DevSecOps · Azure Cloud Infrastructure · AI Security
I'm a final-year FIAE apprentice specializing in Cloud-Native Infrastructure and AI Security on Microsoft Azure.
While most graduates focus on application development, I focus on building and securing the platforms that modern AI systems run on — from hardened Linux servers to production Kubernetes clusters on AKS, automated end-to-end with Terraform and GitHub Actions.
"Every module ends with a GitHub commit. Build in public, ship first, iterate later."
Actively using:
Building towards:
Structured learning path — each phase ships a real project to GitHub.
| Phase | Focus | Deliverable | Status |
|---|---|---|---|
| 1 | Linux · Security Foundations | Hardened Linux Server | 🔄 |
| 2 | Python · SQL · FastAPI | Secure API Gateway v1 | ⬜ |
| 3 | Azure · Terraform · IaC | Terraform Azure Infrastructure | ⬜ |
| 4 | Docker · Kubernetes (AKS) | AKS Production Deployment | ⬜ |
| 5 | OWASP · AI Security · CI/CD | AI Security Layer + Pipeline | ⬜ |
| 🏆 | Capstone | Secure AI Gateway 4.0 on Azure | ⬜ |
🔄 In progress · ✅ Complete · ⬜ Planned
Identified a real problem: German IT apprentices had no focused, privacy-respecting tool for IHK exam prep. Independently designed, built, and deployed three trackers — AI-assisted development, fully self-initiated.
- 790+ topic-specific flashcards covering the full IHK exam catalogue (FIAE & FISI)
- Spaced repetition engine, smart focus recommendations, Pomodoro timer
- Privacy by design: local-first architecture, no login, no tracking, no external requests — all data stays on the user's device
- Stack: HTML5 · Vanilla JavaScript (ES6+) · Tailwind CSS · LocalStorage
| Tracker | Live |
|---|---|
| AP1 – General Part | ap1.cwillam.de · Repo |
| AP2 – FIAE (Software Dev) | ap2.cwillam.de · Repo |
| AP2 – FISI (System Integration) | ap2-fisi.cwillam.de · Repo |
Automated Ubuntu server hardening toolkit — the foundation every subsequent project builds on.
- UFW firewall · fail2ban · SSH key-only auth · automated setup script
- Fully documented: every config decision explained in Markdown
- Repo: linux-baseline (coming soon)
Production-grade API Gateway for LLM applications, deployed on Azure AKS via Terraform IaC.
- Stack: Python · FastAPI · Docker · Kubernetes (AKS) · Terraform · GitHub Actions · PostgreSQL
- Security: Prompt Injection Detection · PII Redaction (GDPR) · OWASP Top 10 · SAST · Container Scanning
- Infra: Azure VNet · Redis · Azure Container Registry · Azure Monitor · Grafana
- Repo: secure-ai-gateway (architectural planning)
Certifications:
| Status | Certification | Issuer |
|---|---|---|
| 🔄 | Python Programming MOOC | University of Helsinki |
| ⬜ | ISC² Certified in Cybersecurity (CC) | ISC² |
| ⬜ | Microsoft Certified: Azure Fundamentals (AZ-900) | Microsoft |
| ⬜ | DevOps with Kubernetes | University of Helsinki |
| ⬜ | Relational Database Certification | freeCodeCamp |
| ⬜ | Docker Essentials | IBM |
| ⬜ | OWASP Top 10 & Application Security | APIsec University |
🔄 In progress · ✅ Earned · ⬜ Planned
Foundations & Courses:
- Information Security – openHPI / Hasso-Plattner-Institut
- Networking Basics · Linux Essentials · Cybersecurity Essentials · AI Security – Cisco NetAcad
- Intro to SQL + Advanced SQL – Kaggle
☁️ Cloud-Native Infrastructure Building scalable, production-ready platforms on Microsoft Azure — from VMs and VNets to fully automated AKS clusters managed with Terraform.
🛡️ Security-First Design Shift-left DevSecOps from day one: hardened Linux configs, SAST, container scanning, OWASP Top 10, and secure-by-default API design.
🤖 AI Infrastructure & Defense Deploying and protecting modern AI systems — prompt injection defense, LLM rate limiting, PII redaction, and audit logging.
🚀 Production Mindset Every project ships with a README, architecture diagram, and copy-paste setup guide. Real deployments, not just local demos.
Open to discussing DevSecOps, Azure architecture, AI security, or collaboration opportunities.
