About Germain
If you need someone to design, secure, and operate your Kubernetes infrastructure, I can help.
I'm a Kubernetes Platform & Security Engineer with 5+ years of experience running enterprise-scale, multi-tenant clusters in production. I operate a platform of 9 clusters, 33 tenants, and over 13,000 CPU cores — handling everything from bare-metal provisioning with PXE and Flatcar Linux, to cluster security hardening, secrets management, and service mesh architecture with Istio.
I design and enforce security at every layer: Kyverno admission policies, RBAC and namespace isolation, network traffic controls with Calico, image registry guardrails with Harbor, and secrets lifecycle management with HashiCorp Vault and External Secrets Operator.
I typically help clients with:
- Setting up or hardening production Kubernetes clusters
- Designing multi-tenant isolation architectures
- Implementing policy-as-code with Kyverno or OPA
- Secrets management with HashiCorp Vault
- Service mesh deployment and configuration with Istio
- CI/CD pipelines and GitOps workflows with GitLab and ArgoCD
- Infrastructure as Code with Terraform and Ansible
- Observability stacks with Prometheus, Thanos, Grafana, and Alertmanager
I work remotely, communicate in English, French, and German, and bring a "you build it, you run it" mindset — meaning I take ownership of what I deliver, including on-call and incident management when needed.
English
Native or bilingual
French
Native or bilingual
German
Fluent
Remote only
Primarily works remotely
Experience
- 1&1 Telecommunication SE,Cloud Infrastructure EngineerTELECOMMUNICATIONSApril 2022 - Today (4 years and 2 months)Baden-Württemberg, Germany• • Managed and automated on-prem multi-tenancy Kubernetes clusters with strict namespace isolation, RBAC enforcement, and resource-quota strategies• • Designed and implemented service mesh solutions with Istio• • Established centralized monitoring with Thanos, Prometheus, Grafana, and Alertmanager• • Automated infrastructure provisioning using Terraform and Ansible• • Integrated HashiCorp Vault for secrets management across platforms• • Optimized CI/CD pipelines using GitLab• • Creating Kubernetes Operators for tasks automation• • Participate in 24/7 an on-call rotation and incidents Management• • Implemented Kyverno policies cluster-wide to enforce security and compliance standards.• • Created Python tooling to automate Helm addons updates and avoid manual chart comparisons• • Integrated Kubernetes E2E conformance tests in CI/CD to validate cluster stability before up grades
- GOD Gesellschaft für Organisation und Datenverarbeitung mbH,DevOps/IT GovernanceOctober 2019 - March 2022 (2 years and 5 months)Braunschweig, NI, Germany• • Built and managed CI/CD pipelines with GitLab CI• • Maintained SDK Toolchain and coordinated IT governance tasks• • Delivered IaC automation using Terraform and Ansible
- Actions for Development,Help Desk LinuxJanuary 2016 - December 2020 (4 years and 11 months)Ngaoundéré, AD, Cameroon• • Provided help desk support and server management for Linux-based environments• • Handled user administration, log monitoring, backups, and upgrades
Recommendations
Be the first to recommend Germain
Help this freelancer shine by sharing your experience working together.
These freelancer profiles also match your criteria
Agatha Frydrych
Backend Java Software Engineer
4.7
(3)
2
Baptiste Duhen
Fullstack developer
4.6
(4)
5
Amed Hamou
Senior Lead Developer
4
(2)
7
Audrey Champion
Web developer
4.3
(3)
4
Education
- Masters in Computer Science.Technical University of ClausthalMasters in Computer Science.
- Master 1 Computer EngineeringThe University of Ngaoundere2016Master 1 Computer Engineering
Certifications
- Certified Kubernetes Administrator (CKA)Cloud Native Computing Foundation (CNCF)2023
- Certified Kubernetes Security SpecialistCloud Native Computing Foundation (CNCF)2025