About Antonio Brundo

AI & Blockchain Architect • Offensive Security & DFIR • International Tech Entrepreneur

Experience 20+ years
Base Switzerland (TI)
Languages IT / EN / ES
Focus Sovereign AI + Tokenization
Security Red Team + DFIR

Engineer

Entrepreneur

Security-first

Request an introduction Selected work

Paradiso (TI), Switzerland • NDA-first • Procurement-friendly • Prefer proof over profiles

Selected collaborations Raiffeisen Finmeccanica / avionics (Trimprob) Corel Finsuiza AG Cantoni Srl PanamaHatters.com

No LinkedIn. A living portfolio instead.

Many people ask for my LinkedIn. I don’t use it. I hold a degree in Management Engineering from Politecnico di Milano, and I’m a serial tech entrepreneur. Over the past 20+ years, I’ve built and operated businesses and platforms across cybersecurity, digital assets, and, in recent years, sovereign AI.

On the entrepreneurial side, I’ve launched and scaled ventures ranging from B2B e‑commerce and cross‑border operations to running a Bitcoin mining farm in Paraguay, and I’ve designed blockchain/tokenization solutions for real-world industries. Today my focus is building sovereign AI systems — on‑prem LLM stacks, RAG, and auditable workflows — so platforms are not just innovative, but secure and audit‑ready. What I bring is hands‑on technical execution plus founder‑level judgment: I turn trust, security, and compliance into a real business advantage.

Press kit — copy/paste bio

Use these snippets for introductions, speaker requests, or procurement notes.

One-liner

Antonio Brundo is a Switzerland-based engineer and international entrepreneur who designs and delivers sovereign AI, cyber-resilient infrastructure, and tokenization programs for high-stakes, regulated environments.

For formal verification and references, request the due diligence pack under NDA.

Procurement-ready. Evidence-first.

If you’re evaluating me for a serious engagement, I can provide a due-diligence pack under NDA—so you can validate fit quickly and de-risk the decision.

Due diligence pack (under NDA)

  • Validated references and engagement summaries
  • Entity list, roles, and verification details
  • Sample deliverables: architecture pack, risk register, red-team report format

Security & governance by default

  • Data residency & access boundaries (on-prem/hybrid)
  • Threat modeling, audit trails, and evidence mapping
  • Operational runbooks and incident readiness

Executive rhythm

  • Weekly progress + decision log (what, why, risks)
  • KPIs: quality, latency, security, and cost
  • Clear milestones and ownership (RACI)
Request due diligence pack How engagements work

Core expertise

A deliberately hybrid profile: I design, code, govern, and secure systems end-to-end—especially in regulated or high-stakes environments.

Target roles Head of Tokenization Head of Digital Assets CTO / Architect (Sovereign AI & Security) Group CISO / Head of Offensive Security

Sovereign AI & virtual agents

On-prem/hybrid LLM stacks (GPU, inference, vector DB/RAG, observability) and 24/7 voice agents with consent gating and auditable logs.

RWA tokenization & capital structuring

Security/asset token design, SPV architecture (EU/CH/Panama/LatAm), on-chain governance, cash waterfalls, investor rights, and compliant distribution aligned with MiCA/MiFID II, FINMA-style controls, and AML/KYC.

Blockchain & Bitcoin

BTC mining design/operations (Paraguay), ASIC deployment & tuning, energy/cooling optimization; on-chain forensics (fraud/ransomware tracing).

Offensive security & DFIR

Red Team, EDR bypass, threat hunting, malware RE, and memory/disk forensics—an attacker mindset baked into architecture and operations.

Corporate engineering

Cross-border incorporation and governance (CH/AT/DE/EE/UK/ES/PA), board reporting, and regulator-ready execution.

Digital commerce

B2B printing, consumer e-commerce, loyalty networks, and cross-border operations—product + growth + P&L ownership.

Selected achievements

A few highlights that reflect the range: AI infrastructure, regulated tokenization, and real-world operations.

Paraguay RWA program (current focus)

Blueprint for tokenising a real-estate & infrastructure portfolio (~USD 75M CAPEX, 14.39 km², 850+ properties) via a Panama SPV, with EU/CH/LatAm distribution and regulatory mapping (MiCA/FINMA).

Bitcoin mining (Paraguay)

Co-founded and led site design → ASIC deployment → O&M, including electrical layout, rack/cooling optimisation, monitoring, and energy partnerships.

Offensive security leadership

Multi-phase Red Team programs for financial & critical-infrastructure operators; DFIR playbooks and hardening plans delivered to executive stakeholders.

Cross-border execution

Founder/board roles across Switzerland, Austria, Germany, Estonia, UK, Spain, and Panama; hands-on experience across governance, operations, and compliant execution.

Cross-border commodity flows

Built EU-grade supply chains in trade-focused operations: QA, customs processes, and international routing.

Experience snapshot

A few anchor roles that explain how I operate: builder, attacker, and operator.

Founder & AI Architect — AIAgens (2023–Present)

Design and deliver sovereign AI voice agents for regulated use cases: Swiss/EU hosting, consent gating, and immutable audit trails. Full-stack ownership: inference, RAG, orchestration, SLOs, privacy, and security.

Offensive Security & DFIR — Independent (2015–Present)

Red Team engagements (initial access → escalation → lateral movement → exfiltration), EDR bypass, incident response, malware RE, and forensics. Evidence-ready reporting for executives and auditors.

Bitcoin Mining Farm — Operations Lead (Paraguay, 2018–2020)

From electrical design to ASIC deployment and O&M: monitoring, cooling, efficiency tuning, procurement, and local operations.

Antonio Brundo

AI & Blockchain Architect • Offensive Security & DFIR • International Tech Entrepreneur

Paradiso (TI), Switzerland • NDA-first • Procurement-friendly • brundo@gmail.com • antoniobrundo.org

Target roles

  • CTO / Architect (Sovereign AI & Security)
  • Head of Tokenization
  • Group CISO / Head of Offensive Security

Management Engineer (Politecnico di Milano) with 20+ years across sovereign AI architecture, RWA tokenization, Bitcoin mining operations, and offensive security/DFIR. I design, code, govern, and secure high-stakes platforms end-to-end—from on-prem LLM stacks to regulator-ready tokenization and evidence-first security programs.

Selected collaborations Raiffeisen • Finmeccanica / avionics (Trimprob) • Corel • Finsuiza AG • Cantoni Srl

Case studies (anonymized)

Representative engagements. Names are anonymized; details and evidence can be shared under NDA.

Project Sovereignty — European fintech

Time Pilot in 4–6 weeks
Risk Data residency + audit controls
Cost ~40% 3-year TCO (modelled)
Challenge

Deploy a custom LLM for sensitive internal analysis under strict data residency and regulatory constraints (cloud AI not allowed).

Solution

On-prem GPU stack + secure MLOps, fine-tuning, access boundaries, audit logs, and governance controls.

Outcome

Full data sovereignty and auditability; TCO analysis indicated ~40% lower projected 3-year cost versus cloud alternatives.

TCO turnaround — biotech research

Time Breakeven ~9 months (modelled)
Risk Critical IP stays in-house
Cost ~65% OpEx reduction (modelled)
Challenge

Cloud AI spend was escalating fast—threatening runway and making performance unpredictable.

Solution

Rigorous TCO/ROI model + migration plan to a dedicated GPU cluster; optimized scheduling, observability, and runbooks.

Outcome

~65% OpEx reduction on AI processing while keeping critical IP in-house with measurable KPIs.

Adversarial audit — global logistics

Time Assessment: 2–3 weeks
Risk High-impact vulns closed
Cost Lower incident exposure
Challenge

An AI routing system raised security concerns: infrastructure misconfigurations and emerging adversarial-AI risks.

Solution

Red Team-style assessment across Kubernetes and the MLOps pipeline; hardening plan with incident readiness and evidence mapping.

Outcome

Closed high-impact vulnerabilities and established monitoring and controls that hold up in audits.

If you need the full reports for procurement, I can share them under NDA.

Technical stack

A practical toolbox for shipping and operating secure systems. Expand for details.

Technical stack (expand)

Programming

  • Python
  • Go
  • C/C++
  • Assembly (x86/ARM)
  • Bash / PowerShell
  • Java / Pascal

AI & data

  • On-prem LLM serving (GPU inference)
  • Vector DB / RAG
  • Tracing & observability
  • Fine-tuning (LoRA/QLoRA patterns)
  • Cost & performance modeling (TCO)

Security & DFIR

  • IDA Pro / Frida
  • Memory & disk forensics
  • Threat hunting + SIEM/log analytics
  • OSINT frameworks
  • Custom exploit tooling

Blockchain & infrastructure

  • Bitcoin protocol + wallet ops
  • On-chain analytics / investigations
  • Tokenization architecture & controls
  • Linux hardening
  • Docker / Kubernetes

Governance & entities

Selected founder/board roles across jurisdictions. Full list and verification details available under NDA.

Exatoshi AG (CH) Founder & Sole Board Member • 2014–Present

Swiss hub for trading and digital-asset initiatives; governance, risk management, and cross-border operations.

Fincredit Swiss SA (CH) Co-Founder & Board Member • 2015–Present

Swiss financial institution (share capital CHF 250k); support on crypto-mining strategy, credit models, and digital-asset integration.

BCE Online OÜ (EE) Founder & Board Member • 2017–Present

B2B online printing platform for EU/UK agencies (PVC business cards & corporate print).

Cityguru GmbH (AT) Managing Director • 2017–Present

City-card/loyalty programs (NFC/QR) and merchant networks in tourism/retail; full P&L and tech oversight.

BCE‑ONLINE Ltd (UK) Director / PSC • various since 2012

Vehicles for IT consulting, software, online printing, and marketing; integrated with group holdings for finance and distribution.

Miracoal GmbH (DE) Founder & Managing Director • 2011–2013

Trading and EU import channels for charcoal/BBQ products; supply chain execution and wind-down governance.

MRS Worldwide Financial Inc. (PA) Founder & Officer roles • 2015–2016

Panamanian corporation used for finance and trade execution; governance, filings, and cross-border routing.

Corporate footprint & verification

If you’re doing due diligence, this is the executive snapshot: jurisdictions, entities, and what can be verified—under NDA where needed.

Jurisdictions

CH • AT • EE • UK • ES • DE • PA (selected)

Entity snapshot

Examples include Exatoshi AG, Fincredit Swiss SA, BCE Online OÜ, and Cityguru GmbH. Full list and verification details are shared under NDA.

What you can request (under NDA)

  • Registry extracts and role verification (where available)
  • Engagement summaries and sample deliverables
  • Reference calls (when permissible)

For an introduction email or speaker bio, use the press kit snippets above.

Selected collaborations

A public-safe snapshot of organizations and sectors I supported across security, incident readiness, and regulated digital assets. Deeper details available under NDA.

Security & critical infrastructure

  • Raiffeisen — security workstreams (offensive testing and DFIR readiness).
  • Finmeccanica / avionics — security-by-design support for high-assurance environments.

Enterprise software & platforms

  • Corel — security and architecture support (details under NDA).
  • Finsuiza AG — digital assets and security architecture (governance + risk).
  • Cantoni Srl — industrial AI agents for manufacturing operations.
    • Production-support agent for injection molding: plant/project-aware guidance using the customer code.
    • Sales agent: qualification, product Q&A, and lead handoff.
    • Receptionist agent: welcomes visitors and routes requests with the right context.
    • Fine-tuned mold-design assistant: ~2-month tuning cycle using transformed legacy designs and projects.
    Delivered with data governance and access boundaries; details and evidence available under NDA.

Digital assets & exchanges

  • Exchange initiatives (San Marino) — architecture, compliance mapping, and custody controls.
  • Collaboration with Chinese companies — procurement, integration, and operational hardening (details under NDA).
  • Additional exchange and regulated-asset initiatives are available on request under NDA.

Brands & cross-border operations

  • PanamaHatters.com — brand and e-commerce collaboration (details under NDA).
  • Additional brand and commerce initiatives are available under NDA.

If you need formal references for procurement, I can share a validated list under NDA.

A 360° path — from product to critical systems

My background is deliberately broad: engineering + entrepreneurship + adversarial security + regulated digital assets. It keeps my work grounded in operations and economic reality.

2007 — Engineering foundation (Politecnico di Milano)

MSc-equivalent in Management Engineering (110/110) with eBusiness & ICT specialization: optimization, financial modeling, governance, and risk management applied to technology decisions.

2010s — Entrepreneurship across markets

From digital commerce to cross-border operations, supply chains, and corporate structuring. This is where I learned execution, governance, and building under real constraints (people, logistics, compliance, P&L).

2015–Present — Offensive security & DFIR

Red teaming (initial access → escalation → lateral movement → exfiltration), incident response, forensics, and responsible disclosure. The attacker mindset informs every architecture I design.

2018–2020 — Bitcoin mining operations (Paraguay)

Co-founded a Bitcoin mining farm and led hands-on operations: site design, ASIC deployment, monitoring, and efficiency work.

2023–Present — Sovereign AI systems & agents

On-prem LLM stacks, RAG, and auditable workflows—with voice agents, consent gating, governance, and incident-ready logs for regulated environments.

Selected projects

A mix of public projects and NDA work. For due diligence, I can share more under NDA (references, entity list, and verification details).

HyperAgent Focus

Agentic AI systems and tooling for real-world workflows.

AIAgens Lab

Sovereign AI voice agents for regulated use-cases (Swiss/EU hosting, auditable logs). End-to-end stack ownership: inference, RAG, orchestration, SLOs, privacy, and security controls.

Industrial AI Agents (Manufacturing) Deployment

Agent suite for manufacturing: production support (injection molding), sales, receptionist routing, and a fine-tuned mold-design assistant. Delivered under NDA.

Sovereign AI Knowledge Assistant Blueprint

Reference pattern for internal knowledge assistants: access control, retrieval governance, citations, audit logs, and observability.

LLM Guardrails & Observability Toolkit Tool

Testing and monitoring for agentic systems: scenario-based evaluations, tracing, policy enforcement, and incident-ready logs.

RWA Tokenization Program (Paraguay) Focus

Tokenization blueprint for a real-estate and infrastructure portfolio: SPV structure, investor rights, governance, and embedded compliance (MiCA/FINMA).

Exchange Initiatives (San Marino) Blueprint

Architecture and compliance design for regulated digital-asset exchange initiatives: custody controls, audit trails, and evidence-ready governance.

Compliance Mapper Tool

A practical GDPR/NIS2/AI Act mapping tool: obligations, owners, evidence pack, and an actionable roadmap.

TCO Calculator Tool

Sizing and unit economics to compare cloud vs on-prem/hybrid: cost drivers, break-even, and capacity assumptions.

Reference Architecture Blueprint

A decision-ready, interactive architecture for sovereign AI: security boundaries, observability, and rollout sequencing.

CityGuru Venture

A venture spanning restaurant discovery/reservations and city-card loyalty programs (NFC/QR) for tourism and retail.

BCE Online Platform

B2B online printing platform (EU/UK agencies) with operational ownership and continuous delivery.

LadyMary Brand

Consumer brand: e-commerce, distribution, and growth experiments across channels.

PanamaHatters.com Brand

Brand building and cross-border e-commerce operations.

Biofood & Charcoal d.o.o. Operations

International operations and trade-focused execution across supply chains.

Bitcoin Mining Farm (Paraguay) Operations

From electrical design to ASIC deployment and O&M: monitoring, efficiency, cooling, and uptime operations.

Some work is confidential (especially in critical sectors). I’m happy to share a private list of references under NDA.

Domains I operate in

I keep a wide surface area on purpose. It helps me design systems that are technically strong and economically real.

AI systems Cybersecurity Cloud & on-prem SRE/MLOps Observability Data governance Economics Blockchain

How we can work together

A clear, outcome-driven path: start with clarity, then ship, then harden to production.

Step 1

Assessment

Map scope, constraints, risks, and the executable roadmap (owners, milestones, evidence).

  • Architecture options + decision record
  • Risk register + threat model
  • Roadmap with owners, milestones, and evidence
Step 2

Pilot

Ship a scoped use case with measurable KPIs: quality, latency, security, and cost.

  • Measurable KPIs + test plan
  • Security controls + audit logs
  • Cost model (cloud vs on-prem/hybrid)
Step 3

Production

Harden, scale, and operate with SLOs, observability, compliance evidence, and runbooks.

  • SLOs + observability (metrics, logs, traces)
  • Runbooks + incident readiness
  • Evidence pack for audits and procurement
See engagements Contact me

If you need a trusted operator, start here.

Share your context (stakeholders, constraints, timeline). I reply with a concrete next step and what I need to validate feasibility.

EU-based • NDA-first • Reply within 24h
Email me Start with 60s guided path