Marcus Pichler

Connected Mobility for Motorcycles

marcus@pichler.dev (Marcus Pichler) — Mon, 01 Jan 0001 00:00:00 +0000

Collaborated on integrating Sibros’ Deep Connected Platform into Pierer Mobility’s high-performance motorcycles, including the V-Twin Series, Super Adventure and Super Duke.

Focused on enabling advanced connected vehicle capabilities through safe and secure vehicle-to-cloud solutions.

IT Architect

marcus@pichler.dev (Marcus Pichler) — Mon, 01 Jan 0001 00:00:00 +0000

Delivering end-to-end IoT solutions – from device layer and network integration to cloud connectivity and embedding in business processes.

Securely integrate IoT devices into the IT network: analyze new requirements, design and agree solution variants and integrate new components
Define and implement IoT architecture standards, best practices and security policies
Secure and manage the IoT infrastructure in line with current IT security requirements
Collaborate closely with internal IT teams to ensure stable, secure and high-performance operations
Raise security awareness in business units for IoT and support them in implementing security policies

Local AI

marcus@pichler.dev (Marcus Pichler) — Mon, 01 Jan 0001 00:00:00 +0000

Self-hosted AI platform running on Kubernetes (K3s) with an NVIDIA RTX 3060. Powers a RAG chatbot for my portfolio website and serves as an AI experimentation playground.

Stack — vLLM serves Gemma 3 4B with OpenAI-compatible API. LangGraph orchestrates the chat flow (intent classification → retrieval → generation → validation). Qdrant stores vector embeddings, TEI generates them at inference time. Langflow handles automated content indexing via webhook.

Observability & Security — Prometheus + Grafana for GPU stats and request metrics, LangSmith for LLM tracing, DCGM Exporter for GPU telemetry. Keycloak provides SSO/OIDC for all AI services. The chatbot implements OWASP-aligned security: prompt injection detection, rate limiting, CSRF protection.

Core Infrastructure

marcus@pichler.dev (Marcus Pichler) — Mon, 01 Jan 0001 00:00:00 +0000

The backbone of the homelab runs on Proxmox VE with QEMU/KVM as the virtualization backend, providing robust virtualization for all workloads. Ubuntu cloud images serve as the base for most VMs, ensuring consistent and reproducible deployments.

ZFS provides enterprise-grade storage with built-in data integrity, snapshots, and compression. Proxmox Backup Server handles automated snapshots and backups. TrueNAS serves as dedicated NAS storage, with NFS and Samba providing network shares for various clients. Docker containers and LXC handle application isolation for various services.

eSTORE Cash Register Solution

marcus@pichler.dev (Marcus Pichler) — Mon, 01 Jan 0001 00:00:00 +0000

Developed a Linux-based cash register solution powered by Java, designed for reliability and seamless regional operation.

Integrated DevOps practices to create a robust framework for Continuous Integration (CI), Continuous Testing (CT) and Continuous Deployment (CD).

Aligned with retail operations and customer journey goals, paving the way for modern omni-channel strategies.

IoT Solution Architect

marcus@pichler.dev (Marcus Pichler) — Mon, 01 Jan 0001 00:00:00 +0000

Orchestration of IoT project implementations, including the formulation of technical specifications, supervision of integration processes and diligent performance monitoring.

Project management: adapting at delineating work packages, fostering interdepartmental collaboration and managing development partnerships
Devising and refining technical solutions and architectural concepts
Critically assessing emerging technologies and leadership of software development teams
Ensuring stakeholder engagement and alignment of project outcomes with executive expectations

Freelancer

marcus@pichler.dev (Marcus Pichler) — Mon, 01 Jan 0001 00:00:00 +0000

Independent consulting focused on infrastructure automation and security hardening.

Implemented comprehensive Linux hardening strategy to enhance system security
Streamlined complex processes and bolstered efficiency through infrastructure analysis utilizing Ansible
Spearheaded the deployment of Checkmk to improve monitoring capabilities
Developed robust backup systems to ensure data protection and continuity

Intranet Portal based on Adobe AEM

marcus@pichler.dev (Marcus Pichler) — Mon, 01 Jan 0001 00:00:00 +0000

Developed a state-of-the-art intranet platform using Adobe AEM, leveraging advanced digital experience management capabilities.

Created a highly responsive and intuitive intranet environment tailored to the dynamic needs of enterprise communication.

Kubernetes Cluster

marcus@pichler.dev (Marcus Pichler) — Mon, 01 Jan 0001 00:00:00 +0000

A lightweight k3s cluster handles container workloads for various services. Helm manages application deployments with templated configurations. Traefik and Nginx serve as ingress controllers, with cert-manager handling automatic TLS certificate provisioning via ClusterIssuer.

Experience with OpenShift includes both single-node and 3-node cluster deployments. This environment mirrors enterprise Kubernetes patterns on a smaller scale, enabling experimentation with cloud-native architectures and deployment strategies.

CTO / Co-Founder

marcus@pichler.dev (Marcus Pichler) — Mon, 01 Jan 0001 00:00:00 +0000

Environmental monitoring startup focused on high-resolution climate and environmental data.

Conducted high-resolution climate and environmental data measurements tailored to customer preferences
Developed the data collection methodology in collaboration with partners
Identified valid measurement points
Managed the complete installation and configuration of hardware and software

Smart Home

marcus@pichler.dev (Marcus Pichler) — Mon, 01 Jan 0001 00:00:00 +0000

Home Assistant serves as the central hub for smart home automation, integrating multiple protocols and standards. KNX provides reliable wired automation for lighting and blinds, while EnOcean enables energy-harvesting wireless sensors.

LoRaWAN extends connectivity to outdoor sensors and long-range applications. All devices communicate through MQTT for seamless integration and custom automations.

Workplace Strategy

marcus@pichler.dev (Marcus Pichler) — Mon, 01 Jan 0001 00:00:00 +0000

Led the strategy for the implementation of Microsoft 365 and the deployment of thin clients across branch offices to streamline operations and boost efficiency.

Focused on eliminating shadow IT by standardizing and centrally managing technological resources to enhance security and ensure compliance.

Security & Networking

marcus@pichler.dev (Marcus Pichler) — Mon, 01 Jan 0001 00:00:00 +0000

Security-first approach with TLS encryption via ACME/Let’s Encrypt for all services. Cloudflare provides DDoS protection and secure tunneling for external access.

OPNsense serves as the firewall and router with DHCP and traffic monitoring. Unifi Controller manages network infrastructure, while Unbound provides local DNS resolution. Network segmentation through VLANs isolates different workloads. WireGuard enables secure remote access. Vaultwarden handles password management, and Postfix provides local mail relay for system notifications.

SPAR Digital Leadership Store

marcus@pichler.dev (Marcus Pichler) — Mon, 01 Jan 0001 00:00:00 +0000

Delivered a groundbreaking retail technology initiative featuring self-checkout systems, electronic shelf labels and a dedicated snack pre-ordering app.

Focused on creating a seamless, efficient shopping experience, showcasing the store’s dedication to digital innovation and customer convenience.

SPAR ICS - 20 Year Career

marcus@pichler.dev (Marcus Pichler) — Mon, 01 Jan 0001 00:00:00 +0000

Two decades of progressive growth from technical support to enterprise architecture and product leadership.

Senior Product Lead (Jul 2020 – Jun 2021)

Led cross-functional DevOps team (4 FTE) with CI/CD, IaC and SRE responsibility
Owned the DevOps backlog, prioritizing tasks and ensuring continuous improvement
Captured business requirements and crafted solution designs
Provided effort and cost estimates based on functional specifications
Coordinated with business stakeholders, project teams and architects

Digital Platforms Engineer, Enterprise Architect (Mar 2018 – Jul 2020)

Oversaw coordination of all technical experts across various project stages
Guided and provided support to Product Developers
Orchestrated planning of the project’s technical system landscape
Managed hardware, software, sizing, availability, security and licensing

Enterprise Architect - Workplace & POS Technology (Jan 2015 – Feb 2018)

Responsible for shaping the long-term strategy and roadmap
Developed and maintained standards and guidelines applied throughout the corporation
Worked with fellow architects to ensure solutions are scalable and adaptable
Aligned strategies with the needs and goals of business and IT stakeholders

ICS INNOVATION LAB - Technical Lead (Jan 2014 – Feb 2018)

Spearheaded evaluation and proof of concepts for innovative technologies
Focus on location-based services, beacons, 3D printing and wearables
Explored scan-and-pay systems, smart devices, smart trolleys, smart shelves and electronic shelf labels
Investigated robotics, drones, RFID, smart glasses, virtual and augmented reality for indoor navigation

Earlier Roles (2001 – 2014)

Senior Solution Consultant - POS Technology (Jul 2014 – Dec 2014)
Teamleader Retail Technologies, Solution Consultant (Sep 2009 – Jun 2014)
POS Technology Manager (Jan 2007 – Aug 2009)
POS Technology Solution Developer (Jan 2004 – Dec 2006)
IT Hotline & Field Support (Jan 2001 – Dec 2003)

DI (FH) - Information Technologies & Systems-Management

marcus@pichler.dev (Marcus Pichler) — Mon, 01 Jan 0001 00:00:00 +0000

Extra-occupational studies while working full-time at SPAR ICS.

Thesis: “Nachhaltige IT im Rechenzentrum” - Development and presentation of a model for measuring efficiency in the data center.

This education combined practical work experience with academic knowledge in systems management and IT infrastructure.

Observability

marcus@pichler.dev (Marcus Pichler) — Mon, 01 Jan 0001 00:00:00 +0000

Production-grade monitoring and SIEM platform with Prometheus (42 scrape targets), Grafana (33 custom dashboards + 10 community), Loki for centralized log aggregation, and Wazuh SIEM (22 agents, ~100 custom rules, active response). 52 custom alert rules with intelligent inhibition and multi-tier alerting via email and ntfy push notifications. NUT monitors UPS status for graceful shutdowns during power outages. Full details in the Enterprise Monitoring & SIEM blog post.

Master Watchmaker

marcus@pichler.dev (Marcus Pichler) — Mon, 01 Jan 0001 00:00:00 +0000

Foundation in precision craftsmanship before transitioning to IT.

Completed apprenticeship and master craftsman qualification
Developed meticulous attention to detail and systematic problem-solving
This background in mechanical precision continues to influence my approach to system design

Enterprise-Grade Monitoring & SIEM for a Homelab - From Zero to 76 Custom Alert Rules

marcus@pichler.dev (Marcus Pichler) — Wed, 25 Mar 2026 00:00:00 +0000

TL;DR

I built a production-grade monitoring and SIEM platform for my entire homelab infrastructure running on a single-node K3s cluster. The system combines Prometheus for metrics, Grafana for visualization, Loki for log aggregation, Wazuh for security event management, and a proactive security stack (CrowdSec, Falco, honeypot, Trivy) - all deployed via Ansible and Helm with full Infrastructure as Code.

Key Metrics:

60 Prometheus scrape jobs monitoring 114 endpoints
35 custom Grafana dashboards + 10 community imports
69 custom Prometheus alert rules + 7 Loki LogQL alerts
20 active Wazuh security agents across 3 OS families
8 agent groups with specialized detection rules
~100 custom Wazuh rules (IDs 100100-100639)
3 Wazuh Grafana dashboards (SIEM, Compliance, Vulnerabilities)
14-day log retention in Loki
Multi-tier alerting: Email + ntfy mobile push
Proactive security: CrowdSec threat intelligence, Falco runtime monitoring, OpenCanary honeypot, Trivy vulnerability scanning

Why Build Enterprise Monitoring for a Homelab?

Many homelabs run blind. Services crash, disks fill up, certificates expire, and you only notice when something stops working. I wanted the opposite: know about problems before they become outages.

Building a Self-Hosted RAG Chatbot From Scratch

marcus@pichler.dev (Marcus Pichler) — Thu, 26 Feb 2026 00:00:00 +0000

TL;DR

I built a Retrieval-Augmented Generation (RAG) chatbot that answers questions about my professional background using my portfolio website as the single source of truth. It runs entirely on my own hardware - a K3s single-node setup with an NVIDIA RTX 3060 - with no cloud AI dependencies. The stack includes vLLM for GPU-accelerated inference, LangGraph for orchestration, Qdrant for vector search, and a Flask API with OWASP-aligned security. Everything is deployed via GitLab CI/CD across three repositories, with automated content indexing, monitoring, and zero manual intervention.

Welcome to My Blog

marcus@pichler.dev (Marcus Pichler) — Sun, 18 Jan 2026 00:00:00 +0000

Welcome to my blog! This space will be dedicated to sharing insights, lessons learned, and thoughts on topics that I’m passionate about:

What to Expect

Cloud Architecture – Best practices for building scalable, secure cloud solutions with AWS and other platforms.

IoT & Edge Computing – Real-world experiences from connecting hardware to cloud, from motorcycles to smart buildings.

DevOps & Platform Engineering – Practical insights on infrastructure as code, CI/CD, and building reliable systems.

About Me

marcus@pichler.dev (Marcus Pichler) — Mon, 01 Jan 0001 00:00:00 +0000

Who I Am

I am Marcus Pichler, a technology leader with more than 25 years of experience in enterprise IT, cloud platforms and IoT architecture. I bring together strategic vision and hands-on engineering to build systems that connect hardware, software and people in a secure and scalable way.

My background includes leading digital platforms in connected retail, IoT and smart mobility. I have driven cloud-native adoption, enabled edge computing solutions and supported DevOps teams in delivering reliable and maintainable infrastructure in real-world environments.

Contact

marcus@pichler.dev (Marcus Pichler) — Mon, 01 Jan 0001 00:00:00 +0000

I’m always interested in discussing technology, architecture challenges, or potential collaborations. Whether you have a project in mind, want to discuss cloud and IoT solutions, or just want to connect, I’d love to hear from you.

Curriculum Vitae

marcus@pichler.dev (Marcus Pichler) — Mon, 01 Jan 0001 00:00:00 +0000

Legal Notice

marcus@pichler.dev (Marcus Pichler) — Mon, 01 Jan 0001 00:00:00 +0000

Information according to § 24/25 Austrian Media Act (Mediengesetz)

Website Owner and Responsible for Content

Marcus Pichler
Thenngasse 5/4
5020 Salzburg
Austria

Contact

Email: marcus@pichler.dev
Phone: +43 676 44 33 881
LinkedIn: linkedin.com/in/marcus-pichler

Basic Direction of the Medium

This website serves as a personal portfolio and blog of Marcus Pichler, IT Architect. The content focuses on:

Professional portfolio and career information
Technical insights on cloud architecture, IoT, and platform engineering
Personal opinions and experiences in the technology sector

This is a personal, non-commercial website.

Privacy Policy

marcus@pichler.dev (Marcus Pichler) — Mon, 01 Jan 0001 00:00:00 +0000

1. Data Controller

Marcus Pichler
Thenngasse 5/4
5020 Salzburg
Austria

Email: marcus@pichler.dev

2. Overview of Data Processing

Types of Data Processed

Inventory data (e.g., names, addresses)
Contact data (e.g., email, phone numbers)
Content data (e.g., text input, photographs)
Usage data (e.g., websites visited, interest in content, access times)
Meta/communication data (e.g., device information, IP addresses)

Categories of Data Subjects

Visitors and users of the online offering

Purpose of Processing

Provision of the online offering, its functions, and content
Responding to contact requests and communicating with users
Security measures
Reach measurement/Marketing

3. Legal Bases

In accordance with Art. 13 GDPR, we inform you of the legal bases for our data processing. The following legal bases apply:

Skills & Certifications

marcus@pichler.dev (Marcus Pichler) — Mon, 01 Jan 0001 00:00:00 +0000

AI & Vibe Coding

Claude Code Cline Codex Cursor Hugging Face LangGraph Langflow LangSmith n8n Ollama OpenRouter Qdrant RAG vLLM

Automation & Monitoring

Ansible Grafana Home Assistant Home Automation Loki Node-RED ntfy Prometheus Wazuh SIEM Smart Metering System Monitoring

Cloud & Infrastructure

AWS AWS IoT Cloudflare Cloud Computing Docker Edge Computing Gunicorn Helm k3s Kubernetes Nginx OpenShift Terraform

Development & DevOps

Android Bash CI/CD Flask Git GitLab CI/CD Hugo Infrastructure as Code JavaScript Playwright Python Web Applications

IoT & Hardware

Arduino EnOcean KNX LoRaWAN Microcontrollers Raspberry Pi Single Board Computers

Security & Identity

Cloudflare Tunnel CSRF Protection EntraID Firewalls Keycloak OAuth2 Open-Source Software OWASP Rate Limiting TLS/SSL

Virtualization & OS

KVM Linux openDesk Proxmox Ubuntu VMware ZFS