I'm on a mission to build an empowering developer experience, so engineers can focus on shipping and operating great products; faster, more reliable, efficient, and secure.

*a greeting from North Germany

MZ

My Approach

My principles are simple: remove every obstacle between engineers and shipping great products. I build high-trust, autonomous teams and invest in the platforms, tooling, and culture that make this possible.

I engineer the complete system by applying three principles: , , and .

With a background spanning DevOps, security architecture, and cloud platform strategy, I connect technical solutions to business outcomes. I specialize in creating tangible results through FinOps, modern and AI-native platform engineering, and organizational design using frameworks like Team Topologies.

What I Do

Everything I do goes into one direction: an enabled and empowered developer experience from product ideation to its retirement.

Results

Real challenges with measurable outcomes.

FinOpsAWSStrategyLeadership

Cloud spend had doubled to an annual spend of $3.5M+ with no corresponding footprint increase resulting in lacking visibility and accountability. Reduce the bill by $50k/month, implemented several cost-saving measures like cost-saving plans, rightsizing instances, reduced waste, architectural changes, and most importantly transform the engineering culture to also own the costs. Hired a senior engineer and empowered him to lead the initiative. I established proactive reviews and built a strong partnership with Finance to create shared accountability.

Exceeded goal, delivering over $1M in annualized savings and dramatically improving forecast accuracy from over 30% deviation (forecast vs actuals) to under 4%.

$1M+

Annualized Savings

$84,000+

Monthly Reduction

30% → <4%

Forecast Deviation

Career

A decade of engineering leadership, cloud architecture, and security.

Engineering Manager for Cloud Platforms - Cloud Platform

Awin Global · Aug 2024 - Present

Leading a cross-cultural Cloud Platform and DevOps organization across UK, Germany, Romania, and Spain. Responsible for cloud platform strategy, cloud landingzone infrastructure, CI/CD, observability, SRE, and FinOps. I am on a mission to build a resilient, cost-effective platform that accelerates the entire engineering organization.

  • Rebuilt the team from 6 to 12 engineers in 10 months after a restructure, filling skill gaps with a deliberate 1/5/6 junior-mid-senior mix while maintaining delivery and operational stability throughout.
  • Established the FinOps function from scratch, achieving $84,000+ in monthly recurring savings within 6 months and reducing budget forecast variance from 20% to 3% through a structured cost planning process.
  • Led the CI/CD platform modernisation and replacing Jenkins, Harbor, and Nexus with GitHub Actions and cloud-native tooling which cut new project initialization time by 16 hours and eliminating 10 weekly support tickets.
  • Secured $150,000 in AWS MAP funding for a full datacenter-to-cloud migration by connecting the right stakeholders and reworking the vendor ARR model, which resulted in a signed contract within 7 months.
  • Wrote and implemented the "You Build It, You Run It" operating model and a company-wide SRE strategy, clarifying ownership across all team types and standardizing incident management ahead of a security audit.
  • Drove the observability strategy, standardizing on OTEL and Vector to reduce complexity and cost across 15+ engineering teams.
  • Raised the Peakon engagement score from 7.2 to 8.3 and the DX score from 62 to 73 within one year.

Cloud DevOps Manager

Jan 2024 - Aug 2024

Restructured the team and its operating model to remove systemic bottlenecks and clarify ownership using Team Topologies.

  • Analyzed operational bottlenecks, defined a new department charter, and led a re-organization into distinct DevOps, Cloud Platform, and IT Ops teams within 7 months.
  • Coached 3 senior DevOps engineers across Germany and Italy to successfully conclude the AWS landing zone for organizational adoption.
  • Replaced Docker Desktop with open-source tooling, improving developer experience and achieving $18,000 in annual savings.
Engineering ManagementAWSFinOpsSRE StrategyCI/CDPlatform EngineeringCloud MigrationTeam Topologies

Security Architect & Security Officer

AVIV Group · Feb 2022 - Jan 2024

Recruited to establish and lead the security function for a newly merged group. I designed the cloud security architecture from the ground up and pioneered the group-wide Secure Product Lifecycle (SPLC).

Security Architect

Jul 2022 - Jan 2024

Built and scaled a self-service Secure Product Lifecycle (SPLC) for AVIV's cloud-native products.

  • Launched the SPLC and matured it into a self-service program (dynamic questionnaire and standardized risk reports) covering 50+ assessments in 9 months, uncovering 80+ unique risks.
  • Reduced recurring findings by prioritizing platform-level fixes with preventative SCPs, automated responses, and notifications.
  • Established KPIs (cycle time, completion rates, developer satisfaction) and used them to drive iterative improvements and leadership reporting.
  • Raised security awareness across Product & Tech through presentations, architecture guidelines, and a newsletter embedded in team rituals.

Security Officer

Feb 2022 - Jun 2022

Delivered merger integration and AWS security foundations that improved control coverage and audit readiness.

  • Ran the security integration stream for the German businesses, aligned controls to CIS and group standards, and facilitated internal audits.
  • Developed the security stream for the AWS landing zone covering IAM Identity Center, Transit Gateway hub-and-spoke network, and centralized security logging.
  • Fortified the AWS security posture via SCPs, Prowler, and AWS Security Hub.
Cloud Security ArchitectureSPLC DesignAWS Security HubThreat ModelingNIST/ISO

Cyber Security Specialist & DevOps Engineer

immowelt · Aug 2015 - Jun 2022

Cyber Security Specialist

Oct 2021 - Jun 2022

Established the company's first cybersecurity function from the ground up, integrating "Security and Privacy by Design" principles into the development lifecycle.

  • Improved cloud security posture by developing custom scripts and leveraging Prowler for automated scanning across 100+ AWS accounts.
  • Established a NIST-based maturity model for continuous improvement and an ISO-aligned incident response process.
  • Drove security culture by designing and leading a company-wide Capture-The-Flag (CTF) competition for all engineering teams.

DevOps Engineer

Aug 2015 - Sep 2021

Pioneered a modern DevOps culture and rebuilt the main product with an AWS-native architecture.

  • Modernized legacy config management by replacing Puppet with modular Ansible and introducing a Docker platform based on DC/OS Mesosphere.
  • Managed and automated 3 datacenters with 50+ Linux and Windows physical servers (KVM, OpenNebula, Hyper-V).
  • Engineered GitLab CI/CD with Terraform (later CDKTF), including ephemeral stacks to accelerate testing and releases.
  • Shipped the AWS-native MVP in 8 months and completed the feature set 9 months later.
Terraform/CDKTFKubernetesDockerGitLab CI/CDAnsiblePython

IT Support & Systems Technician

Goodgame Studios / tectumHOME · Sep 2011 - Jul 2015

Provided 2nd and 3rd level IT support for 800+ users in a fast-growing gaming company while managing Windows Server infrastructure and completing an apprenticeship in IT Systems Electronics.

  • Managed Windows Server environments, Active Directory, and Google Workspace administration.
  • Automated routine tasks using PowerShell and AutoIT scripts to improve operational efficiency.
  • Planned and executed smart home projects including Crestron control unit programming.
Windows ServerActive DirectoryPowerShellNetworkingCrestron

Core Competencies

Leadership & Strategy

People-Centric LeadershipEngineering ManagementSystemic ThinkingTeam Building & CoachingOrganizational DesignStakeholder Management

Platform Engineering

Developer Experience (DevEx)Cloud Cost Management (FinOps)Service Reliability (SRE)Observability (Datadog, OTEL, Vector)Internal Developer PlatformsTeam Topologies

Cloud & Infrastructure

AWS (Advanced)Terraform/CDKTFDockerCI/CD (GitLab, GitHub Actions)Ansible

Security

Cloud Security ArchitectureSecure Product Lifecycle (SPLC)Threat ModelingAWS Security HubNIST/ISO FrameworksIdentity & Access Management

Kudos

What colleagues and leaders say.

Say Hi

This is my professional showcase. I'm always open to connecting over shared interests in platform engineering, leadership, or just good tech and coffee conversations.