Robert Ressl_

Ethical Hacker | Offensive Security Leader | DORA Contributor

About Me

I built a global offensive security practice from zero. What started as a one-person operation is now a team across 11 countries, running 100+ penetration tests, red team engagements, and security audits for Fortune 500 clients in banking, insurance, automotive, and critical infrastructure.

Before security leadership, I spent 15+ years as a Linux architect and DevOps engineer, designing and automating large-scale infrastructure for organizations like Swisscom, the United Nations (CTBTO), and UBS. This hands-on background is what makes my offensive security work different: I break what I used to build.

I contributed to the EU DORA regulation draft as part of the AmChamEU Working Group in Brussels, and I conduct FINMA-regulated penetration tests and TLPT (Threat-Led Penetration Testing) engagements for Swiss financial institutions.

Key Achievements

100+ Engagements: Penetration tests, red team ops, and security audits across EU, US, and Asia
DORA Draft: Contributed to EU DORA regulation as part of AmChamEU Working Group, Brussels
FINMA & TLPT: Audit-grade penetration testing for Swiss regulated financial institutions
Practice Building: Built global offensive security practice from scratch to 11 countries
Award: "Heart of Kyndryl" 2024 for practice building and leadership
Own AS: AS214476 with IPv4/IPv6 BGP peering (RIPE NCC member since 2024)
4 iOS Apps: Published on the Apple App Store (Swift, SwiftUI)
2 OSS Security Tools: mcp-firewall and mcpwn for AI agent security

Network & Peering

I operate my own Autonomous System and maintain an open peering policy.

ASN: 214476
IPv4 Prefix: 5.182.62.0/24
IPv6 Prefix: 2a01:e000::/29
Peering Policy: Open

[PeeringDB]

Career Timeline

2023-now Associate Director, Offensive Security Global @ Kyndryl
Global practice leadership. 100+ engagements. DORA, FINMA, TLPT. C-Level reporting.

2022-2023 Senior Red Team Lead Engineer, Global @ Kyndryl
APT simulation for Fortune 500. Custom tooling (40% efficiency gain).

2021-2022 Associate Partner Security @ Kyndryl
Security consulting practice and GTM strategy after IBM spin-off.

2019-2021 Security Consultant & Cloud Architect @ IBM
Cloud transformations (AWS, GCP, OpenShift, K8s). Built consulting security division.

2018-2019 DevOps Engineer Expert @ Avectris AG
Founded Linux department. Backend automation in Go (80% workload reduction). Scrum Master.

2016-2017 DevOps Engineer @ Swisscom AG
Automation for Swisscom TV (300+ channels). Voice control system. 35+ staff trained.

2013-2014 Linux DevOps Engineer @ CTBTO (United Nations)
Migrated 600 nodes from CFEngine to Puppet. Near 100% config automation.

2014-2016 Linux Architect @ EveryWare AG
Enterprise infrastructure for Allianz, JobCloud, UBS AG.

2009-2012 Lead Solution Architect @ Schrack Seconet AG
Rebuilt global IT (HQ + 16 branches). 100% security audit pass. ERP RPO from 1 day to 15 min.

2004-2008 Linux Engineer @ Freelance
HA systems in Interxion datacenters. 99.99% uptime.

Open Source Projects

MCP Security Toolkit

Security tools for AI agent infrastructure (Model Context Protocol).

[mcp-firewall] Security firewall for AI agents. 12-stage pipeline, policy engine, Ed25519 signed audit trail, DORA/FINMA/SOC2 compliance reports. pip install mcp-firewall
[mcpwn] Security scanner for MCP servers. 10 vulnerability checks, pre-deployment scanning. pip install mcpwn

Source: [GitHub: mcp-firewall] | [GitHub: mcpwn]

iOS Apps

Educational apps for kids, published on the Apple App Store.

[Uhr Lernen Einfach] Learn to read clocks. 7 game modes, 8 themes, Game Center.
[ABC Lernen] Learn the alphabet. 8 game modes, writing, matching, syllables.
[Pixel Privacy] Blur faces and license plates in photos. 100% offline.
[CraftFace] Turn your selfie into a Minecraft character. 3D preview, 7 outfits.

Education

MAS Information Security | HSLU Lucerne (2016-2022)

Grade: 5.5/6.0 | Thesis: "7-Day SLA - Cyber Security Recovery"

Includes: CAS Information Security Technology, CAS Business Process Engineering, CAS Information Security Management

Certifications (42)

Security & Offensive (9)

CISSP - Certified Information Systems Security Professional (ISC²)
OSEP - OffSec Experienced Penetration Tester
OSWE - OffSec Web Expert
OSCP - OffSec Certified Professional
OSCC - OffSec Certified CyberCore
OSWA - OffSec Web Assessor | OSWP - OffSec Wireless Professional
CRTO - Certified Red Team Operator (Zero-Point Security)
PNPT - Practical Network Penetration Tester (TCM Security)

CompTIA (8)

CySA+ | CNVP | PenTest+ | CSIS
Security+ | Network+ | Server+ | A+

Red Hat (13)

RHCA - Red Hat Certified Architect
RHCE - Red Hat Certified Engineer (RHEL 6, 7, 8)
RHCSA - Red Hat Certified System Administrator (RHEL 6, 7, 9)
Specialist in Containers (EX188V4K)
Specialist in Services Management and Automation (EX358)
Specialist in OpenShift Application Development (EX288)
Specialist in Containers and Kubernetes (EX180)
Specialist in Ansible Best Practices (EX447)
Specialist in Ansible Automation (EX407)

Linux Foundation & LPI (4)

LFCE - Linux Foundation Certified Engineer
LFCS - Linux Foundation Certified SysAdmin
LPI-3 (Exam 304 + 303)

Cloud & IT Service Management (3)

AWS Solutions Architect Associate | AWS Cloud Practitioner
ITIL v3 Foundation (EXIN)

Chef / DevOps (5)

Extending Chef | Certified Chef Developer | Deploying Cookbooks
Local Cookbook Development | Basic Chef Fluency

Publications

Computerworld CH: "So gewinnen Sicherheit und Performance" (March 2019)

Memberships

RIPE NCC (since 2024)
ISSA - Information Systems Security Association (since 2022)
ISSS - Information Security Society Switzerland (since 2015)

Contact

Email: [click to reveal]

LinkedIn: linkedin.com/in/robertressl
GitHub: github.com/ressl
Hack The Box: hackthebox.com/users/271090