Work
As part of a small team at the IQOQI, a research institute, I run its open-source, on-premise side — from servers and security to meeting-room AV and AI strategy — built to last, with one principle throughout: keeping control of the data and the stack.
Modernising a research institute's infrastructure — from aging servers to a self-managed, on-premise stack.
I modernised a set of aging servers into a self-managed Proxmox environment — web, databases, and collaboration tools now running in-house. Raspberry Pi devices handle the edges: monitoring, E-Ink room-booking displays, and distributed data acquisition. The whole environment is designed for resilience and long-term maintainability, without vendor lock-in.
Building the tools an institute actually needs — and keeping the data in-house.
A central knowledge base the technical team relies on, and a custom, standards-based PHP system for staff data, publications, and reporting — integrated with existing services like LDAP, with no third-party SaaS and full control of the data. I also look after the institute’s web platforms across its various sites — the main institute, research groups, and project pages — keeping them current.
Security and privacy by design, with open-source monitoring and a discipline for recovery.
Security and privacy built in from the start: open-source monitoring and threat detection (Wazuh, CheckMK), GDPR-compliant data handling, and email authentication (SPF/DKIM/DMARC), backed by a backup-and-recovery discipline I take seriously. The guiding idea: keep critical systems on-premise and under our own governance.
AV and collaboration spaces that just work — for people in the room and those joining remotely.
I modernised the lecture halls and meeting rooms onto a unified AV control platform, with PTZ cameras, speaker tracking, and bring-your-own-device support. I also set up a dedicated podcast studio for the institute’s outreach.
Choosing the right AI for each use case — from on-premise and GDPR-compliant to the major providers.
Where does each technology actually make sense? I match the approach to the need — on-premise, GDPR-compliant models where the data demands it, established providers where they are the better tool — rather than following the hype. I work out and assess use cases along the IEEE 7000 standard for value-based design, and keep automation pragmatic. A local, on-premise AI assistant for administrative tasks is one example of the approach.