Projekte

Over the past few years, I’ve had the opportunity to work on various projects as a Cloud Engineer in real-world production environments. This has allowed me to put my knowledge into practice — and more importantly, to keep learning and growing along the way.

I’ve also earned certifications related to cloud-native technologies.

Without going into technical details, here are a few of the projects I’ve been involved in:

Microservices Monitoring

Monitoring microservices is essential to ensure the performance, availability, and reliability of distributed applications. Since microservices operate as independent components that interact via networks and APIs, monitoring them requires a more sophisticated approach than traditional monolithic applications.

Effective monitoring typically involves observability solutions that combine logging, metrics, and distributed tracing to provide a complete view of the system. Tools like Prometheus, Grafana, and the Elastic Stack are widely used for this purpose. Additionally, automated alerting and visual dashboards help teams respond quickly to incidents.

My particular interest in this area goes beyond simply providing a monitoring stack for deployed services. I also focus on optimizing the monitoring infrastructure in two key areas:

1. Scalability in high-complexity environments.
   As infrastructure grows in size, new and unforeseen challenges often arise, requiring fresh solutions. For example:
   High cardinality – why it matters
2. Proper integration of monitoring within teams,
   to avoid noise, false positives, or alert fatigue. Clear and meaningful alerts are far more valuable than sheer volume:
   Cloudflare on alerts and observability

To get started, I recommend this reading — it’s easy to see yourself in many of the described situations and reflect on which approaches best suit your own context:

Google SRE - Site reliability engineering book Google index

Go through the complete table of contents of sre Google book, outlined are the key topics and insights covered in this essential resource for SRE professionals.

Google

Scalable Mailing Services

Also related to microservices, I have been involved in designing and developing a scalable microservices architecture aimed at providing comprehensive email services, both for sending and receiving. This infrastructure was designed to operate in a distributed manner, with the ability to scale horizontally according to load, and with independent components managing key aspects such as mail routing, processing queues, and interaction with external systems.

Additionally, essential authenticity and security mechanisms were implemented to ensure the integrity and reliability of the system. This includes proper validation and signing of messages with DKIM, enforcement of SPF and DMARC policies, encryption of communications via TLS, as well as authentication and access control policies. The result is a robust, resilient platform prepared for high-demand environments with continuous monitoring.

My interest here lies in understanding how this set of technologies works and also in appreciating the importance of data privacy and security in cloud environments. On this note, for anyone looking for a managed mailing service with robust standards but without sufficient infrastructure, the people at Proton Mail do an excellent job — and honestly, their products never cease to impress me. I recommend checking out their managed mail service:
https://proton.me/en/mail

PKI Infrastructure

I have also worked with public key infrastructure (PKI) in isolated environments with stringent security requirements, where each component must comply with strict regulations such as eIDAS and other European standards. This experience ranges from managing physical devices for the secure storage of private keys, such as HSMs (Hardware Security Modules), to detailed configuration of tools like OpenSSL and PKCS#11 for integration and operation.

Beyond operational tasks, I have solid knowledge of the cryptographic fundamentals underpinning these infrastructures: hash algorithms, asymmetric encryption, certificate management, and digital signature validation. I have participated in secure key generation, designing trust hierarchies, and implementing physical and logical access control procedures. Although this field demands a rigorous and specialized approach, it is an exciting technical challenge that adds enormous value in sectors where trust, integrity, and traceability are critical.

Here are two fun and educational recommendations for getting started in this area:
https://cryptopals.com/
https://cryptohack.org/

Throughout my career, I have developed a strong inclination toward using Open Source technologies, both for their transparency and the flexibility they offer when building robust solutions tailored to each context. I especially value being able to audit the inner workings of the tools I use, contribute to their improvement when possible, and avoid reliance on closed or proprietary solutions that limit technical autonomy. Whenever the project allows, I opt for well-maintained open source stacks, which also foster active communities for sharing knowledge and continuous learning.