Projects

๐Ÿงฉ Projects & Professional Experience Link to heading

A selection of impactful projects and responsibilities from my career in infrastructure and software development:

๐Ÿ”ง Infrastructure Modernization & Automation Link to heading

Client: Large Enterprises (financial and automotive sectors) โ€“ Ongoing for 15+ years

  • Managed over 1,000 Windows servers across dev, test, and production.
  • Introduced automation to streamline system setup and configuration.
  • Identified system bottlenecks and performance issues using logs, counters, and traces.
  • Implemented bug traceability and routing using correlation IDs.

๐Ÿงฑ Network & Security Infrastructure Link to heading

  • Supported configuration and maintenance of internal firewalls and routing rules for segmented application tiers.
  • Coordinated with network and security teams to align changes with application deployments.
  • Implemented and operated internal PKI services for certificate management and automation.
  • Automated certificate requests and renewals across web applications and services using PowerShell.
  • Designed and implemented a complete code signing infrastructure to support internal development teams.

๐Ÿ“ฆ Configuration Management Platform Link to heading

Tool: DscConfigIt

  • Web-based system to manage modular Desired State Configuration (DSC) profiles.
  • Enabled role- and system-specific configuration management for Windows systems.
  • REST API capable and backed by PowerShell scripting.

๐Ÿ“ก Data Collection & Observability Link to heading

Tool: ConfigMonger

  • Backend service to periodically collect telemetry using WMI and PowerShell.
  • Aggregated data to backends for analysis (integrates with Grafana).
  • Provides critical insight into system performance and state.

๐Ÿ“š Metadata Registry Link to heading

Tool: EasyInventory

  • Frontend system to maintain metadata for servers (name, stage, etc.).
  • REST API enabled; source of truth for multiple other tools.
  • Daily integration with ASG (Rocket) Remote Desktop via automation script.

๐Ÿ“ฌ Communication Hub Link to heading

Tool: ComHub

  • Event-driven backend routing messages to Slack, WhatsApp, SMTP, etc.
  • Leverages MassTransit to respond to system events and trigger alerts.
  • Extensible with message templates and routing profiles.

๐Ÿ” Secret Storage System Link to heading

Tool: SecretVault

  • Internal secure storage backend for secrets.
  • Designed to be a cost-effective alternative to tools like CyberArk.
  • Easy integration via REST and PowerShell modules.

๐Ÿ›  Daily Operations Link to heading

  • Created a daily sync script between EasyInventory and ASG Remote Desktop.
  • Integrated system telemetry (via ConfigMonger) into the access tooling workflow.
  • Developed and maintained PowerShell modules to unify tool usage and automation.
  • Created data analysis scripts for housekeeping (obsolete users, firewall rules, etc.)

For deeper dives into each system or postmortems on legacy refactoring projects, see my blog.

โ€“ Steffen