Gustavo is available for hire
Hire GustavoGustavo Adolfo Valverde De Soto
Verified Expert in Engineering
Solution Architect and Developer
Location
Lisbon, Portugal
Toptal Member Since
December 4, 2021
Gustavo is a solution-driven and highly proactive ITC professional used to working with fast-paced teams from the Big Four and startups. He has over six years of experience working on infosec, IT audits, BCP, solutions architecture, DevOps, and product management. Throughout his career, Gustavo designed DRPs for financial institutions, leveraged DevOps in several startups, supported critical infrastructure for SaaS solutions, and led the development of countrywide digital products.
Portfolio
Zcash Foundation
GitHub, GitHub Actions, Rust, Docker, Google Cloud Platform (GCP), Google Cloud...
Indexa Inc
Cloud Architecture, Docker, GitHub Actions, Serverless Architecture...
Colgate-Palmolive
Containerization, Kubernetes, Google Cloud Platform (GCP), GitHub...
Experience
Availability
Part-time
Preferred Environment
Kubernetes, Google Cloud Platform (GCP), Odoo, Docker, GitHub Actions, Bash, DevOps, Solution Architecture, Cloud Architecture, Information Security
The most amazing...
...project I've worked on was the fast-paced countrywide implementation of software and infrastructure to tackle logistics and vaccination needs for COVID-19.
Work Experience
DevOps Engineer
2021 - PRESENT
Zcash Foundation
- Supported the engineering team by maintaining and optimizing the development and release infrastructure.
- Refactored the whole CI/CD pipelines to have better integration tests, reduced build times by 200%, and automated all actions which required a recurring manual intervention.
- Implemented a queueing system for pull requests to have more throughput and merge automation, saving the core engineering team over eight hours weekly of PRs review, update and merge fixes.
Technologies: GitHub, GitHub Actions, Rust, Docker, Google Cloud Platform (GCP), Google Cloud, Git, Software Development Lifecycle (SDLC), Google Compute Engine (GCE), CI/CD Pipelines, Bash Script, Scripting, Blockchain, Containerization, Architecture, Cloud Security, Agile DevOps, IT Project Management, DevSecOps, Cloud Computing, DevOps Engineer, Unit Testing, Load Balancers, Security, IT Support, Google Cloud SQL, SQL, IT Systems Engineering, VPC, Firebase, Single Sign-on (SSO), Auth
Co-founder
2020 - PRESENT
Indexa Inc
- Led and supported the transformation of work procedures to create market-leading products. This involved embedding Agile work practices and the concept of autonomous delivery teams.
- Assisted the development team in creating the overall product architecture, maximizing the reuse of standard components to develop cost-efficient solutions, and leveraging serverless technology.
- Managed the creation of the first API-driven e-invoicing system in the country, using microservices and serverless architecture with an on-demand subscription based on consumption.
- Supported the creation of the first developer portal providing identity information for companies and individuals, IRS invoicing system validation, multi-bank currencies, and fuel prices.
Technologies: Cloud Architecture, Docker, GitHub Actions, Serverless Architecture, Microservices Architecture, Product Development, GitOps, Autoscaling, Serverless, CI/CD Pipelines, Linux, Communication, Amazon Web Services (AWS), Scripting, Architecture, PostgreSQL, Leadership, System Administration, Cloud Security, Google Cloud, Deployment, Continuous Delivery (CD), Continuous Integration (CI), Databases, IT Deployments, Integration, IT Security, Application Architecture, Infrastructure, Cloud Infrastructure, Agile DevOps, Project Management, IT Projects, IT Project Management, Cloud Computing, DevOps Engineer, Unit Testing, Load Balancers, Networks, Security, Google Cloud Functions, Google Cloud SQL, SQL, Cloudflare, Redis, Configuration Management, Git, IT Systems Engineering, Google Compute Engine (GCE), VPC
Enterprise DevOps Engineer
2022 - 2023
Colgate-Palmolive
- Developed all the pipelines for front-end and back-end applications, with specific configurations for each tier, specifically development, staging, and production.
- Implemented auto-scaling down to zero (0) to save infrastructure costs with task-based services using Celery, RabbitMQ, and KEDA on Kubernetes.
- Refactored how the team handled their workflows, using reusable workflows in GitHub Actions and deployment environments.
- Created complex networking policies for Kubernetes to isolate traffic to and between services as much as possible, reducing the attack vector.
Technologies: Containerization, Kubernetes, Google Cloud Platform (GCP), GitHub, CI/CD Pipelines, Docker, Python, Django, Vault, Gigya, Okta, Celery, Google Cloud SQL, Database Performance, SQL, Redis, Git, IT Systems Engineering, Google Compute Engine (GCE), Google BigQuery, VPC, Back-end Performance
DevOps Engineer
2022 - 2022
The Pool TV Sarl
- Designed a serverless architecture in Google Cloud Platform using Terraform and Google's best practices based on FAST.
- Automated the whole software development lifecycle (SDLC) from development, testing, QA, and deployment to production.
- Configured the whole CI/CD pipelines using GitHub Actions to automate deployments using Google Cloud Run. Securing the deployments via Workload Identity Federation.
Technologies: Docker, PostgreSQL, Google Cloud Platform (GCP), Google Cloud, React, Containerization, Containers, Terraform, Serverless, Serverless Architecture, CI/CD Pipelines, Startups, DevOps, Software Development Lifecycle (SDLC), Git, GitHub, GitHub Actions, Agile DevOps, IT Projects, DevSecOps, Cloud Computing, DevOps Engineer, Unit Testing, Node.js, Load Balancers, Security, Google Cloud SQL, SQL, Cloudflare, Redis, IT Systems Engineering, Google Compute Engine (GCE), VPC, Firebase
Government Digital Architecture Department Advisor
2020 - 2022
Oficina Gubernamental de Tecnologías de la Información (OGITC)
- Led the design and implementation of the COVID-19 logistics solution and satellite APIs needed to secure citizens' information through the whole vaccination process.
- Defined the tools and standards to interoperate between institutions. Also developed the government standards on APIs, which required implementing tools like Gluu Server, Gravitee.io API Management, and X-Road.
- Oversaw a team of software engineers, product owners, and UX designers, supporting the definition, strategy, and creation of digital products while leveraging a DevOps culture.
Technologies: Cloud Architecture, DevOps, Agile, Kubernetes, Google Cloud Platform (GCP), GitOps, Infrastructure as Code (IaC), Autoscaling, Consulting, IT Consulting, Serverless, CI/CD Pipelines, Linux, Communication, Azure, Amazon Web Services (AWS), Scripting, Helm, Architecture, PostgreSQL, Leadership, System Administration, Cloud Security, GitLab CI/CD, Google Cloud, Deployment, Continuous Delivery (CD), Continuous Integration (CI), Databases, IT Deployments, Integration, IT Security, Data Analysis, Amazon EC2, Application Architecture, Infrastructure, Cloud Infrastructure, PHP, Laravel, MySQL, Agile DevOps, Project Management, IT Projects, IT Project Management, DevSecOps, Identity & Access Management (IAM), Cloud Computing, DevOps Engineer, Unit Testing, Node.js, GraphQL, Load Balancers, Networks, Security, IT Support, Google Cloud Functions, Google Cloud SQL, Database Performance, SQL, Cloudflare, Redis, Configuration Management, Git, IT Systems Engineering, Google Compute Engine (GCE), Google BigQuery, VPC, Single Sign-on (SSO)
Co-founder
2017 - 2021
iterativo LLC
- Coordinated the efforts needed to bring together the main parties involved in the accounting systems definition. Also developed a standardized chart of accounts to be used countrywide in an open-source ERP.
- Developed the localization for the Dominican Republic, which included CoA, taxes computation, fiscal sequences, fiscal invoicing emission, payroll requirements automation, and third-party integrations.
- Grew the company team from one consultant and one software engineer to over 30 employees, distributed through the financial, customer support, research and development, consultancy, and operations departments.
- Guided the company to become the leading Odoo ERP partner in its region through the successful implementation of over 60 clients.
Technologies: DevOps, Python, APIs, Kubernetes, Google Cloud Platform (GCP), Tax Accounting, GitOps, Infrastructure as Code (IaC), Autoscaling, Consulting, IT Consulting, Serverless, CI/CD Pipelines, Linux, Communication, Amazon Web Services (AWS), Scripting, Helm, Architecture, PostgreSQL, Leadership, System Administration, Cloud Security, Google Cloud, GitLab, Ansible, Deployment, Continuous Delivery (CD), Continuous Integration (CI), Databases, IT Deployments, Integration, IT Security, Amazon EC2, Infrastructure, Cloud Infrastructure, Agile DevOps, Project Management, IT Projects, IT Project Management, Cloud Computing, DevOps Engineer, Unit Testing, Load Balancers, Networks, Security, Google Cloud Functions, Google Cloud SQL, Database Performance, SQL, Cloudflare, GAP Analysis, Configuration Management, Git, IT Systems Engineering, Google Compute Engine (GCE), VPC, Back-end Performance
Information Security Teacher
2013 - 2021
Instituto Tecnológico de Las Américas
- Facilitated, guided, and motivated students in their learning process on information security, promoting student participation, research, and peer learning.
- Prompted learning through real scenarios exploration, building Hack Labs with virtual machines and proposing more game-based homework.
- Designed educational content and developed technical labs for students to practice with real use cases.
Technologies: Web Security, Information Security, Information Security Management Systems (ISMS), Ethical Hacking, Linux, Communication, Scripting, Leadership, Cloud Security, Google Cloud, Databases, IT Security, Infrastructure, Networks, Security, SQL, IT Systems Engineering
Enterprise Risk Services Manager
2015 - 2017
Deloitte
- Led Deloitte's cyber risk and IT risk services in the country. Managed a team in charge of implementing cybersecurity, IT internal audit, BCP, and DRP projects.
- Executed several BCP and DRP advisories for the financial services industry, including developing BIA, risk assessments, and business continuity plans. Led all local IT internal audits and ethical hacking projects.
- Identified security breaches in regular operations, made recommendations, and proposed security controls and alternatives to comply with general security standards and other security-related methodologies.
Technologies: Cloud Architecture, Business Consulting, Business Continuity Planning (BCP), Disaster Recovery Plans (DRP), Linux, Communication, Architecture, PostgreSQL, Leadership, Cloud Security, Ansible, Deployment, IT Security, Data Analysis, Project Management, IT Projects, IT Project Management, Identity & Access Management (IAM), Load Balancers, Security, SQL, GAP Analysis, Git, IT Systems Engineering, SOC 2
Information Technology Project Consultant
2013 - 2014
Concentra
- Led the implementation of multiple ITIL management practices in the banking industry, including portfolio management, supplier management, incident and problem management, and service desk.
- Handled the proper and successful implementation and on-time delivery of different IT projects.
- Oversaw IT processes automation through process definition, diagramming, and implementation of IT service desks.
Technologies: ITIL 4, IT Services, IT Service Management (ITSM), Business Consulting, Process Flows, System Implementation, Process Automation, Linux, Communication, Architecture, Leadership, System Administration, Cloud Security, Deployment, IT Deployments, Integration, IT Security, Data Analysis, Application Architecture, Infrastructure, Cloud Infrastructure, Project Management, IT Projects, IT Project Management, Networks, Security, IT Support, SQL, CentOS, GAP Analysis, Git, IT Systems Engineering, SOC 2
Enterprise Risk Services Consultant
2012 - 2013
Deloitte
- Led major information systems audits, IT advisory projects, the development of disaster recovery plans, and the resolution of complex business issues. Interacted with diverse audiences and mentored less senior staff.
- Prepared formal reports with the results of information system audits and special projects for distribution to the executive management team and the board of directors' audit committee.
- Handled the evaluation of internal control environments and computing environments and architectures, using CAAT applications like ACL, SQL, MS Access, or MS Excel for data extraction and manipulation.
Technologies: Business Consulting, Disaster Recovery Plans (DRP), Business Continuity, ISO 22301, ISO 27001, IT Services, Process Flows, Business Continuity Planning (BCP), Consulting, IT Consulting, Linux, Communication, Leadership, Cloud Security, Deployment, IT Security, Data Analysis, Project Management, IT Projects, IT Project Management, Networks, Security, IT Support, SQL, CentOS, GAP Analysis, IT Systems Engineering, Back-end Performance, SOC 2
Information Security Officer
2010 - 2012
Instituto Tecnológico de Las Américas
- Handled network protection, risk assessment, vulnerability assessment, pen testing, information security policies creation and development, clients, and server hardening.
- Raised employees' awareness about IT security issues and social engineering. Also developed IT security policies for the organization.
- Volunteered as secretary for the Interinstitutional Commission against High Technology Crimes (CICDAT, in Spanish).
Technologies: Information Security Management Systems (ISMS), Information Security, Ethical Hacking, Web Security, Information Systems, Networking, Linux, System Administration, Cloud Security, Deployment, IT Security, Project Management, IT Projects, Networks, Security, IT Support, IT Systems Engineering, SOC 2
Experience
Blockchain Nodes CI/CD automation
https://github.com/ZcashFoundation/zebraI refactored the pipeline structures for Zebra, a Rust-based Zcash Node.js reimplementation, using GitHub Actions and Google Cloud Platform as core technologies to automate the entire CI/CD. This helped the core engineering team focus on development, ensuring bugs were not merged into the main system while the queuing system was also implemented.
Build times were reduced from three hours to 50 minutes without cache and five seconds with cache, improving the merging speed by more than 300% when combined with the automated queue and merging system.
Build times were reduced from three hours to 50 minutes without cache and five seconds with cache, improving the merging speed by more than 300% when combined with the automated queue and merging system.
Countrywide COVID-19 Logistics Solution
https://cloud.google.com/customers/ogticLed the fast-paced countrywide implementation of the software and infrastructure to tackle the logistics and vaccination needs for COVID-19 using Odoo framework and Google Cloud Platform with Kubernetes to accomplish a fast and automated solution.
Transition a business infrastructure from Proxmox to GCP (using GKE)
This project required taking a whole infrastructure, which had two years working in OVH using Proxmox with ZFS and automatic service discovery (Nginx with DNS) and over 100+ LXC servers, each with their application (Odoo) and database (PostgreSQL).
This scenario was causing an exponential overhead when the application had to be updated, as each server needed manual maintenance, with a 6+ hours maintenance window.
The first step to solving this was to accomplish a more stable and standardized solution. Dockerizing the application assured having a base image known by the sysadmins and developers, which could be used in multiple environments (development, staging, and production). This image was open-sourced to be used by the global Odoo community.
As this project required a more "explicit" infrastructure definition, Kubernetes was the chosen tool to which to migrate. The infrastructure was deployed with automated SSL certificates, Istio, and Envoy for networking, observability, networking, and special configurations for caching and faster TTFB. Some clients had web pages that needed low response times for SEO.
This scenario was causing an exponential overhead when the application had to be updated, as each server needed manual maintenance, with a 6+ hours maintenance window.
The first step to solving this was to accomplish a more stable and standardized solution. Dockerizing the application assured having a base image known by the sysadmins and developers, which could be used in multiple environments (development, staging, and production). This image was open-sourced to be used by the global Odoo community.
As this project required a more "explicit" infrastructure definition, Kubernetes was the chosen tool to which to migrate. The infrastructure was deployed with automated SSL certificates, Istio, and Envoy for networking, observability, networking, and special configurations for caching and faster TTFB. Some clients had web pages that needed low response times for SEO.
Software Development Life Cycle (SDLC) Automation
https://github.com/opticrdThis client had to wait for months to visualize the work, even if it was a WIP, as the development team had to provision servers and do time-consuming tasks, which led to needless delays.
Continuous integration and continuous delivery led to the inclusion of DevOps practices in the institution, guiding the team with Docker use and Dockerfile best practices, pipeline design with Github Actions, solutions architecture, and code standardization, linters, pre-committers, security scanners, etc. The development lifecycle was supported by Cloud Run on most products, from building development instances before merging to master, generating staging instances as a pre-production stage, and deploying to production using Github Releases, all fully adapted to the team size, actual knowledge, and capacity.
Deliveries are now being done under four weeks, and tech leads can see and test the front end, back ends, APIs, etc., as soon as the developer working on the system, or a new feature, makes a PR to a main/master branch, creating a mirrored environment (platform) from production.
Continuous integration and continuous delivery led to the inclusion of DevOps practices in the institution, guiding the team with Docker use and Dockerfile best practices, pipeline design with Github Actions, solutions architecture, and code standardization, linters, pre-committers, security scanners, etc. The development lifecycle was supported by Cloud Run on most products, from building development instances before merging to master, generating staging instances as a pre-production stage, and deploying to production using Github Releases, all fully adapted to the team size, actual knowledge, and capacity.
Deliveries are now being done under four weeks, and tech leads can see and test the front end, back ends, APIs, etc., as soon as the developer working on the system, or a new feature, makes a PR to a main/master branch, creating a mirrored environment (platform) from production.
Skills
Languages
Bash, Bash Script, Python, SQL, JavaScript, Rust, PHP, GraphQL, TypeScript
Tools
Odoo, GitHub, Git, Google Compute Engine (GCE), Google Kubernetes Engine (GKE), Terraform, GitLab CI/CD, GitLab, Ansible, CircleCI, Sentry, Helm, SonarQube, Vault, Celery, Prisma
Paradigms
DevOps, Agile, Continuous Delivery (CD), Continuous Integration (CI), DevSecOps, Serverless Architecture, Microservices Architecture, Application Architecture, Unit Testing, Azure DevOps
Platforms
Google Cloud Platform (GCP), Docker, Linux, Kubernetes, Google Cloud Engine, Amazon Web Services (AWS), Blockchain, Firebase, Azure, Proxmox, Ethereum, Amazon EC2, CentOS
Storage
Google Cloud, Databases, PostgreSQL, Google Cloud SQL, Database Performance, OVH, MySQL, Redis
Industry Expertise
Project Management, IT Security, Security
Other
GitHub Actions, Solution Architecture, Information Systems, Business Consulting, System Implementation, Enterprise Resource Planning (ERP), GitOps, Consulting, IT Consulting, Serverless, CI/CD Pipelines, Communication, Scripting, Architecture, Leadership, System Administration, Deployment, IT Deployments, Containerization, Infrastructure, Cloud Infrastructure, Agile DevOps, IT Projects, IT Project Management, Cloud Computing, DevOps Engineer, Load Balancers, GAP Analysis, IT Systems Engineering, VPC, Cloud Architecture, Information Security, Development, Networking, IT Automation, Product Development, APIs, Business Continuity Planning (BCP), Process Automation, Business Continuity, DNS, Infrastructure as Code (IaC), Autoscaling, Cloud Security, Integration, Data Analysis, Networks, IT Support, Cloudflare, Back-end Performance, Single Sign-on (SSO), Tax Accounting, Disaster Recovery Plans (DRP), ISO 22301, Information Security Management Systems (ISMS), ISO 27001, IT Service Management (ITSM), IT Services, Process Flows, Certified Ethical Hacker (CEH), Web Security, Ethical Hacking, ITIL 4, Cloud Migration, System Migration, Functions, Authentication, Knative, Site Reliability Engineering (SRE), Containers, Startups, Software Development Lifecycle (SDLC), Identity & Access Management (IAM), Okta, Google Cloud Functions, Configuration Management, Google BigQuery, SOC 2
Libraries/APIs
Auth, React, Node.js, Gigya
Frameworks
Laravel, Django
Education
2007 - 2011
Bachelor's Degree in Information Technology
UNIBE | Universad Iberoamericana - Santo Domingo, Dominican Republic
Certifications
JULY 2019 - PRESENT
Architecting with Google Kubernetes Engine Specialization
Coursera
MAY 2019 - PRESENT
Odoo v12 Certified Consultant
Odoo
SEPTEMBER 2016 - PRESENT
ISO 22301:2013 Lead Implementer
PECB
JUNE 2016 - PRESENT
ISO 27001:2013 Lead Auditor
PECB
FEBRUARY 2014 - PRESENT
ITIL® Foundation Certificate in IT Service Management
EXIN
JANUARY 2012 - PRESENT
Ethical Hacking and Countermeasures
EC-Council | via Udemy