Finance & Controlling Intern
PRISMA European Capacity Platform↗Built a Power BI dashboard giving senior management company-wide visibility of over 350 software licences and their cost-saving opportunities. Structured licence data from across the business into an accurate central database.
2024
2023
Chef de Partie
The Wimbledon Championships↗Promoted on merit across three consecutive tournaments, rising to Chef de Partie and lead of the starter section. Held a four-person team to flawless, on-the-clock service for over 250 guests a day under Michelin-standard pressure.
Hospitality Intern
Schlosshotel Kronberg↗Worked across service, reception, housekeeping and kitchen, gaining an early, in-depth view of the hospitality sector and customer relations.
BSc Business & Management
University of Exeter↗Graduated with a High 2:1, including a First-Class dissertation (72%) on AI in financial markets arguing that competitive advantage comes from human judgement and data quality rather than model complexity.
IB Bilingual Diploma
Warminster School↗International Baccalaureate Bilingual Diploma in German and English, with subjects spanning Mathematics, Economics, Biology, Visual Arts, German and English. Served as House Prefect.
Self-Hosted Data & AI Infrastructure
Sole Architect · Engineer · OperatorBrought a First-Class AI dissertation to life as a self-taught project, researching local multi-model AI hands-on with a Hermes AI agent orchestrating multiple LLMs and workflows. Self-hosted a personal cloud on 40TB of ZFS RAIDZ2 storage running TrueNAS, with over 60 services across observability, monitoring, backup, storage, networking, security, authentication and automation.
My Brainforest
Sole Architect · CuratorBuilt a knowledge-management system: a queryable second brain of 4,000+ notes and 4 million words across over 150 domains under a custom Dewey-style classification, designed for longevity and AI connectivity. Extended it into a meta-processing layer with 47 community plugins and 5 MCP servers, running a knowledge workflow pipeline from capture to output.
hbjunge.com
Sole Designer · Engineer · OperatorMy personal website, built on FastAPI and SQLite behind Cloudflare, for blog, projects and products. Running self-managed Google Ads, applying my Google Ads and AI certifications in live practice to learn the customer's economics first-hand.
- Language·NativeMeine Muttersprache. Still the language I count in.
- Language·NativeBilingual on paper, five years in England, UK settled status. The accent survived.
- Language·B2Working professional proficiency.
- AI·AdvancedPrompts engineered daily across every provider in the lab. Anthropic (Claude Code), Google (Gemini, Gemma, NotebookLM, AI Studio, Antigravity), OpenAI (GPT-5.5), Meta (Llama), Mistral (Medium 3.5), xAI (Grok), DeepSeek (V4), Alibaba (Qwen3.6), Moonshot (Kimi), Perplexity (Sonar), NVIDIA (Nemotron), Nous Research (Hermes), OpenRouter and Hugging Face.
- AI·AdvancedBuilt Hermes as an always-on extension of myself: persistent memory, scheduled jobs, sub-agents and scoped keys to every machine in the lab. A Discord message from anywhere becomes work done at home.
- AI·ProficientAI models running entirely on my own server, so nothing leaves the house. The network is locked to my own devices, and the model sizes were picked by measuring the hardware, not by hope.
- Code·AdvancedPrimary language for everything with moving parts: data pipelines, custom exporters, watchdogs, a briefing engine that records its own podcast. Anything I can describe, I can now ship.
- Data·ProficientThis site runs on a database I designed: versioned migrations, tuned pragmas, an audit trail on every write. Owning the data layer means every question about my own systems has a queryable answer.
- Code·ProficientEverything I run lives in git: server configs, this website, even my notes commit themselves every six hours. Mistakes stopped being scary once every state became recoverable.
- Code·ProficientRuns everything behind this site, from signup forms to live metrics. When an idea needs an API, I do not look for a provider; I add a route.
- Code·ProficientHand-built with modern CSS and zero frameworks, strict enough that the browser refuses inline scripts. The reward is a site that loads instantly and looks like no template.
- Data·WorkingLearned properly at university: regression, hypothesis testing, the discipline of checking significance before believing a number. Not my daily tools, but the instincts stayed.
- Data·AdvancedPRISMA handed me their software licences and I gave back a single source of truth: over 350 subscriptions, eight departments, mapped cell by cell. Advanced functions did the lifting; discipline did the rest.
- Data·ProficientThe audit became a database; the database became a dashboard; the dashboard became how management saw the company’s software. Power BI carried the last mile from accurate cells to actual decisions.
- Infrastructure·AdvancedGrafana, VictoriaMetrics and Loki across three hosts; dashboards-as-code.
- Infrastructure·ProficientUptime Kuma runs 35 health checks from its own machine, deliberately separate from everything it watches; Grafana alerting routes by severity through a webhook formatter I wrote, landing on my phone via ntfy. Critical pages loudly, warnings queue politely, and a quiet phone actually means a healthy lab.
- Infrastructure·ProficientZFS snapshots every hour, Restic shipping offsite to Backblaze B2 every night, retention tuned from 24 hourlies to 5 yearlies. Losing data now requires my house and the cloud to fail on the same day.
- Infrastructure·AdvancedTrueNAS with two pools doing two jobs: an NVMe mirror for databases and configs, five 8TB drives in RAIDZ2 for the 40TB bulk, NFS serving every machine with one export per dataset. Any two disks can die on the same day and nothing is lost.
- Infrastructure·ProficientZero open ports on the router: Cloudflare Tunnel carries the public traffic, Tailscale meshes the private side, and split-horizon DNS lets the same names resolve differently inside and out. Public is an explicit opt-in, four hostnames and not one more.
- Infrastructure·ProficientContainers run read-only with every capability dropped; the site ships CSP and HSTS strict enough to reject my own inline scripts. When Google Ads wanted looser headers, it got a quarantined subdomain instead. Hardening here is a default, not a retrofit.
- Infrastructure·ProficientAuthelia single sign-on with 2FA (Argon2id, TOTP) in front of 13 services, hosted away from the main server so an outage cannot lock me out of its own diagnosis. A YubiKey pair adds the physical factor: phishing can steal a password, even a code, but not a key you have to touch.
- Infrastructure·Advancedn8n runs ten-plus scheduled workflows; a GitOps pipeline (Diun → PR-bot → deploy) turns every container update into a reviewed pull request; cron and systemd timers sweep the rest. Optimised the worst recreate from 23 minutes to about 2 seconds. My job moved from doing to reviewing.
- Infrastructure·AdvancedOver 60 services on Compose across three machines, every change a reviewed pull request, merge to live in under 8 seconds. Auto-updaters were rejected on purpose: rollback awareness beats convenience. Any box can burn down and the stack rebuilds from git.