Systems Thinker · Systems Architect · Tech & Engineering

Michael
Groberman

I take things apart and put them back together. Systems, software, the occasional firmware.

Now / Active

Building out RedAI’s control plane — a unified LLM gateway routing 8+ local and cloud providers, with per-agent cost attribution, prompt-cache optimization, and air-gapped local inference.

About

Engineering and security research.

12+ years across cloud architecture, application security, and AI/ML engineering.

Currently building a 336-tool autonomous agent platform on Claude/MCP — multi-model consensus, RAG knowledge-graph memory, full cost/latency observability, air-gapped local inference — plus open-source MCP servers and embedded libraries.

Recent independent work credited in CISA federal advisories, covered in SecurityWeek, and coordinated with CERT/CC and Idaho National Laboratory. Member of Anthropic's Cyber Verification Program.

12+
Years engineering
and architecture
10
CVEs published
via CISA / CERT
5
Open-source MCP
& tooling repos
336+
MCP tools
shipped in RedAI
Selected Work

Things I’ve built and shipped.

Show

gr0m_mem +

Open source

Zero-install persistent memory MCP server. Gives Claude and other MCP-compatible agents a durable knowledge layer across sessions. pip install gr0m-mem

MCP Python MIT

mac-mcp +

Open source

Native macOS control for Claude Desktop and other MCP clients. Swift + AppKit + Accessibility + OSAKit. Window management, app focus, file system, screenshots, scripting bridges.

MCP Swift Accessibility

linux-mcp +

Open source

Native Linux control via MCP. 32 typed allow-listed tools covering shell, filesystem, X11/Wayland windowing, processes, and clipboard. Companion to mac-mcp.

MCP Rust X11/Wayland

tailnet-mcu +

Open source

Join an ESP32 or Raspberry Pi Pico W to your Tailscale network over WireGuard. Mutually exclusive Wi-Fi / BLE radio modes, an optional subnet-router tunnel, and a constant-time token-gated service transport — reachable across your tailnet, never the public internet.

Arduino WireGuard Tailscale

claude-dev-hardware +

Open source

A fork of Anthropic's claude-desktop-buddy: ESP32 (M5StickC Plus) firmware that turns a 3D-vector desk pet into a hardware permission remote for Claude Code. WiFi + WireGuard, a multi-transport bridge (serial / BLE / LAN / VPN), and an MCP control surface with GPIO and a single-channel logic analyzer.

ESP32 MCP PlatformIO

vince-client +

Open source

Python client for the CERT/CC VINCE coordinated-disclosure platform. Case management, archiving, and change detection — built during a multi-month coordinated disclosure to keep an auditable local history of every case update.

Python VINCE API CERT/CC

Glasswing & the shorter risk cycle +

Whitepaper · 2026

Co-authored Capco Intelligence piece on Anthropic’s Project Glasswing — AI-accelerated vulnerability discovery and what compressed flaw-to-exploit timelines mean for patching, prioritization, and response in financial services.

Capco AI Security FS Risk
Experience

12 years of engineering across financial services, management consulting, security, and enterprises.

Sep 2025 — Present
Principal Consultant — Capco, Technology & Engineering

Technical PM on an M&A-driven M365 migration (identity, Exchange, SharePoint, Teams) — zero downtime, ~40% cost cut. Architected a serverless M365-native AI pipeline (Azure Functions + Azure AI Search RAG + Copilot Studio) and made internal services ChatGPT-native via Custom GPTs and OpenAPI Actions. Built AI solutions for financial-services clients cutting manual work ~60%. Stood up the engineering lab for MCP/Claude agent development.

M365Azure FunctionsAzure AI SearchCopilot StudioMCPOpenAI Codex
Oct 2024 — Present
Independent Consulting — Security Research & Software Engineering

Conducted full-stack vulnerability research on a consumer IoT ecosystem — firmware, mobile app, cloud API, and administrative endpoints — resulting in a CISA-published federal advisory. Built a legal-automation system for an NJ law firm covering eCourts case monitoring, Clio CRM integration, Google Calendar due-date sync, and automated court-rules compliance. Developing multi-agent AI systems using MCP, Claude API, and custom tool orchestration.

Vulnerability researchCISA/CERTPythonRustMCPClaude API
Aug 2023 — Jul 2024
Change Management Lead — JPMorgan Chase, Wealth Management

Architected M365 solutions (Power Platform, Teams, SharePoint Online) to enhance collaboration and operational scalability within J.P. Morgan Wealth Advisors. Migrated SharePoint sites from legacy environments, improving document organization and advanced search via CAML/KQL. Owned end-to-end design and maintenance of SharePoint Online sites, document libraries, and pages — pioneering data governance and user adoption practices.

SharePoint OnlinePower PlatformCAML/KQLGovernance
Sep 2022 — Aug 2023
Change Management Lead — First Republic Bank, Private Wealth

Re-architected the intranet UX in M365 post-JPMorgan acquisition, refining content management via enterprise meta-attributes and advanced indexing. Oversaw post-acquisition document migration enforcing RASCI-based governance. Built PowerApps with third-party API integrations, centralizing data and aligning with Dynamics 365 to unify the bank’s technology stack.

M365PowerAppsDynamics 365RASCI
Jan 2019 — Mar 2021
Director of Information Technology — Brosnan Risk Consultants

Led application architecture for an ERP platform: front- and back-end enhancements, API integration, data normalization, and secure cloud deployments. Deployed and managed 2,000+ encrypted mobile devices (Android/iOS) under Samsung Knox and IBM MaaS360. Architected a Dynamics 365 ticketing system for 200+ users integrating Azure AD, Power Automate, SQL Server, and AWS Lambda data pipelines.

ERP architectureDynamics 365Samsung KnoxAWS Lambda
Oct 2015 — Dec 2017
Director of Information Technology — Enzo Custom Clothiers

Deployed a web-based operations platform on Salesforce integrating CRM, ERP, and POS with REST APIs to overseas production facilities. Built full Cisco Meraki network infrastructure across retail locations with dual-factor auth, domain whitelisting, and USB access controls.

SalesforceREST APIsCisco Meraki
Sep 2012 — Oct 2015
Senior Manager — C&A Consulting LLC

Designed and installed secure network infrastructures ensuring PCI and FINRA compliance across financial and legal client environments. Provided risk assessments and security guidance, employing MDM, endpoint management, and remote device wiping for sensitive data protection.

PCI/FINRANetwork architectureMDM
    Education & Certifications

    Foundations and continuing credentials.

    Education

    Columbia Engineering Software Development / Full Stack Engineering
    2022
    Bergen County Technical AcademiesEngineering
    2004 — 2008

    Certifications

    GenAI Responsible AI AWS Solutions Architect — Associate Salesforce Administrator Google Analytics Salesforce Developer Cisco / Adobe Academies — Web Development
    Get in touch

    Open to interesting work.

    Engineering, AI platform builds, security research, speaking.

    Email is fastest. Encrypted alternatives on request.

    Email me
    Email michael@groberman.tech
    Signal @gr0m.34 ·
    GitHub @MichaelAdamGroberman LinkedIn michael-adam-groberman