Leading a multidisciplinary 7-person team to successfully manage major technology and security projects for,multiple customers.
Implementation of Microsoft 365 security (Defender 365, Intune, Azure Sentinel, Azure Entra ID, etc.).
Implementation of Cloudflare DNS, SSL, WAF, antibot, DDoS, Zero-Trust and security features.
Migration of legacy applications from six different data centers and implementation of necessary CI/CD pipelines for future application deployments.
Implementation of HashiCorp Vault for secrets management.
Implementation of cloud-native QA environment by deploying a QA environment consisting of Jenkins multi-slave platform, for testing of consumer TV applications.
Optimized the usage in a multi-account AWS environment, utilizing reserved / on-demand instances, and moving a portion of applications to containers / ECS.
Kubernetes implementation on AWS ? IOD by moving the applications hosted in Docker on EC2 to AWS EKS.
Kubernetes implementation on GCP by migrating KOPS K8s clusters from AWS to GKE clusters on GCP, with infra as a code in Terraform.
Setting up AWS infrastructure from the ground up AWS multi-account deployment with AWS S3, AWS CloudFront, AWS ECS, AWS RDS, AWS ElastiCache, and other AWS services.
Migration from a single AWS account to multiple AWS accounts by breaking the master account into several separate AWS accounts hosting a single environment.
Migration from a single GCP project to multiple GCP projects by GCP multi-project deployment with GCP GKE (Kubernetes), GCP CloudSQL, GCP Cloud Storage, and Firebase.
Implementation of IDS / IPS, network threat monitoring, observability, and monitoring tools from various vendors.
Setting up AWS infrastructure from the ground up by using Terraform (AWS Lambda, AWS API Gateway, AWS DynamoDB, AWS S3, AWS CloudFront, etc.).
Migration from manually provisioned infrastructure to Terraform translated all the manually created AWS resources to Terraform by using self-created modules.
Implementation of open-source monitoring with Prometheus, Grafana, Thanos, and Loki deployed and aggregated all the monitoring needs of AWS and GCP environments
PERUN IT SECURITY GMBH
1 year 3 months
2023-01 - 2024-03
InfoSec Risk mitigation programe
Cyber Security Program Lead
Cyber Security Program Lead
Leading post-mortem security mitigation efforts with a team of 12 security engineering after a ransomware incident with a big German Fintech company. The goal of the program was to radically re-architect the existing systems, migrate to cutting edge technology and create an operational security assurance process.
We organized the project in 8 pillars to address all security mitigation measures resulted from a security risk assessment performed jointly with the senior management of the company. The pillars included:
Security Strategy & Architecture (Zero Trust)
IAM and PAM
Network Security
Infrastructure hardening
Vulnerability management
Security assurance and Governance
SOC and Monitoring
Backup and Recovery
After the successful deployment of the technology stack, a set of baselines and processes were created to enable the customer regular insight into the risk exposure of their systems, making sure that we leave them with all tools and processes needed to effectively manage their technology stack
Planning and deployment of new Microsoft enterprise technologies
Technical Lead, Infrastructure
Technical Lead, Infrastructure
Planning and deployment of new Microsoft enterprise technologies and DR cloud infrastructure on AWS, managing system uptime of the entire trading platform by 360T supported by cloud and on-premises deployment, and introducing DevOps methodologies and automation
Upgrade of crucial Microsoft internal infrastructure - AD upgrade from Windows Server 2008R2 to 2012R2, Exchange from 2010 to 2013, client upgrade to Windows 8.1 Enterprise
Implementation of terminal services ? Deployment of RDS 2012 R2 with high availability and load balancing
Migration of e-mail services to the cloud ? Deployment of hybrid Office 365 / Exchange 2012 solution for a mixture of on-premises and cloud e-mail services for more than 1000 mailboxes
Upgrades of Atlassian products (Jira, Confluence, Bamboo)
Replacement of Linux KVM virtualization with VMware vSphere 6 products (currently only for infrastructure and test/dev environments)
Migration of several in-house production applications to AWS cloud ? utilizing AWS EC2, AWS S3, AWS IAM, and other AWS services
DevOps tooling and automation implementation ? automation of entire Linux environment with SaltStack and Ansible, introduced Rundeck for job automation, developed several dozens of reporting scripts with PowerShell and Bash for various business stakeholders.
MAJOR GERMAN FINANCIAL INSTITUTION
3 years 1 month
2012-09 - 2015-09
planning and deployment of new systems, storage, networks, and cloud technologies
IT Administrator
IT Administrator
Leading a team of 3 IT engineers, planning and deployment of new systems, storage, networks, and cloud technologies, overseeing company growth related to IT technologies and standards Development of company IT Security principles, policies, and procedures.
Datacenter consolidation ? planning, design and deployment of two new colocations (one physical, one on AWS) for online voting applications leased to customers.
Corporate messaging and collaboration ? standardized company e-mail messaging and collaboration based on Exchange 2013, Lync 2013, and SharePoint 2013, upgrade from previous versions and deployment of new products.
Deployment infrastructure - implementation of Microsoft SCCM 2012 R2 for internal and production deployment and configuration management of Microsoft products company wide. Also used for development / QA environment based on .NET projects as well as Linux / Mac workstations.
Application consolidation ? consolidated all source control repositories and project tracking in Atlassian products such as Jira, Confluence and Stash (deployment of all services in VMware/Red Hat cluster environment).
Corporate back-office infrastructure redesign ? planning and projecting implementation of EMC SAN storage in all three main offices, Belgrade, Toronto and Denver. Global network upgrade with failover Cisco ASA 5512-X devices, incorporating new core L3 switches and conversion from class C to class A IP addressing
Implementation of multi-site VMware vSphere 5.5 clusters.
Deployment of VMware Zimbra e-mail server for DVSC internet voting projects ? high volume clustered solution, in peak times more than 250 000 e-mails sent during working hours per day
USA GOVERNMENT INSTITUTION
Aus- und Weiterbildung
Aus- und Weiterbildung
Bachelor of Science degree, graduated at the Faculty of Computer Science in November 2008, majoring in computer networks and telecommunication
MBA degree, graduated at Cotrugli Business School (www.cotrugli.eu) in November 2014
Cotrugli MBA scholarship winner for 2013/2014 school year
Active Amazon Web Services Certified Solution Architect Professional and Amazon Web Services Certified Solution Architect Associate certifications (valid until November 2024)
Active Google Cloud Platform Associate Cloud Engineer certification (valid until September 2024)
MCITP: Enterprise Administrator 2008 R2 and Microsoft Certified Systems Engineer 2003
Amazon Web Services Certified SysOps Associate certification (expired)
Amazon Web Services Certified Developer Associate certificate (expired)
Red Hat Certified System Administrator on RHEL 6 (expired)
VMware Certified Professional for vSphere 4, 5.1 and 5.5 (expired)
Cisco Certified Network Associate and Security certifications (expired)
Einsatzorte
Einsatzorte
Frankfurt am Main (+200km)
Deutschland, Schweiz, Österreich
möglich
Projekte
Projekte
6 years 7 months
2018-02 - now
manage major technology and security projects
Leading a multidisciplinary 7-person team to successfully manage major technology and security projects for,multiple customers.
Implementation of Microsoft 365 security (Defender 365, Intune, Azure Sentinel, Azure Entra ID, etc.).
Implementation of Cloudflare DNS, SSL, WAF, antibot, DDoS, Zero-Trust and security features.
Migration of legacy applications from six different data centers and implementation of necessary CI/CD pipelines for future application deployments.
Implementation of HashiCorp Vault for secrets management.
Implementation of cloud-native QA environment by deploying a QA environment consisting of Jenkins multi-slave platform, for testing of consumer TV applications.
Optimized the usage in a multi-account AWS environment, utilizing reserved / on-demand instances, and moving a portion of applications to containers / ECS.
Kubernetes implementation on AWS ? IOD by moving the applications hosted in Docker on EC2 to AWS EKS.
Kubernetes implementation on GCP by migrating KOPS K8s clusters from AWS to GKE clusters on GCP, with infra as a code in Terraform.
Setting up AWS infrastructure from the ground up AWS multi-account deployment with AWS S3, AWS CloudFront, AWS ECS, AWS RDS, AWS ElastiCache, and other AWS services.
Migration from a single AWS account to multiple AWS accounts by breaking the master account into several separate AWS accounts hosting a single environment.
Migration from a single GCP project to multiple GCP projects by GCP multi-project deployment with GCP GKE (Kubernetes), GCP CloudSQL, GCP Cloud Storage, and Firebase.
Implementation of IDS / IPS, network threat monitoring, observability, and monitoring tools from various vendors.
Setting up AWS infrastructure from the ground up by using Terraform (AWS Lambda, AWS API Gateway, AWS DynamoDB, AWS S3, AWS CloudFront, etc.).
Migration from manually provisioned infrastructure to Terraform translated all the manually created AWS resources to Terraform by using self-created modules.
Implementation of open-source monitoring with Prometheus, Grafana, Thanos, and Loki deployed and aggregated all the monitoring needs of AWS and GCP environments
PERUN IT SECURITY GMBH
1 year 3 months
2023-01 - 2024-03
InfoSec Risk mitigation programe
Cyber Security Program Lead
Cyber Security Program Lead
Leading post-mortem security mitigation efforts with a team of 12 security engineering after a ransomware incident with a big German Fintech company. The goal of the program was to radically re-architect the existing systems, migrate to cutting edge technology and create an operational security assurance process.
We organized the project in 8 pillars to address all security mitigation measures resulted from a security risk assessment performed jointly with the senior management of the company. The pillars included:
Security Strategy & Architecture (Zero Trust)
IAM and PAM
Network Security
Infrastructure hardening
Vulnerability management
Security assurance and Governance
SOC and Monitoring
Backup and Recovery
After the successful deployment of the technology stack, a set of baselines and processes were created to enable the customer regular insight into the risk exposure of their systems, making sure that we leave them with all tools and processes needed to effectively manage their technology stack
Planning and deployment of new Microsoft enterprise technologies
Technical Lead, Infrastructure
Technical Lead, Infrastructure
Planning and deployment of new Microsoft enterprise technologies and DR cloud infrastructure on AWS, managing system uptime of the entire trading platform by 360T supported by cloud and on-premises deployment, and introducing DevOps methodologies and automation
Upgrade of crucial Microsoft internal infrastructure - AD upgrade from Windows Server 2008R2 to 2012R2, Exchange from 2010 to 2013, client upgrade to Windows 8.1 Enterprise
Implementation of terminal services ? Deployment of RDS 2012 R2 with high availability and load balancing
Migration of e-mail services to the cloud ? Deployment of hybrid Office 365 / Exchange 2012 solution for a mixture of on-premises and cloud e-mail services for more than 1000 mailboxes
Upgrades of Atlassian products (Jira, Confluence, Bamboo)
Replacement of Linux KVM virtualization with VMware vSphere 6 products (currently only for infrastructure and test/dev environments)
Migration of several in-house production applications to AWS cloud ? utilizing AWS EC2, AWS S3, AWS IAM, and other AWS services
DevOps tooling and automation implementation ? automation of entire Linux environment with SaltStack and Ansible, introduced Rundeck for job automation, developed several dozens of reporting scripts with PowerShell and Bash for various business stakeholders.
MAJOR GERMAN FINANCIAL INSTITUTION
3 years 1 month
2012-09 - 2015-09
planning and deployment of new systems, storage, networks, and cloud technologies
IT Administrator
IT Administrator
Leading a team of 3 IT engineers, planning and deployment of new systems, storage, networks, and cloud technologies, overseeing company growth related to IT technologies and standards Development of company IT Security principles, policies, and procedures.
Datacenter consolidation ? planning, design and deployment of two new colocations (one physical, one on AWS) for online voting applications leased to customers.
Corporate messaging and collaboration ? standardized company e-mail messaging and collaboration based on Exchange 2013, Lync 2013, and SharePoint 2013, upgrade from previous versions and deployment of new products.
Deployment infrastructure - implementation of Microsoft SCCM 2012 R2 for internal and production deployment and configuration management of Microsoft products company wide. Also used for development / QA environment based on .NET projects as well as Linux / Mac workstations.
Application consolidation ? consolidated all source control repositories and project tracking in Atlassian products such as Jira, Confluence and Stash (deployment of all services in VMware/Red Hat cluster environment).
Corporate back-office infrastructure redesign ? planning and projecting implementation of EMC SAN storage in all three main offices, Belgrade, Toronto and Denver. Global network upgrade with failover Cisco ASA 5512-X devices, incorporating new core L3 switches and conversion from class C to class A IP addressing
Implementation of multi-site VMware vSphere 5.5 clusters.
Deployment of VMware Zimbra e-mail server for DVSC internet voting projects ? high volume clustered solution, in peak times more than 250 000 e-mails sent during working hours per day
USA GOVERNMENT INSTITUTION
Aus- und Weiterbildung
Aus- und Weiterbildung
Bachelor of Science degree, graduated at the Faculty of Computer Science in November 2008, majoring in computer networks and telecommunication
MBA degree, graduated at Cotrugli Business School (www.cotrugli.eu) in November 2014
Cotrugli MBA scholarship winner for 2013/2014 school year
Active Amazon Web Services Certified Solution Architect Professional and Amazon Web Services Certified Solution Architect Associate certifications (valid until November 2024)
Active Google Cloud Platform Associate Cloud Engineer certification (valid until September 2024)
MCITP: Enterprise Administrator 2008 R2 and Microsoft Certified Systems Engineer 2003
Amazon Web Services Certified SysOps Associate certification (expired)
Amazon Web Services Certified Developer Associate certificate (expired)
Red Hat Certified System Administrator on RHEL 6 (expired)
VMware Certified Professional for vSphere 4, 5.1 and 5.5 (expired)
Cisco Certified Network Associate and Security certifications (expired)
Vertrauen Sie auf Randstad
Im Bereich Freelancing
Im Bereich Arbeitnehmerüberlassung / Personalvermittlung