The thread running through my career isn't a plan. It's closer to: I noticed something that needed doing, nobody had claimed ownership of it, and I did it. This is not a particularly efficient way to build a linear CV, and my CV reflects that honestly. But it turns out to be a very good way to learn how things actually work — as opposed to how they're supposed to work — and to end up with a range of experience that's genuinely hard to get any other way.
Belgrade → Galway → Germany
I started in QA at Microsoft's Development Center in Belgrade — testing OCR for Bing Vision. Less glamorous than it sounds, which is saying something. Then NCR: support for Blackberry devices and predictive analytics for ATMs, point-of-sale systems, and whatever else NCR makes that eventually breaks. The work was operational and occasionally tedious, but it built something useful: an intuition for how embedded, semi-autonomous systems fail in ways their designers didn't anticipate.
Then I moved to Galway, Ireland. MicroFocus had an IAM product that needed technical support and integration engineering — the kind of role where "integration" means sitting between a customer's enterprise system and a product mostly designed with a different enterprise system in mind, and making them agree. SAML in practice is a negotiation, not a standard. That's where I learned that authentication is never just authentication, and that the gap between "compatible" and "actually works" is where most of the work lives.
Fintech Scale
From Galway to Germany. Wirecard AG needed someone for enterprise merchant integrations — navigating a world where a misconfigured API mapping could block millions in transactions, fraud detection SQL ran against hundreds of millions of rows, and compliance requirements existed in constant tension with delivery speed. I owned those projects end-to-end — scoping through implementation through post-launch support — and built a fluency in payment rails that I genuinely hope to never need again.
I left Wirecard in early 2017, well before it collapsed spectacularly in 2020 in what turned out to be one of Europe's largest accounting frauds. The timing was not prescience — I just had a better offer. PPRO Group: global payment infrastructure on AWS ECS, a growing team, and for the first time, actual team lead responsibilities. I was Technical Operations Manager there through significant growth — the kind where the architecture you inherited at the start of the year is no longer adequate by the end of it, and the team doubles, and the decisions compound. I stayed until October 2020.
October 2020 is when COVID lockdowns and personal life intersected in a way that reorganised things. I was in Belgrade. Travel stopped. I met my now-wife. I stayed. After PPRO came a stint at Tamedia / TX Services (now TX Group) — migrating paywall infrastructure for a major Swiss media company and managing an ELK stack for editorial analytics. Operationally different enough from fintech that it felt like learning the job from scratch. The stakeholders have very different ideas about what "urgent" means in media versus payments. We had a baby. We moved to Karlsruhe.
Infrastructure at IONOS Cloud
Since November 2022, I've been a Senior Technical Operations Engineer at IONOS Cloud, responsible for three core cloud products: Cloud DNS, CDN, and Domains. These aren't small products — a number that stops being abstract the first time you push a bad config change to a DNS resolver.
The role covers more ground than most "ops" titles suggest. On any given week that might mean reviewing a Helm chart for a DNS resolver update, running a ChaosMesh experiment to validate failover behaviour, driving a BSI C5 evidence audit, or facilitating an incident debrief where the postmortem needs to produce a structural fix rather than a blame allocation. It's a role that spans product delivery, project coordination, compliance, and people — without being neatly constrained by any single discipline, which is either its main feature or its main liability depending on your perspective.
BSI C5 Compliance
BSI C5 is Germany's Cloud Computing Compliance Criteria Catalogue. On paper, it's a compliance checklist. In practice, owning C5 evidence for live cloud products is an operational discipline that surfaces architectural questions nobody thought to ask before the mapping exercise started.
When you work through the criteria and try to produce evidence that "all privileged access is logged and reviewed," you discover quickly which systems have gaps in their audit logging — not because anyone was careless, but because auditable logging was never a requirement before. C5 has directly influenced infrastructure decisions at IONOS: RBAC cleanup, secret rotation procedures, change management documentation for Helm deployments. I'd prefer the forcing function was something other than "auditors are coming," but the outcomes have been good.
Chaos Engineering
In 2023, I designed a chaos engineering programme using ChaosMesh across 100+ Kubernetes workloads. The pitch was "deliberate fault injection." The actual experience was finding out, one experiment at a time, which of our assumptions about system behaviour were correct and which were optimistic.
Several services retried upstream failures correctly — until sustained network partition conditions exhausted connection pools. A number of PodDisruptionBudgets were configured but didn't match actual availability requirements. Health check settings that looked fine under normal load caused restart loops under CPU stress. None of these were obvious from code review. The 99.99% HA target is now backed by empirical failure data rather than architectural intent. The empirical data took some uncomfortable conversations to collect.
Observability Stack
The observability stack — VictoriaMetrics for metrics, Loki for logs, Grafana for dashboards — wasn't inherited; it was built. Building one teaches you things that using one doesn't: cardinality limits bite unexpectedly, alerting signal-to-noise is almost always worse than you initially think, and dashboards that display data are not the same thing as dashboards that tell a story during an incident. The goal was the latter.
CKA Certification
Passed the Certified Kubernetes Administrator (CKA) exam in April 2024. It's a practical, timed exam that tests whether you can actually operate a Kubernetes cluster under pressure, which is a reasonable proxy for the job. The certificate lives in a drawer. The knowledge gets used more regularly.
What's Next
I'm open to senior roles in Technical Operations, Platform Engineering, and Technical Product or Delivery — particularly at places where infrastructure is a competitive advantage and where "ops" isn't a team that gets called after the engineers have already decided what to build.
If that sounds like where you work, reach out.
Outside of work
We live in Karlsruhe with a toddler and a Samoyed. The Samoyed is very fluffy and has strong opinions about the acceptable length of a walk. I run, cycle, and follow football with the kind of consistency that doesn't quite justify calling it a hobby but is too regular to call casual. BBQ and pizza are non-negotiable. On beer: Augustiner and Chiemseer, in that order — and I recognise this is a position, not a preference.