Éder Gillian, Developer in Brasília, Brazil
Éder is available for hire
Hire Éder

Éder Gillian

Verified Expert  in Engineering

System Administrator and Software Developer

Location
Brasília, Brazil
Toptal Member Since
May 22, 2022

Éder has 14 years of experience as a system administrator, transitioning into DevOps for the last four years. As a DevOps advocate, he's incited cultural change, bridging the gap between development and operations teams. Éder's built abstraction platforms that assist developers and data scientists in their jobs, led IT support, infrastructure, and security teams, managed critical acquisition projects, and served as chief data officer and senior infrastructure and security manager in past roles.

Portfolio

EEG
Terraform, Terragrunt, Ansible, Amazon S3 (AWS S3), AWS IAM, AWS STS, AWS ELB...
Ministério da Agricultura - MAPA
Management, Apache Airflow, Python 3, Rancher, Kubernetes...
Ministério das Comunicações
Rancher, Kubernetes, Puppet, Foreman, Vault, Terraform, GitLab, GitLab CI/CD...

Experience

Availability

Part-time

Preferred Environment

Puppet, Terraform, Rancher, Kubernetes, GitLab CI/CD

The most amazing...

...team I've led built a company's entire IT infrastructure from the ground up, implementing DevOps culture and practices along the way.

Work Experience

Senior DevOps Engineer

2022 - 2023
EEG
  • Developed and maintained Terraform and Terragrunt modules for cloud infrastructure.
  • Reviewed and improved onboarding documentation and proposed better tooling around the process.
  • Monitored and acted upon incidents of various services and platforms.
  • Performed significant database migration from on-premises to cloud, configuring streaming replication to fulfill compliance requirements.
  • Upgraded the main database from deprecated to supported and up-to-date version, achieving better performance and replacing abandoned extensions in favor of newer and maintained ones.
Technologies: Terraform, Terragrunt, Ansible, Amazon S3 (AWS S3), AWS IAM, AWS STS, AWS ELB, AWS NLB, AWS CLI, Amazon EBS, Amazon EKS, Amazon Elastic Container Registry (ECR), Amazon Virtual Private Cloud (VPC), Amazon EC2, Amazon Web Services (AWS), Amazon RDS, Argo CD, Argo Rollouts, GitHub, GitHub Actions, AWS Vault, AWS Secrets Manager, Docker, Containers, CI/CD Pipelines, Kubernetes, Amazon Elastic Container Service (Amazon ECS), GitOps

Chief Data Officer

2021 - 2022
Ministério da Agricultura - MAPA
  • Implemented and orchestrated a data pipeline for the open data program in the organization using Apache Airflow.
  • Created a staging area to give data analysts and scientists a place to explore data and allow all in the organization to access data to create dashboards and reports using self-service BI.
  • Defined and implemented a new architecture for the containerized applications of the organization, using Rancher to provision on-premises clusters (RKE) and manage cloud clusters (GKE).
Technologies: Management, Apache Airflow, Python 3, Rancher, Kubernetes, Google Kubernetes Engine (GKE), CKAN, PostgreSQL, Oracle, Bash, NGINX, Programming, TCP/IP, Packer, Zabbix, PySpark, Jupyter Notebook, DNS Servers, DHCP, Bash Script, Docker, CI/CD Pipelines, DevOps, Agile, Lean, Kanban, OpenVPN, HashiCorp, Helm, Google Cloud Platform (GCP), Amazon Web Services (AWS), MongoDB, Shell, SQL, Python, Amazon S3 (AWS S3), Linux, Shell Scripting, Ubuntu Server, Ubuntu Linux, Ubuntu, Alpine Linux, Git, Infrastructure as Code (IaC), Containerization, Ansible, Jenkins, Teams, Continuous Integration (CI), GitHub, Visual Studio Code (VS Code), Continuous Deployment, Security, System Administration, Containers, Argo CD, Keycloak, GitOps

Senior Infrastructure and Security Manager

2020 - 2021
Ministério das Comunicações
  • Led IT support, infrastructure, and security teams.
  • Managed critical acquisition projects for infrastructure resources.
  • Implemented a private cloud based on containers (Rancher and Kubernetes).
  • Implemented infrastructure automation projects, such as automated provisioning (Foreman), configuration management (Puppet), secret management (HashiCorp Vault), and Infrastructure as Code (Terraform).
  • Enabled the development team, promoted DevOps culture, and implemented DevOps tools in CI/CD pipelines.
  • Supported architecture design for private and public cloud adoption and containerization of legacy applications.
  • Complete migration of e-mail from an on-premises server to cloud.
  • Guided the defining of policies and norms related to IT and information security.
Technologies: Rancher, Kubernetes, Puppet, Foreman, Vault, Terraform, GitLab, GitLab CI/CD, Azure Active Directory, MS Exchange, Oracle Cloud Infrastructure (OCI), Packer, Elastic, Zabbix, Programming, TCP/IP, OSI Model, VMware vCenter, VMware vSphere, HashiCorp, Bash, NGINX, MySQL, Web Security, Jupyter Notebook, Management, Apache Airflow, Python 3, PostgreSQL, Oracle, DNS Servers, DHCP, Bash Script, Docker, CI/CD Pipelines, DevOps, Agile, Kanban, OpenVPN, MinIO, ELK (Elastic Stack), Apache2, Helm, Network Engineering, Shell, SQL, Python, Amazon S3 (AWS S3), Linux, Shell Scripting, Ubuntu Server, Ubuntu Linux, Ubuntu, Alpine Linux, Git, Infrastructure as Code (IaC), Containerization, Site Reliability Engineering (SRE), Ansible, Microsoft Teams, Continuous Integration (CI), GitHub, Visual Studio Code (VS Code), Continuous Deployment, VPN, Security, Apache, System Administration, Containers, Argo CD, Keycloak, GitOps

System Administrator

2009 - 2020
Instituto de Pesquisa Econômica Aplicada - IPEA
  • Implemented private cloud based on containers (Rancher and Kubernetes).
  • Automated configuration management (Puppet) and virtual infrastructure provisioning (Foreman).
  • Designed and built data pipelines for ETL purposes over big data, using distributed storage and processing technologies (Apache Spark, Apache Kafka, and MinIO).
  • Implemented advanced monitoring and log centralizing tools (Elastic Stack).
  • Monitored and maintained infrastructure and services (Nagios, Cacti, and Zabbix).
  • Implemented a POC for infrastructure self-service platform using a private cloud based on VMs (vOneCloud - OpenNebula).
  • Completed server and network administration, including virtualization (VMWare/vSphere).
Technologies: VMware vCenter, VMware vSphere, Puppet, Foreman, OpenNebula, Nagios, Zabbix, Cacti, Rancher, Kubernetes, Elastic, PySpark, Apache Kafka, Jupyter Notebook, Networking, Programming, TCP/IP, OSI Model, GitLab, GitLab CI/CD, MS Exchange, MinIO, ELK (Elastic Stack), Bash, NGINX, MySQL, Web Security, Python 3, CKAN, PostgreSQL, DNS Servers, DHCP, Bash Script, Docker, CI/CD Pipelines, DevOps, Flask, pfSense, OwnCloud, OpenVPN, Apache2, ModSecurity, Helm, MongoDB, Network Engineering, Shell, SQL, Python, Amazon S3 (AWS S3), Linux, Shell Scripting, Ubuntu Server, Ubuntu Linux, Ubuntu, Ubuntu 16.04, Git, Containerization, Site Reliability Engineering (SRE), WordPress, Jenkins, Continuous Integration (CI), GitHub, Visual Studio Code (VS Code), Continuous Deployment, VPN, Security, Apache, Apache Tomcat, System Administration, Containers, Keycloak

Junior IT Analyst

2009 - 2009
Banco do Brasil
  • Maintained web applications on platforms hosted on IBM mainframe infrastructure.
  • Provided support and maintenance for IBM z/OS operating system (IBM mainframes).
  • Took charge of the manual deployment of web applications hosted on WebSphere Application Server (WAS) through staging and production environments.
Technologies: IBM Mainframe, WebSphere, Zsh, IBM z/OS, Shell, Linux, Shell Scripting

Infrastructure as Code for Oracle OCI

I designed a pipeline for infrastructure as code (IaC) to provision all the required resources on Oracle OCI to host a group of web applications.
There was a specific need for an Oracle database, and getting on-premises licenses was not a viable option. It was decided that Oracle Cloud Infrastructure was the way to go.

From the get-go, as the senior infrastructure manager, I encouraged the developers involved to go for as much automation as possible, so I wrote a proof-of-concept for an IaC pipeline using Terraform that would provision all the resources from the ground up, including some basic tests along the way.

The result was a pipeline that provisions the entire infrastructure, including development, staging, training, and production environments. The code is versioned on GitLab, and every environment has its own long-lived branch. Every push to a branch starts a pipeline that initializes Terraform, validates the code, and saves a plan for the run. After the plan is approved, the changes are deployed to the environment represented by that branch with the click of a button. This pipeline was built using GitLab CI/CD. The Terraform state is saved using Gitlab-Terraform integration.

GiLlab CI/CD Pipeline Integrated with HashiCorp Vault as External Secret Management

This GitLab CI/CD pipeline was designed to remove credentials and other sensitive information from the codebase (and from GitLab CI/CD variables) and consume them from an external secret management tool.
HashiCorp Vault was configured with a JWT authentication back end, using GitLab as JWKS endpoint. Secret information would be read from Vault server by GitLab Runner deployment jobs that would authenticate and have access to specific secret back ends according to the policies set.

Two ways of reading the sensitive information were implemented: Setting environment variables and templating. The last one required a CLI tool to read from Vault and inject the values in the template file (consul-template).

Automated VM Template Generation

https://github.com/edergillian/packer-templates
A pipeline developed to generate VM templates (VMware vSphere templates) for the Foreman and Rancher automated provisioning processes.
The templates were built using HashiCorp Packer, and the code for it was stored in a GitLab repository. The operating system of choice was Ubuntu Linux, contemplating the current LTS version and the one before that (e.g., 20.04 and 18.04). A GitLab CI pipeline was built to automate the whole process, scheduled to run once a week. With this, all templates were reasonably up-to-date with the latest kernel and security updates for each OS version.

Automated Provisioning and Configuration of Virtual Machines

As a system administrator, I provisioned and maintained a large virtualization infrastructure hosted on VMWare vSphere. Everything was done manually, so I decided to start a project to automate those tasks.
At first, every VM (existing or new) had its own manifest written in Puppet DSL and the agent was installed manually. All code was saved in the Puppet server and had no version control.

I upgraded the whole solution: Foreman was used to do end-to-end VM provisioning and monitor Puppet execution in the managed hosts. It was integrated with vCenter for the VM provisioning and other services (DNS and DHCP) to get the network automatically configured. Puppet agent was automatically installed during the provisioning process and took care of the configuration of the whole system based on roles and profiles modules defined in Foreman and Puppet. The entire code was versioned on GitLab and went to production automatically using webhooks. This new way of managing infrastructure and the implementation of a CI/CD pipeline using Jenkins reduced VM provisioning from weeks to minutes, allowing applications to be delivered to production in a much faster and more secure manner.

Flask App for OpenVPN Automated Client Generation

https://github.com/edergillian/auto-cert-gen
We implemented a VPN-based solution for the users to solve the company's transition from an entirely on-site to a fully remote work policy when the COVID-19 pandemic hit. The manual generation of VPN clients was not fast enough, so I developed a Python app using Flask to automate issuing certificates and generating the clients for the users. With this, system administrators were given a simple web UI to provide all the information needed and got back the generated client for VPN connection within a few minutes, as opposed to several minutes of back and forth manual interaction with different tools and environments.
2001 - 2006

Bachelor's Degree in Electrical Engineering

Universidade de Brasília - Brasília, Brazil

AUGUST 2022 - AUGUST 2025

AWS Solutions Architect Associate

Amazon Web Services

JANUARY 2019 - PRESENT

Introduction to Kubernetes

The Linux Foundation

JANUARY 2019 - PRESENT

Introduction to DevOps: Transforming and Improving Operations

The Linux Foundation

JANUARY 2019 - PRESENT

Introduction to Cloud Infrastructure Technologies

The Linux Foundation

JANUARY 2019 - PRESENT

Puppet Practitioner

PuppetLabs

OCTOBER 2017 - PRESENT

GTD Level 2

Call Daniel

JULY 2017 - PRESENT

GTD Level 1

Call Daniel

APRIL 2014 - PRESENT

Puppet Fundamentals

Puppetlabs

Libraries/APIs

PySpark, Terragrunt

Tools

Puppet, GitLab CI/CD, VMware vSphere, Nagios, pfSense, Shell, Apache, Terraform, GitLab, MS Exchange, Packer, Elastic, Zabbix, Cacti, Apache Airflow, OpenVPN, HashiCorp, ELK (Elastic Stack), NGINX, Git, Jenkins, Microsoft Teams, GitHub, VPN, Apache Tomcat, Amazon Virtual Private Cloud (VPC), Vault, Google Kubernetes Engine (GKE), Zsh, Helm, Ansible, AWS IAM, AWS ELB, AWS CLI, Amazon EBS, Amazon EKS, Amazon Elastic Container Registry (ECR), AWS Vault, Amazon Elastic Container Service (Amazon ECS), Keycloak, Amazon Key Management, Amazon Simple Queue Service (SQS), AWS CloudTrail, Amazon CloudWatch, Amazon ElastiCache, AWS Fargate, AWS Step Functions, AWS Glue, AWS Key Management Service (KMS), Amazon Simple Notification Service (Amazon SNS)

Paradigms

Continuous Integration (CI), Continuous Deployment, Management, DevOps, Kanban, Agile, Scrum

Languages

Python 3, Bash Script, Bash, SQL, Python, C, Java

Platforms

Rancher, Apache2, Linux, Ubuntu Linux, Ubuntu, Ubuntu 16.04, Kubernetes, Jupyter Notebook, Docker, Amazon Web Services (AWS), Amazon EC2, Visual Studio Code (VS Code), Oracle Cloud Infrastructure (OCI), OpenNebula, Apache Kafka, CKAN, Oracle, WebSphere, IBM z/OS, Google Cloud Platform (GCP), Alpine Linux, WordPress, AWS STS, AWS NLB, Amazon Linux AMI, AWS ALB, AWS Elastic Beanstalk, AWS Lambda

Storage

PostgreSQL, OwnCloud, MySQL, Azure Active Directory, IBM Mainframe, MongoDB, Amazon S3 (AWS S3), Amazon EFS, Amazon DynamoDB, AWS Elastic File System, AWS Snowball

Frameworks

Flask

Other

Networking, TCP/IP, Foreman, VMware vCenter, CI/CD Pipelines, Ubuntu Server, System Administration, OSI Model, Web Security, DNS Servers, DHCP, Productivity, Time Management, MinIO, ModSecurity, Network Engineering, Shell Scripting, Infrastructure as Code (IaC), Containerization, Teams, Security, Argo CD, Containers, GitOps, Programming, Information Theory, Lean, Minikube, Site Reliability Engineering (SRE), Serverless, Amazon RDS, Argo Rollouts, GitHub Actions, AWS Secrets Manager, Amazon Glacier, Amazon Machine Images (AMI), Amazon Route 53, AWS Transit Gateway, Amazon Kinesis, AWS SSH Keys

Collaboration That Works

How to Work with Toptal

Toptal matches you directly with global industry experts from our network in hours—not weeks or months.

1

Share your needs

Discuss your requirements and refine your scope in a call with a Toptal domain expert.
2

Choose your talent

Get a short list of expertly matched talent within 24 hours to review, interview, and choose from.
3

Start your risk-free talent trial

Work with your chosen talent on a trial basis for up to two weeks. Pay only if you decide to hire them.

Top talent is in high demand.

Start hiring