skip to content
ONLINEZurich, CHAS214476TLPT / FINMA cleareduptime 00:00:00ENDE
root@ressl:~$ whoami

AI security for the /* regulated enterprise. */

Robert Ressl — Forward Deployed AI Security Engineer. I ship MCP tooling at consulting speed and sign FINMA reports the same week. 20+ years building Linux for UBS, Swisscom, and the UN. Now red-teaming AI agents and writing the firewalls that contain them. DORA contributor. AS214476 operator.

[ Make an offer → ]$ cat skills.txt
ASCII-art portrait of Robert Ressl in a hoodie
100+
Engagements — EU / US / Asia
2
Production MCP security tools — PyPI
20+
Years — Linux & systems
11
Countries — embedded delivery
// 02. interactive shell

Try the terminal

Really. It works. Tab-complete is not a feature — just type a command.
guest@ressl.ch:~ — bash
ressl.ch // Offensive Security & Infra Engineering
Session recorded. All commands are safe to run.
Last login: just now from everywhere.
Type `help` for commands. Type `hire` if you’re serious.
guest@ressl:~$
// 03. production tooling

AI security tooling I ship

For the agent era — and the platforms I run it on. AGPL-3.0, MCP-native, in production today.
// AI agent security

mcp-firewall

Security firewall for AI agents speaking MCP. 12-stage pipeline, policy engine, Ed25519-signed audit trail. DORA / FINMA / SOC2 compliance reports out of the box.

$ pip install mcp-firewall
PythonAGPL-3.0
PyPI ↗GitHub ↗
// AI agent security

mcpwn

Security scanner for MCP servers. 10 vulnerability checks, pre-deployment scanning for supply chain & prompt injection vectors.

$ pip install mcpwn
PythonAGPL-3.0
PyPI ↗GitHub ↗
// Writeup platform

terminal-trouble.com

HTB / CTF writeups. Green-on-black, 2px borders, the whole brutalist hacker aesthetic. Built in Go + Fiber + HTMX.

GoHTMXself-hosted on AS214476
Page ↗
// 04. competencies

cat skills.txt

Stack built over 20 years. Levels are honest — 5 = production, architect-grade; 4 = senior hands-on; 3 = comfortable.
-- ~/skills.txt --------------------------------5462 bytes · ro
## ai / llm security3+ yrs
├─LLM red teaming / jailbreaks5/5
├─MCP agent security (mcp-firewall, mcpwn shipped)5/5
├─Prompt injection research5/5
├─AI-assisted shipping (agent-driven workflows)5/5
├─Model training & fine-tuning4/5
├─LLM architecture (transformers, RAG)4/5
├─MLOps / model deployment4/5
## forward deployed / customer embedded8+ yrs
├─Customer-embedded delivery (C-Level)5/5
├─Rapid custom tooling under engagement deadlines5/5
├─Workshop facilitation & exec stakeholder mgmt5/5
├─On-site delivery across jurisdictions (11 countries)5/5
├─Pre-sales / solution scoping4/5
├─Post-engagement reporting & exec briefings5/5
## offensive security10+ yrs
├─Red Team / APT simulation5/5
├─Web app pentesting (OSWE)5/5
├─Active Directory attacks5/5
├─Privilege escalation (OSEP)5/5
├─TLPT / FINMA engagements5/5
├─Custom C2 & implant dev4/5
├─Wireless / RF (OSWP)4/5
├─Cloud pentesting (AWS/Azure/GCP)4/5
## development15+ yrs
├─Go (production, tooling)5/5
├─Python (red team + ML)5/5
├─Swift / SwiftUI (4 App Store apps)4/5
├─Rust3/5
├─TypeScript / React4/5
├─Bash / shell scripting5/5
## devops / cloud15+ yrs
├─Kubernetes / OpenShift5/5
├─Ansible / Puppet / Chef5/5
├─Terraform / IaC5/5
├─AWS / GCP architecture5/5
├─CI/CD (GitLab, Jenkins, GHA)4/5
├─Observability (Prom/Grafana/ELK)4/5
## linux / systems20+ yrs
├─RHEL / CentOS / Rocky5/5
├─Debian / Ubuntu5/5
├─Kernel & systemd internals5/5
├─HA clustering (pacemaker/corosync)5/5
├─SELinux / AppArmor hardening4/5
├─BGP / networking / iptables5/5
// 05. career

git log --oneline

From Linux engineer at 20 to global practice lead. No gaps, no pivots — just progression.
2023 — now
Associate Director, Offensive Security Global
@ Kyndryl · now
Embedded with C-Level at Tier-1 banks, insurers, automotive across 11 countries. 100+ on-site engagements. Custom tooling shipped under engagement deadlines. DORA / FINMA / TLPT.
2022 — 2023
Senior Red Team Lead Engineer, Global
@ Kyndryl
Forward-deployed APT simulation for Fortune 500. Custom tooling and rapid prototyping in-engagement — 40% efficiency gain in delivery.
2021 — 2022
Associate Partner Security
@ Kyndryl
Built consulting practice and GTM strategy after IBM spin-off. Pre-sales scoping and customer-embedded delivery model.
2019 — 2021
Security Consultant & Cloud Architect
@ IBM
Cloud transformations — AWS, GCP, OpenShift, K8s. Founded consulting security division.
2018 — 2019
DevOps Engineer Expert
@ Avectris AG
Founded Linux department. Backend automation in Go (80% workload reduction). Scrum Master.
2016 — 2017
DevOps Engineer
@ Swisscom AG
Automation for Swisscom TV (300+ channels). Voice control system. 35+ engineers trained.
2014 — 2016
Linux Architect
@ EveryWare AG
Enterprise infrastructure for Allianz, JobCloud, UBS AG.
2013 — 2014
Linux DevOps Engineer
@ CTBTO (United Nations)
Migrated 600 nodes from CFEngine to Puppet. Near 100% config automation.
2009 — 2012
Lead Solution Architect
@ Schrack Seconet AG
Rebuilt global IT (HQ + 16 branches). 100% security audit pass. ERP RPO: 1 day → 15 min.
2004 — 2008
Linux Engineer
@ Freelance
HA systems in Interxion datacenters. 99.99% uptime.
// 06. credentials

ls -la ~/.certs

39 active certifications. The certs most people stop at, I picked up 15 years ago.
verify ↗ Credly · credential.net

Security & Offensive 10 certs

CISSPOSEPOSWEOSCPOSCCOSWAOSWPCRTOPNPTBlack Hat DFIR

CompTIA 8 certs

CySA+CNVPPenTest+CSISSecurity+Network+Server+A+

Red Hat 9 certs

RHCARHCE (6, 7, 8)RHCSA (6, 7, 9)EX188 ContainersEX358 ServicesEX288 OpenShiftEX180 Containers/K8sEX447 Ansible BestEX407 Ansible Auto

Linux Foundation & LPI 4 certs

LFCELFCSLPI-3 (304)LPI-3 (303)

Cloud & ITSM 3 certs

AWS Solutions ArchitectAWS Cloud PractitionerITIL v3 Foundation

Chef / DevOps 5 certs

Extending ChefCertified Chef DeveloperDeploying CookbooksLocal Cookbook DevBasic Chef Fluency
// 07. iOS apps

App Store: 4 published apps

Swift / SwiftUI. Yes, I still ship product code.

Uhr Lernen Einfach

Learn to read clocks. 7 game modes, 8 themes, Game Center.

App StoreiOS

ABC Lernen

Learn the alphabet. 8 game modes — writing, matching, syllables.

App StoreiOS

Pixel Privacy

Blur faces & license plates in photos. 100% offline, on-device.

App StoreiOS

CraftFace

Turn your selfie into a Minecraft character. 3D preview, 7 outfits.

App StoreiOS
// 08. network

My own Autonomous System

RIPE NCC member. Open peering. Because why wouldn’t you.
AS214476 // ressl.ch
ASN214476IPv4 prefix5.182.62.0/24IPv6 prefix2a01:e000::/29PeeringOpenRIPE membersince 2024PeeringDBpeeringdb.com/net/41375
// 09. regulatory

Audit-grade by design

Not every hacker can sign off a FINMA report. I can.
§

DORA · FINMA · TLPT

Contributed to the EU DORA regulation draft (AmChamEU Working Group, Brussels). Conduct FINMA-regulated penetration tests and Threat-Led Penetration Testing engagements for Swiss financial institutions.

DORAFINMATLPTSOC2ISO 27001
// 10. recognition

Signal worth noting

🏆

"Heart of Kyndryl" — 2024

Awarded for building a global offensive security practice from zero to 11 countries. Plus: contributions to EU DORA, publications (Computerworld CH), ISSA & ISSS memberships, and training 35+ engineers at Swisscom.

Red-team the AI agents. Sign the FINMA audit. One hire.

Targeting Forward Deployed Engineer, AI Security, Adversarial ML, and Staff/Principal Security at AI-native companies — plus selective consulting (TLPT / FINMA / DORA). Globally remote, low travel only. Based in Wollerau (Schwyz, CH) — Switzerland resident, no relocation. Available by arrangement; 3-month notice period. Not for: pure people-management, generic CISO roles without AI mandate.

✉ rr@ressl.chin / LinkedIn DM📅 Book 30 min
Senior IC track preferred. Equity-bearing roles only. I ship — let me ship for you.
> Tweaks
Hero variant
Hire CTA prominence
Matrix background