD pipelines, accelerating developer productivity and reducing deployment friction.
  • Played a key role in the company?s ISO 27001 and SOC 2 certification initiatives, contributing to security controls, asset monitoring, and audit readiness.
  • Implemented continuous asset and compliance monitoring using Vanta, improving visibility into infrastructure security posture.
  • Delivered a scalable container platform using AWS ECS with EC2 and Fargate, balancing cost efficiency, scalability, and operational simplicity.
  • Improved application availability and traffic management through AWS Load Balancers, ensuring consistent performance under load.
  • Strengthened data protection and security controls using AWS KMS, aligning infrastructure with enterprise security and compliance requirements.
  • Earned four consecutive contract renewals, reflecting strong delivery impact and stakeholder trust.
PlanA.Earth GmbH
Berlin
1 year
2020-10 - 2021-09

full-scale migration

Lead Cloud Architect (AWS) - Migration & Platform Modernization
Lead Cloud Architect (AWS) - Migration & Platform Modernization
  • Led a full-scale migration from DigitalOcean to AWS, significantly improving scalability, reliability, and long-term robustness of the cloud infrastructure.
  • Designed and implemented a robust AWS VPC architecture (nentwork layout, subnet segmentation, routing, and security controls), ensuring secure connectivity, high availability, and a strong foundation for the migrated platform.
  • Defined and enforced a structured AWS IAM model with role-based access, service identities, and cross-account trust to securely operate mission-critical back-office workloads.
  • Modernized the application platform by replacing an outdated Rancher setup, stabilizing and streamlining web, frontend, and backend service operations.
  • Designed and implemented golden AMIs, enabling ultra-fast, repeatable deployments and supporting highly agile release cycles.
  • Migrated multi-terabyte object storage from DigitalOcean?s S3-compatible storage to AWS S3, improving durability, performance, and operational maturity.
  • Established secure remote access via VPN, enabling safe and controlled infrastructure access for distributed engineering teams.
  • Introduced advanced monitoring and alerting using AWS CloudWatch and New Relic, enabling proactive detection and faster incident response.
  • Designed and implemented blue-green deployment strategies, minimizing downtime and reducing risk during production releases.
  • Built CI/CD pipelines to support efficient development workflows, including automated pipelines for iOS and Android application builds.
  • Implemented comprehensive backup and recovery strategies, improving data protection and operational resilience.
  • Ensured a smooth operational handover to a dedicated Site Reliability Engineer, maintaining continuity and long-term platform stability.
  • Achieved four consecutive contract renewals, reflecting strong delivery impact and sustained stakeholder confidence.
Schüttflix GmbH
Gütersloh, NRW
1 year 2 months
2019-04 - 2020-05

Migration of a mission-critical back-office fulfillment system

Lead Cloud Architect (AWS) - Migration & Platform Modernization
Lead Cloud Architect (AWS) - Migration & Platform Modernization
  • Led the complete migration of a mission-critical back-office fulfillment system from on-premise to AWS, establishing a modern, scalable, and highly available cloud platform.
  • Designed and implemented a comprehensive AWS security and network architecture, ensuring secure connectivity, isolation, and compliance for production workloads.
  • Defined and enforced a structured AWS IAM model with role-based access, service identities, and cross-account trust for the secure operation of business-critical back-office workloads.
  • Developed AWS Lambda-driven automation to support database-related workflows and integration tasks, enabling event-driven processing and reducing manual operational overhead.
  • Migrated multi-tens of terabytes of MySQL data to AWS, executing a reliable, low-risk data transfer for business-critical systems.
  • Ported multi-tens of terabytes of NFS data to AWS EFS, enabling scalable, highly available shared storage in the cloud.
  • Automated provisioning and configuration of all servers using Terraform and Ansible, eliminating manual setup and improving infrastructure consistency.
  • Introduced CI/CD pipelines with Auto Scaling Groups, Load Balancers, and blue-green deployments, enabling zero-downtime releases and improved release safety.
  • Implemented centralized log management, significantly improving system observability and operational troubleshooting.
  • Designed and documented backup, maintenance, monitoring, and operations concepts, strengthening long-term reliability and operational readiness.
  • Trained development teams on DevOps practices, AWS, and Terraform, increasing internal cloud maturity and reducing operational dependencies.
  • Achieved four consecutive contract renewals, reflecting sustained delivery quality and strong stakeholder trust.
Silvertours GmbH
Cologne, NRW
1 year 8 months
2017-08 - 2019-03

Migration of legacy monolithic applications

Lead Cloud Architect (AWS) - Platform Transformation
Lead Cloud Architect (AWS) - Platform Transformation
  • Led the migration of legacy monolithic applications to AWS, using Terraform, Packer, Ansible, Consul, and Vault to establish a secure, automated, and reproducible infrastructure.
  • Migrated CI/CD workflows from Jenkins to CircleCI, significantly improving pipeline reliability, execution speed, and maintainability.
  • Orchestrated the company-wide migration from GitLab to GitHub, standardizing version control and improving collaboration and code review workflows.
  • Migrated all production databases to AWS-managed services, increasing availability, scalability, and operational stability.
  • Introduced ProxySQL for database load balancing and traffic management, improving performance and resilience of database workloads.
  • Automated provisioning, rolling deployments, and in-place upgrades of all servers using Ansible, enabling zero-downtime updates.
  • Established engineering and development standards across teams, improving code quality, consistency, and long-term maintainability.
  • Introduced modern development tooling and workflows, raising overall engineering productivity and delivery quality
  • Designed and rolled out a company-wide testing strategy, significantly improving test coverage, release confidence, and defect detection.
  • Conducted technical workshops and training sessions on agile testing, clean code practices, and managing technical debt, strengthening engineering culture and sustainability.
TrustedShops GmbH
Cologne, NRW
5 years 5 months
2012-03 - 2017-07

Introduced and scaled Scrum and Kanban practices

Engineering Manager & Agile Transformation Lead
Engineering Manager & Agile Transformation Lead
  • Introduced and scaled Scrum and Kanban practices across 6 development teams, enabling predictable delivery, transparency, and continuous improvement.
  • Set up, coached, and managed 15 developers in agile ways of working, significantly improving collaboration, ownership, and delivery velocity.
  • Designed and implemented CI/CD pipelines and automated test frameworks, increasing release frequency while reducing regression risk.
  • Led the migration from PHP 5.0 to PHP 7, improving application performance, security, and long-term maintainability.
  • Migrated caching infrastructure from Memcache to Redis, enhancing reliability, performance, and operational flexibility.
  • Executed a full codebase and database character set migration from Latin1 to UTF-8, ensuring correct internationalization and data consistency.
  • Introduced and standardized Atlassian Jira, Confluence, and Bamboo, improving project tracking, documentation, and CI/CD integration.
  • Established Continuous Integration and unit testing practices from the ground up, raising code quality and reducing production defects.
  • Led the architectural transition from a monolith to a microservices-based system, enabling independent deployments and improved scalability.
Chefkoch GmbH
Bonn, NRW
1 year
2011-03 - 2012-02

Supervised and coordinated 10+ developers while scaling platform systems

Lead Software Engineer - High-Scale Platforms
Lead Software Engineer - High-Scale Platforms
  • Supervised and coordinated 10+ developers while scaling platform systems to support 9.3 million registered users.
  • Led the scaling and optimization of core systems, ensuring stability and performance under rapidly growing user demand.
  • Drove the development of new features for both end users and internal employees, aligning technical delivery with business needs.
  • Designed and implemented an in-house advertising server handling 5+ billion ad impressions per month, delivering high throughput and reliability at massive scale.
  • Produced regular technical and performance reports for executive management, supporting data-driven decision-making.
  • Continued the development and optimization of the in-house PHP framework, improving maintainability, performance, and developer productivity.
werkenntwen GmbH
Cologne, NRW
3 years 1 month
2008-02 - 2011-02

Contributed to the build and operation

Software Engineer - High-Scale Platforms
Software Engineer - High-Scale Platforms
  • Contributed to the build and operation of one of Germany?s largest social networking platforms, supporting a highly scalable, high-traffic production environment.
  • Operated and scaled the platform to reliably handle up to 250,000 concurrent users.
  • Enabled the processing of 5+ billion page views per month, ensuring performance and stability at massive scale.
  • Drove the development and enhancement of core user-facing features, improving engagement and user experience.
  • Optimized the platform scaling architecture and overall system stability, reducing performance bottlenecks under peak load.
  • Expanded and improved monitoring and observability systems, enabling proactive detection and faster resolution of incidents.
  • Introduced Scrum and Kanban methodologies, professionalizing software development processes and improving delivery predictability and team efficiency
werkenntwen GmbH
Cologne, NRW

Aus- und Weiterbildung

Aus- und Weiterbildung

2004

Michel Development & Consulting GmbH & Co. KG, Apprenticeship

IT specialist for application development (IHK)


2000

BBS Bad Neuenahr-Ahrweiler, Secondary School

Certificate of Secondary Education (Department of Economics)


Certifications

  • AWS Certifications (planned for 2026)
  • Management 3.0 (2020)
  • Certified Scrum Master (CSM) (2016)

Kompetenzen

Kompetenzen

Top-Skills

AWS Terraform Kubernetes Amazon RDS MySQL PostgreSQL Amazon EC2 IAM SSO GitLab GitHub IT-Governance IT-Compliance CI/CD

Produkte / Standards / Erfahrungen / Methoden

Summary

Senior Cloud & Platform Engineer specializing in AWS-only infrastructure, Kubernetes, and Infrastructure as Code. Advises CTOs on cloud strategy and architecture, leads platform and DevOps teams, designs and automates scalable enterprise AWS environments.


Skills

Cloud & Platform Architecture:

  • Amazon Web Services (AWS)
  • AWS Organizations
  • AWS Control Tower
  • Landing Zone
  • AWS Well-Architected Framework
  • Multi-Account-Architekturen
  • Multi-Region-Architekturen
  • High Availability & Disaster Recovery Design
  • Security-by-Design
  • Compliance-Architekturen


Network & Connectivity:

  • VPC
  • Transit Gateway
  • Direct Connect
  • VPN
  • Route 53
  • CloudFront
  • Load Balancer
  • WAF
  • ACM


Identity & Security:

  • IAM
  • SSO
  • KMS
  • Secrets Manager


Compute & Container Engines:

  • EC2
  • EKS (EC2 & Fargate)
  • ECS (EC2 & Fargate)
  • Lambda
  • ECR
  • Auto Scaling


Storage & Data Transfer:

  • S3
  • EFS
  • DataSync
  • DMS
  • Snowball


Observability & Operations:

  • CloudWatch
  • CloudTrail
  • SSM
  • Backup
  • Budgets


Application Integration & Messaging:

  • API Gateway
  • SNS
  • SES
  • MQ
  • Kafka


Migration & Analytics:

  • DMS
  • Textract


Infrastructure as Code & Provisioning:

  • Terraform
  • Terragrunt
  • OpenTofu
  • CloudFormation
  • Packer
  • Ansible
  • Immutable Server
  • Phoenix Server


Delivery & Deployment:

  • Nginx
  • Apache


Container & Orchestration:

  • Kubernetes
  • Helm
  • Docker
  • Harbor
  • Nexus
  • Velero
  • Rancher


CI/CD & Automation:

  • Gitlab CI
  • GitHub Actions
  • ArgoCD


Observability, Monitoring & Operations:

  • Datadog
  • ELK Stack
  • OpenSearch
  • New Relic
  • CloudWatch
  • PagerDuty


Software Engineering Best Practices:

  • Continuous Integration
  • Continuous Delivery
  • Continuous Deployment
  • Blue-Green Deployment
  • Clean Code
  • Clean Architecture
  • SOLID
  • DRY
  • KISS
  • YAGNI
  • Domain-Driven Design
  • REST
  • Test-Driven Development
  • Static Code Analysis
  • Coding Standards
  • Design Patterns


Methodologies:

  • Scrum
  • Kanban
  • Pair Programming
  • Mob Programming


Leadership & People Management:

  • Strategic Leadership
  • Technical Leadership
  • Team Building
  • Organizational Development
  • Change Management
  • Mentoring
  • Coaching of Developers
  • Team Leads and Startups


Project & Collaboration Tools:

  • Jira
  • Confluence
  • Notion
  • Asana
  • Trello
  • HubSpot

Betriebssysteme

Amazon Linux
Ubuntu
Debian
Alpine Linux

Programmiersprachen

PHP
Bash
Python

Datenbanken

RDS
Aurora, Serverless, MySQL, PostgreSQL, MariaDB
RDS Proxy
ElastiCache
Redis & Memcached
MemoryDB
ProxySQL

Einsatzorte

Einsatzorte

Bonn (+50km)
Deutschland
möglich

Projekte

Projekte

1 year 5 months
2024-08 - 2025-12

Architected and standardized a unified AWS network and security architecture

Senior AWS Cloud Engineer - Banking & Security
Senior AWS Cloud Engineer - Banking & Security
  • Architected and standardized a unified AWS network and security architecture across 45 AWS accounts, enabling consistent governance, connectivity, and compliance for enterprise customer environments.
  • Designed and operated a multi-cluster AWS EKS platform supporting production workloads, significantly improving scalability, availability, and operational reliability.
  • Implemented a GitOps delivery model using ArgoCD and Helm, enabling fully automated, auditable deployments and reducing manual release errors.
  • Automated infrastructure provisioning using Terraform and Terragrunt at scale, reducing environment setup time by up to 70% and eliminating configuration drift.
  • Established enterprise-grade backup and disaster recovery strategies with Velero and AWS Backup, ensuring reliable multi-cluster recovery and business continuity.
  • Introduced Rancher as a self-service Kubernetes platform, accelerating developer onboarding while maintaining centralized security and governance
  • Designed and implemented fine-grained AWS IAM concepts (roles, policies, trust relationships) to enforce least-privilege access across accounts, workloads, and CI/CD pipelines.
  • Developed AWS Lambda?based pre-provisioning workflows for databases, automating initialization, configuration, and access setup to support secure and consistent application onboarding.
  • Delivered consistent, high-quality outcomes as part of a 5-person AWS Solutions Architecture team, resulting in three consecutive contract renewals.
Sopra Financial Technology GmbH
Nuremberg, Bavaria
1 year
2023-08 - 2024-07

Designed and delivered a cloud infrastructure serving enterprise customers

Lead Cloud Architect (AWS) - HR & Security
Lead Cloud Architect (AWS) - HR & Security
  • Designed and delivered a secure, highly available AWS-based cloud infrastructure serving enterprise customers with isolated, customer-specific environments.
  • Architected and standardized a centralized AWS networking and security foundation across 10+ AWS accounts, ensuring consistent governance, reliable connectivity, and compliance across enterprise customer environments.
  • Acted as technical coach and trainer, upskilling engineering teams on cloud architecture, security best practices, and operational excellence.
  • Partnered directly with executive management and the CTO to support enterprise customer engagements, clearly explaining and defending advanced security architectures and implementation decisions.
  • Defined and implemented enterprise-grade security controls, including SIEM, encryption, and access logging, meeting strict customer and compliance requirements.
  • Built and operated a containerized platform using AWS ECS with both EC2 and Fargate, balancing cost efficiency, scalability, and operational flexibility.
  • Led the migration from CloudFormation to Terraform with Terragrunt, significantly improving infrastructure scalability, reusability, and long-term maintainability.
  • Implemented blue-green deployment strategies via GitLab CI, enabling zero-downtime releases and safer production deployments.
  • Defined and enforced scalable AWS IAM patterns, integrating role-based access control and cross-account permissions to securely govern users, services, and automation.
  • Implemented serverless database pre-provisioning using AWS Lambda, enabling automated setup of schemas, users, and configuration parameters prior to application deployment.
  • Improved application scalability and availability through AWS Load Balancers, ensuring consistent performance under varying workloads.
  • Established comprehensive monitoring and observability with Datadog, enabling proactive incident detection and performance optimization.
  • Delivered a highly reliable and secure platform that became a core component of the company?s digital and enterprise offerings.
  • Achieved four consecutive contract renewals, reflecting sustained delivery quality and strong stakeholder trust.
aconso AG
Bielefeld, NRW
10 months
2022-10 - 2023-07

end-to-end design and implementation

Lead Cloud Architect (AWS) - Healthcare & Security
Lead Cloud Architect (AWS) - Healthcare & Security
  • Led the end-to-end design and implementation of a secure cloud infrastructure from scratch, supporting a healthcare platform processing highly sensitive medical data.
  • Architected and operated multiple AWS ECS and AWS EKS clusters hosting a large-scale microservices architecture, ensuring scalability, reliability, and operational consistency.
  • Designed and enforced a secure, segmented AWS network topology using networks, subnets, routing, and security controls to isolate environments, protect critical services, and meet regulatory requirements.
  • Implemented robust AWS IAM architectures with clear separation of duties, least-privilege access, and service-to-service authentication to securely operate workloads handling sensitive healthcare data.
  • Standardized Docker-based development and runtime environments, aligning local, staging, and production setups to reduce integration issues and deployment friction.
  • Delivered a high-performance frontend architecture using Amazon CloudFront and S3, optimizing global content delivery, scalability, and user experience.
  • Implemented blue-green deployment pipelines using GitHub Actions, integrating automated testing to enable zero-downtime releases and significantly improve application stability.
  • Designed and enforced advanced encryption strategies using AWS KMS, strengthening data protection beyond default cloud-managed encryption.
  • Established comprehensive monitoring and observability with Datadog, enabling proactive issue detection across the full application and infrastructure stack.
  • Built and managed highly available data layers using multiple AWS Aurora MySQL 8.0 clusters and AWS ElastiCache Redis clusters.
  • Planned and automated the entire infrastructure lifecycle using Terraform and Terragrunt, ensuring reproducibility, scalability, and compliance-ready environments.
  • Ensured continuous compliance with GDPR, BSI, PCI, and ISO 27001, embedding security and regulatory requirements directly into infrastructure and deployment processes.
  • Provided fully isolated development, staging, and local environments for engineers and product owners, accelerating development velocity and improving cross-team collaboration.
Cura4You GmbH
Wachtberg, NRW
1 year
2021-11 - 2022-10

Migration of an organically grown AWS environment

Lead Cloud Architect (AWS) - High Availability & Compliance
Lead Cloud Architect (AWS) - High Availability & Compliance
  • Led the migration of an organically grown AWS environment to a highly available, production-grade cloud architecture, significantly improving reliability, scalability, and operational resilience
  • Took full ownership of stabilizing and modernizing AWS infrastructure in a high-growth startup (>40M? funding) amid frequent team changes and limited prior infrastructure stewardship.
  • Designed and enforced scalable AWS IAM structures with clearly defined roles, policies, and trust relationships, enabling secure access management across teams, services, and CI/CD workflows.
  • Refactored and standardized the AWS VPC foundation (network design, subnet segmentation, routing, and security controls) to improve isolation, availability, and operational robustness across environments.
  • Implemented AWS Lambda?based automation for database provisioning and ETL pipelines, enabling serverless initialization, data transformation, and integration workflows to support reliable and scalable data processing.
  • Architected and operated high-availability data layers using multiple AWS RDS MySQL 8.0 clusters and AWS ElastiCache Redis clusters, improving performance and data consistency.
  • Designed and implemented blue-green deployment pipelines using GitHub Actions, enabling zero-downtime releases and safer production rollouts.
  • Built and supported local development environments and CI/CD pipelines, accelerating developer productivity and reducing deployment friction.
  • Played a key role in the company?s ISO 27001 and SOC 2 certification initiatives, contributing to security controls, asset monitoring, and audit readiness.
  • Implemented continuous asset and compliance monitoring using Vanta, improving visibility into infrastructure security posture.
  • Delivered a scalable container platform using AWS ECS with EC2 and Fargate, balancing cost efficiency, scalability, and operational simplicity.
  • Improved application availability and traffic management through AWS Load Balancers, ensuring consistent performance under load.
  • Strengthened data protection and security controls using AWS KMS, aligning infrastructure with enterprise security and compliance requirements.
  • Earned four consecutive contract renewals, reflecting strong delivery impact and stakeholder trust.
PlanA.Earth GmbH
Berlin
1 year
2020-10 - 2021-09

full-scale migration

Lead Cloud Architect (AWS) - Migration & Platform Modernization
Lead Cloud Architect (AWS) - Migration & Platform Modernization
  • Led a full-scale migration from DigitalOcean to AWS, significantly improving scalability, reliability, and long-term robustness of the cloud infrastructure.
  • Designed and implemented a robust AWS VPC architecture (nentwork layout, subnet segmentation, routing, and security controls), ensuring secure connectivity, high availability, and a strong foundation for the migrated platform.
  • Defined and enforced a structured AWS IAM model with role-based access, service identities, and cross-account trust to securely operate mission-critical back-office workloads.
  • Modernized the application platform by replacing an outdated Rancher setup, stabilizing and streamlining web, frontend, and backend service operations.
  • Designed and implemented golden AMIs, enabling ultra-fast, repeatable deployments and supporting highly agile release cycles.
  • Migrated multi-terabyte object storage from DigitalOcean?s S3-compatible storage to AWS S3, improving durability, performance, and operational maturity.
  • Established secure remote access via VPN, enabling safe and controlled infrastructure access for distributed engineering teams.
  • Introduced advanced monitoring and alerting using AWS CloudWatch and New Relic, enabling proactive detection and faster incident response.
  • Designed and implemented blue-green deployment strategies, minimizing downtime and reducing risk during production releases.
  • Built CI/CD pipelines to support efficient development workflows, including automated pipelines for iOS and Android application builds.
  • Implemented comprehensive backup and recovery strategies, improving data protection and operational resilience.
  • Ensured a smooth operational handover to a dedicated Site Reliability Engineer, maintaining continuity and long-term platform stability.
  • Achieved four consecutive contract renewals, reflecting strong delivery impact and sustained stakeholder confidence.
Schüttflix GmbH
Gütersloh, NRW
1 year 2 months
2019-04 - 2020-05

Migration of a mission-critical back-office fulfillment system

Lead Cloud Architect (AWS) - Migration & Platform Modernization
Lead Cloud Architect (AWS) - Migration & Platform Modernization
  • Led the complete migration of a mission-critical back-office fulfillment system from on-premise to AWS, establishing a modern, scalable, and highly available cloud platform.
  • Designed and implemented a comprehensive AWS security and network architecture, ensuring secure connectivity, isolation, and compliance for production workloads.
  • Defined and enforced a structured AWS IAM model with role-based access, service identities, and cross-account trust for the secure operation of business-critical back-office workloads.
  • Developed AWS Lambda-driven automation to support database-related workflows and integration tasks, enabling event-driven processing and reducing manual operational overhead.
  • Migrated multi-tens of terabytes of MySQL data to AWS, executing a reliable, low-risk data transfer for business-critical systems.
  • Ported multi-tens of terabytes of NFS data to AWS EFS, enabling scalable, highly available shared storage in the cloud.
  • Automated provisioning and configuration of all servers using Terraform and Ansible, eliminating manual setup and improving infrastructure consistency.
  • Introduced CI/CD pipelines with Auto Scaling Groups, Load Balancers, and blue-green deployments, enabling zero-downtime releases and improved release safety.
  • Implemented centralized log management, significantly improving system observability and operational troubleshooting.
  • Designed and documented backup, maintenance, monitoring, and operations concepts, strengthening long-term reliability and operational readiness.
  • Trained development teams on DevOps practices, AWS, and Terraform, increasing internal cloud maturity and reducing operational dependencies.
  • Achieved four consecutive contract renewals, reflecting sustained delivery quality and strong stakeholder trust.
Silvertours GmbH
Cologne, NRW
1 year 8 months
2017-08 - 2019-03

Migration of legacy monolithic applications

Lead Cloud Architect (AWS) - Platform Transformation
Lead Cloud Architect (AWS) - Platform Transformation
  • Led the migration of legacy monolithic applications to AWS, using Terraform, Packer, Ansible, Consul, and Vault to establish a secure, automated, and reproducible infrastructure.
  • Migrated CI/CD workflows from Jenkins to CircleCI, significantly improving pipeline reliability, execution speed, and maintainability.
  • Orchestrated the company-wide migration from GitLab to GitHub, standardizing version control and improving collaboration and code review workflows.
  • Migrated all production databases to AWS-managed services, increasing availability, scalability, and operational stability.
  • Introduced ProxySQL for database load balancing and traffic management, improving performance and resilience of database workloads.
  • Automated provisioning, rolling deployments, and in-place upgrades of all servers using Ansible, enabling zero-downtime updates.
  • Established engineering and development standards across teams, improving code quality, consistency, and long-term maintainability.
  • Introduced modern development tooling and workflows, raising overall engineering productivity and delivery quality
  • Designed and rolled out a company-wide testing strategy, significantly improving test coverage, release confidence, and defect detection.
  • Conducted technical workshops and training sessions on agile testing, clean code practices, and managing technical debt, strengthening engineering culture and sustainability.
TrustedShops GmbH
Cologne, NRW
5 years 5 months
2012-03 - 2017-07

Introduced and scaled Scrum and Kanban practices

Engineering Manager & Agile Transformation Lead
Engineering Manager & Agile Transformation Lead
  • Introduced and scaled Scrum and Kanban practices across 6 development teams, enabling predictable delivery, transparency, and continuous improvement.
  • Set up, coached, and managed 15 developers in agile ways of working, significantly improving collaboration, ownership, and delivery velocity.
  • Designed and implemented CI/CD pipelines and automated test frameworks, increasing release frequency while reducing regression risk.
  • Led the migration from PHP 5.0 to PHP 7, improving application performance, security, and long-term maintainability.
  • Migrated caching infrastructure from Memcache to Redis, enhancing reliability, performance, and operational flexibility.
  • Executed a full codebase and database character set migration from Latin1 to UTF-8, ensuring correct internationalization and data consistency.
  • Introduced and standardized Atlassian Jira, Confluence, and Bamboo, improving project tracking, documentation, and CI/CD integration.
  • Established Continuous Integration and unit testing practices from the ground up, raising code quality and reducing production defects.
  • Led the architectural transition from a monolith to a microservices-based system, enabling independent deployments and improved scalability.
Chefkoch GmbH
Bonn, NRW
1 year
2011-03 - 2012-02

Supervised and coordinated 10+ developers while scaling platform systems

Lead Software Engineer - High-Scale Platforms
Lead Software Engineer - High-Scale Platforms
  • Supervised and coordinated 10+ developers while scaling platform systems to support 9.3 million registered users.
  • Led the scaling and optimization of core systems, ensuring stability and performance under rapidly growing user demand.
  • Drove the development of new features for both end users and internal employees, aligning technical delivery with business needs.
  • Designed and implemented an in-house advertising server handling 5+ billion ad impressions per month, delivering high throughput and reliability at massive scale.
  • Produced regular technical and performance reports for executive management, supporting data-driven decision-making.
  • Continued the development and optimization of the in-house PHP framework, improving maintainability, performance, and developer productivity.
werkenntwen GmbH
Cologne, NRW
3 years 1 month
2008-02 - 2011-02

Contributed to the build and operation

Software Engineer - High-Scale Platforms
Software Engineer - High-Scale Platforms
  • Contributed to the build and operation of one of Germany?s largest social networking platforms, supporting a highly scalable, high-traffic production environment.
  • Operated and scaled the platform to reliably handle up to 250,000 concurrent users.
  • Enabled the processing of 5+ billion page views per month, ensuring performance and stability at massive scale.
  • Drove the development and enhancement of core user-facing features, improving engagement and user experience.
  • Optimized the platform scaling architecture and overall system stability, reducing performance bottlenecks under peak load.
  • Expanded and improved monitoring and observability systems, enabling proactive detection and faster resolution of incidents.
  • Introduced Scrum and Kanban methodologies, professionalizing software development processes and improving delivery predictability and team efficiency
werkenntwen GmbH
Cologne, NRW

Aus- und Weiterbildung

Aus- und Weiterbildung

2004

Michel Development & Consulting GmbH & Co. KG, Apprenticeship

IT specialist for application development (IHK)


2000

BBS Bad Neuenahr-Ahrweiler, Secondary School

Certificate of Secondary Education (Department of Economics)


Certifications

  • AWS Certifications (planned for 2026)
  • Management 3.0 (2020)
  • Certified Scrum Master (CSM) (2016)

Kompetenzen

Kompetenzen

Top-Skills

AWS Terraform Kubernetes Amazon RDS MySQL PostgreSQL Amazon EC2 IAM SSO GitLab GitHub IT-Governance IT-Compliance CI/CD

Produkte / Standards / Erfahrungen / Methoden

Summary

Senior Cloud & Platform Engineer specializing in AWS-only infrastructure, Kubernetes, and Infrastructure as Code. Advises CTOs on cloud strategy and architecture, leads platform and DevOps teams, designs and automates scalable enterprise AWS environments.


Skills

Cloud & Platform Architecture:

  • Amazon Web Services (AWS)
  • AWS Organizations
  • AWS Control Tower
  • Landing Zone
  • AWS Well-Architected Framework
  • Multi-Account-Architekturen
  • Multi-Region-Architekturen
  • High Availability & Disaster Recovery Design
  • Security-by-Design
  • Compliance-Architekturen


Network & Connectivity:

  • VPC
  • Transit Gateway
  • Direct Connect
  • VPN
  • Route 53
  • CloudFront
  • Load Balancer
  • WAF
  • ACM


Identity & Security:

  • IAM
  • SSO
  • KMS
  • Secrets Manager


Compute & Container Engines:

  • EC2
  • EKS (EC2 & Fargate)
  • ECS (EC2 & Fargate)
  • Lambda
  • ECR
  • Auto Scaling


Storage & Data Transfer:

  • S3
  • EFS
  • DataSync
  • DMS
  • Snowball


Observability & Operations:

  • CloudWatch
  • CloudTrail
  • SSM
  • Backup
  • Budgets


Application Integration & Messaging:

  • API Gateway
  • SNS
  • SES
  • MQ
  • Kafka


Migration & Analytics:

  • DMS
  • Textract


Infrastructure as Code & Provisioning:

  • Terraform
  • Terragrunt
  • OpenTofu
  • CloudFormation
  • Packer
  • Ansible
  • Immutable Server
  • Phoenix Server


Delivery & Deployment:

  • Nginx
  • Apache


Container & Orchestration:

  • Kubernetes
  • Helm
  • Docker
  • Harbor
  • Nexus
  • Velero
  • Rancher


CI/CD & Automation:

  • Gitlab CI
  • GitHub Actions
  • ArgoCD


Observability, Monitoring & Operations:

  • Datadog
  • ELK Stack
  • OpenSearch
  • New Relic
  • CloudWatch
  • PagerDuty


Software Engineering Best Practices:

  • Continuous Integration
  • Continuous Delivery
  • Continuous Deployment
  • Blue-Green Deployment
  • Clean Code
  • Clean Architecture
  • SOLID
  • DRY
  • KISS
  • YAGNI
  • Domain-Driven Design
  • REST
  • Test-Driven Development
  • Static Code Analysis
  • Coding Standards
  • Design Patterns


Methodologies:

  • Scrum
  • Kanban
  • Pair Programming
  • Mob Programming


Leadership & People Management:

  • Strategic Leadership
  • Technical Leadership
  • Team Building
  • Organizational Development
  • Change Management
  • Mentoring
  • Coaching of Developers
  • Team Leads and Startups


Project & Collaboration Tools:

  • Jira
  • Confluence
  • Notion
  • Asana
  • Trello
  • HubSpot

Betriebssysteme

Amazon Linux
Ubuntu
Debian
Alpine Linux

Programmiersprachen

PHP
Bash
Python

Datenbanken

RDS
Aurora, Serverless, MySQL, PostgreSQL, MariaDB
RDS Proxy
ElastiCache
Redis & Memcached
MemoryDB
ProxySQL

Vertrauen Sie auf Randstad

Im Bereich Freelancing
Im Bereich Arbeitnehmerüberlassung / Personalvermittlung

Fragen?

Rufen Sie uns an +49 89 500316-300 oder schreiben Sie uns:

Das Freelancer-Portal

Direktester geht's nicht! Ganz einfach Freelancer finden und direkt Kontakt aufnehmen.