Quick audit
Best when you want a clear yes/no on whether one workflow is worth automating.
For IT and software teams
Automate IT work with AI without losing control.
I review one real workflow, map the data, tools, and approval risks, and show what can be automated safely, what needs human review, and the clearest practical next step.
- 15+ years IT experience
- Security / ITSM / Microsoft 365 / Azure
- Germany / EU / remote
What you get
- Clear risk mapWhich data, tools, repos, tickets, and docs the workflow touches.
- Safe automation boundaryWhat can run automatically, what needs human review, and what should wait.
- Practical next stepA short report and, when low risk, one validated quick win your team can use.
AI and dev automation audit
No-drama AI and dev automation
For IT and software teams that want to clean up repeated PR, documentation, QA or support work without handing sensitive workflows to an unchecked bot.
What I check
I review one concrete workflow, map the data and approval boundaries, and produce a short report with practical next steps. If the scope is safe enough, I can also prepare one focused, human-reviewed quick win.
Typical outputs
- Private repo or documentation review report
- Docs-gap or QA checklist
- Risk notes for data, tools and approvals
- One focused patch, script or draft workflow if it is low risk
Audit + quick win
Best when the scope is already narrow and a safe first implementation can be tested privately.
Tool selection
Best when the hard part is choosing between local, EU-hosted and vendor tools without guessing on data risk.
How it works
- Pick one workflow. A repo review, documentation process, QA checklist or support task is enough.
- Map the boundaries. I check data, tools, accounts, approvals and where automation must stop.
- Return a short report. You get a practical recommendation, risk notes and one safe next step.
Good fit
- Repeated documentation or PR preparation work
- Private QA checks before a public release
- Tool choice between local, EU-hosted and vendor AI
Not a fit
- Unreviewed bots acting on customer data
- Public security details or vulnerability comments
- Promises of legal compliance or guaranteed ROI
Boundaries
- No automatic external emails, PR comments or production changes.
- No sensitive customer data in a first sprint unless the scope is separately approved.
- No legal or GDPR guarantee. The work identifies risks and practical controls.
- No fake case studies or invented ROI claims.
Want to see the output first?
Read a fictional, client-safe sample audit before sending private details.
Experience areas
IT work that stays practical and reviewable
The lists below preserve the full background, but the common thread is simple: clearer scope, safer access, better handoffs, tested changes and fewer surprises.
Security
Topics I work with and continue to study in day-to-day IT security.
- Comprehensive Mobile Device Management Solutions
- Robust Privileged Access Security Implementation
- Advanced Network Security Configuration (incl. Private DNS)
- Tailored Workshops for IT Privacy & Security Awareness
- Custom Monitoring System Implementation (e.g., Nagios-based)
- Thorough IT Auditing and Compliance Checks
- Integrated Identity and Access Management (IAM)
- Streamlined Single Sign-On (SSO) Solutions
Management
Topics I have worked on in IT operations, governance and team processes.
- ITIL Best Practice Implementation
- Incident Management Process Optimization
- Proactive Problem Management Strategies
- Effective Escalation Management Frameworks
- Strategic Provider and Vendor Management
- End-to-End IT Service Management (ITSM)
- Agile DevOps Team Leadership and Management
Digital Transformation
Topics related to modernization, migration and practical automation.
- Hybrid Cloud and On-Premise Infrastructure Management
- Microsoft 365 & Azure Cloud Administration (incl. Power Platform, SharePoint, Teams, Intune)
- Process Automation via PowerShell Scripting
- Microsoft Exchange Server Management and Migration
- Modern Cloud-Based HelpDesk Solutions
- Professional Website and E-commerce Platform Development
- GDPR and ISO 27001 compliance support
Community & Learning
I also share knowledge with non-profit organizations through practical workshops:
- Introduction to practical Open Source AI tools
- Leveraging AI for task automation and efficiency
- Using AI for creative content generation (text, images)
- Understanding ethical considerations and security in AI
Open source projects I follow and support:
Public-safe proof
What I can help with
I keep this section ranked by client value, not by chronology. The four cards below are the strongest public examples right now; the expandable list keeps smaller tested methods visible without turning the page into a changelog.
Local-first business automation
Built a browser and CLI workflow for preparing XRechnung and EN16931 invoice XML candidates. Invoice handling stays local, fields are checked in a structured way, and KoSIT validation remains the reference for real submission claims.
Mission Control operator dashboard
Built a local operator dashboard for automation work: task state, service health, evidence links and approval points in one client-safe snapshot. Raw infrastructure details stay out of the public view.
Agent runtime and repo reliability
Hardened agent-assisted repository work with scoped fixes, local and CI checks, passive repo watchlists, fallback checks and quiet no-news monitoring before calling work complete.
Security evidence and audit prep
Built local proof packages for security questionnaires, DORA ICT evidence prompts, finance exception reports, accessibility snapshots and technical data rooms. They use synthetic data and approval gates by default.
More project notes and tested methods
Browser QA automation
Built repeatable browser checks for demo flows, logout behavior, task detail pages, theme switching, invoice forms and trust UI.
Website file-change and security triage
Triaged WordPress file-change alerts by separating normal updater noise from compromise signals, then checked public pages, plugin state and security headers before recommending baseline or cleanup steps.
Dependency security remediation
Reduced a web app npm audit from reported issues to zero, then checked lint, tests and production build instead of treating the audit output as the finish line.
Security Questionnaire / Trust Evidence Pack
Built a private, synthetic package that organizes questionnaire answers, evidence owners, freshness status and approval gates before any real customer security data is touched.
DORA ICT Register Preflight
Built a local spreadsheet-first preflight for ICT providers answering DORA-driven customer due-diligence requests. It is evidence organization, not legal or compliance certification.
Acquire-ready Technical Data Room Kit
Built a private kit for micro-SaaS technical diligence: architecture notes, repository inventory, dependency evidence, runbooks, access prompts and buyer FAQ material using demo data.
Finance Exception Radar
Built a local CSV report for invoice and receivable/payable anomalies using synthetic sample data, summary JSON and validator checks. It stays local and read-only by design.
TenderOps proof package
Built a private bid-pack prototype that turns public tender notices into a bid/no-bid memo, source notes and a short buyer-safe sample. It is a proof package, not a procurement promise.
Accessibility Snapshot
Built a page triage check that flags common accessibility issues with selectors and plain notes for developers. Useful before a real WCAG audit, not a replacement for one.
CAD workflow hardening
Contributed tested production-readiness slices to a browser CAD sketcher: DXF import safety, STL reference-mesh validation, project-file guards, delete-shortcut behavior and rotated push/pull correctness.
Local and private AI stack
Set up local AI tools for private search, drafting and experimentation without sending every task to a hosted service.
Responsible security testing
Tested apps in a responsible, private-first way: scoped targets, safe reproduction steps and clear reports for teams to fix.
Operational monitoring and task systems
Kept health checks, task state, watchdogs and summaries tied together so automation work has a visible owner, status and next action.
Repo watchlist and safe cherrypick method
Built a review flow for tracking useful open-source changes, selecting only relevant patterns and turning them into small local improvements after review.
Anonymized AI workflow briefing kit
Prepared a managed-agent platform briefing pattern with scope, risks, architecture options and phased MVP notes, without publishing client names or private proposal details.
About
About Me
My name is Antonios Chatzigiagkos. I have 15+ years of experience in IT and build practical solutions for real-world technical challenges.
My work covers IT operations, security, Microsoft 365 and Azure administration, automation, service management and modern AI tooling. I like useful systems: clear scope, good handoffs, tests, logs and rollback paths.
I actively explore open-source and local-first AI across web development, programming, security analysis and content workflows, then turn the useful parts into working methods.
This website is a personal profile and portfolio page for employers, clients and technical reviewers. Freelance or project inquiries are handled individually by direct contact.
To learn more about me, check out my LinkedIn & Xing accounts. For exchange and networking, contact me via email: ac@it-expert.io.
Current product experiment
TraceTrust
A trust layer for AI agent tasks.
Scope is defined first, execution is logged, and review happens before payout. This product effort is separate from this personal profile page. The public demo is read-only and uses sample data.
Contact
Want one workflow reviewed?
Send a short description only. Please do not include secrets, customer data, private repository contents or confidential vulnerability details in the first message.
Antonios Chatzigiagkos
IT Expert / Freelancer
Germany / Bavaria
Phone: +49 1511 5572841
Email: ac@it-expert.io
Impressum / Legal Notice
