
Gustavo Adolfo Valverde De Soto
Verified Expert in Engineering
Solution Architect and Developer
Gustavo is a solution-driven and highly proactive ITC professional used to working with fast-paced teams from the Big Four and startups. He has over six years of experience working on infosec, IT audits, BCP, solutions architecture, DevOps, and product management. Throughout his career, Gustavo designed DRPs for financial institutions, leveraged DevOps in several startups, supported critical infrastructure for SaaS solutions, and led the development of countrywide digital products.
Portfolio
Experience
Availability
Preferred Environment
Kubernetes, Google Cloud Platform (GCP), Odoo, Docker, GitHub Actions, Bash, DevOps, Solution Architecture, Cloud Architecture, Information Security
The most amazing...
...project I've worked on was the fast-paced countrywide implementation of software and infrastructure to tackle logistics and vaccination needs for COVID-19.
Work Experience
DevOps Engineer
Zcash Foundation
- Supported the engineering team by maintaining and optimizing the development and release infrastructure.
- Refactored the whole CI/CD pipelines to have better integration tests, reduced build times by 200%, and automated all actions which required a recurring manual intervention.
- Implemented a queueing system for pull requests to have more throughput and merge automation, saving the core engineering team over eight hours weekly of PRs review, update and merge fixes.
Co-founder
Indexa Inc
- Led and supported the transformation of work procedures to create market-leading products. This involved embedding Agile work practices and the concept of autonomous delivery teams.
- Assisted the development team in creating the overall product architecture, maximizing the reuse of standard components to develop cost-efficient solutions, and leveraging serverless technology.
- Managed the creation of the first API-driven e-invoicing system in the country, using microservices and serverless architecture with an on-demand subscription based on consumption.
- Supported the creation of the first developer portal providing identity information for companies and individuals, IRS invoicing system validation, multi-bank currencies, and fuel prices.
Enterprise DevOps Engineer
Colgate-Palmolive
- Developed all the pipelines for front-end and back-end applications, with specific configurations for each tier, specifically development, staging, and production.
- Implemented auto-scaling down to zero (0) to save infrastructure costs with task-based services using Celery, RabbitMQ, and KEDA on Kubernetes.
- Refactored how the team handled their workflows, using reusable workflows in GitHub Actions and deployment environments.
- Created complex networking policies for Kubernetes to isolate traffic to and between services as much as possible, reducing the attack vector.
DevOps Engineer
The Pool TV Sarl
- Designed a serverless architecture in Google Cloud Platform using Terraform and Google's best practices based on FAST.
- Automated the whole software development lifecycle (SDLC) from development, testing, QA, and deployment to production.
- Configured the whole CI/CD pipelines using GitHub Actions to automate deployments using Google Cloud Run. Securing the deployments via Workload Identity Federation.
Government Digital Architecture Department Advisor
Oficina Gubernamental de Tecnologías de la Información (OGITC)
- Led the design and implementation of the COVID-19 logistics solution and satellite APIs needed to secure citizens' information through the whole vaccination process.
- Defined the tools and standards to interoperate between institutions. Also developed the government standards on APIs, which required implementing tools like Gluu Server, Gravitee.io API Management, and X-Road.
- Oversaw a team of software engineers, product owners, and UX designers, supporting the definition, strategy, and creation of digital products while leveraging a DevOps culture.
Co-founder
iterativo LLC
- Coordinated the efforts needed to bring together the main parties involved in the accounting systems definition. Also developed a standardized chart of accounts to be used countrywide in an open-source ERP.
- Developed the localization for the Dominican Republic, which included CoA, taxes computation, fiscal sequences, fiscal invoicing emission, payroll requirements automation, and third-party integrations.
- Grew the company team from one consultant and one software engineer to over 30 employees, distributed through the financial, customer support, research and development, consultancy, and operations departments.
- Guided the company to become the leading Odoo ERP partner in its region through the successful implementation of over 60 clients.
Information Security Teacher
Instituto Tecnológico de Las Américas
- Facilitated, guided, and motivated students in their learning process on information security, promoting student participation, research, and peer learning.
- Prompted learning through real scenarios exploration, building Hack Labs with virtual machines and proposing more game-based homework.
- Designed educational content and developed technical labs for students to practice with real use cases.
Enterprise Risk Services Manager
Deloitte
- Led Deloitte's cyber risk and IT risk services in the country. Managed a team in charge of implementing cybersecurity, IT internal audit, BCP, and DRP projects.
- Executed several BCP and DRP advisories for the financial services industry, including developing BIA, risk assessments, and business continuity plans. Led all local IT internal audits and ethical hacking projects.
- Identified security breaches in regular operations, made recommendations, and proposed security controls and alternatives to comply with general security standards and other security-related methodologies.
Information Technology Project Consultant
Concentra
- Led the implementation of multiple ITIL management practices in the banking industry, including portfolio management, supplier management, incident and problem management, and service desk.
- Handled the proper and successful implementation and on-time delivery of different IT projects.
- Oversaw IT processes automation through process definition, diagramming, and implementation of IT service desks.
Enterprise Risk Services Consultant
Deloitte
- Led major information systems audits, IT advisory projects, the development of disaster recovery plans, and the resolution of complex business issues. Interacted with diverse audiences and mentored less senior staff.
- Prepared formal reports with the results of information system audits and special projects for distribution to the executive management team and the board of directors' audit committee.
- Handled the evaluation of internal control environments and computing environments and architectures, using CAAT applications like ACL, SQL, MS Access, or MS Excel for data extraction and manipulation.
Information Security Officer
Instituto Tecnológico de Las Américas
- Handled network protection, risk assessment, vulnerability assessment, pen testing, information security policies creation and development, clients, and server hardening.
- Raised employees' awareness about IT security issues and social engineering. Also developed IT security policies for the organization.
- Volunteered as secretary for the Interinstitutional Commission against High Technology Crimes (CICDAT, in Spanish).
Experience
Blockchain Nodes CI/CD automation
https://github.com/ZcashFoundation/zebraBuild times were reduced from three hours to 50 minutes without cache and five seconds with cache, improving the merging speed by more than 300% when combined with the automated queue and merging system.
Countrywide COVID-19 Logistics Solution
https://cloud.google.com/customers/ogticTransition a business infrastructure from Proxmox to GCP (using GKE)
This scenario was causing an exponential overhead when the application had to be updated, as each server needed manual maintenance, with a 6+ hours maintenance window.
The first step to solving this was to accomplish a more stable and standardized solution. Dockerizing the application assured having a base image known by the sysadmins and developers, which could be used in multiple environments (development, staging, and production). This image was open-sourced to be used by the global Odoo community.
As this project required a more "explicit" infrastructure definition, Kubernetes was the chosen tool to which to migrate. The infrastructure was deployed with automated SSL certificates, Istio, and Envoy for networking, observability, networking, and special configurations for caching and faster TTFB. Some clients had web pages that needed low response times for SEO.
Software Development Life Cycle (SDLC) Automation
https://github.com/opticrdContinuous integration and continuous delivery led to the inclusion of DevOps practices in the institution, guiding the team with Docker use and Dockerfile best practices, pipeline design with Github Actions, solutions architecture, and code standardization, linters, pre-committers, security scanners, etc. The development lifecycle was supported by Cloud Run on most products, from building development instances before merging to master, generating staging instances as a pre-production stage, and deploying to production using Github Releases, all fully adapted to the team size, actual knowledge, and capacity.
Deliveries are now being done under four weeks, and tech leads can see and test the front end, back ends, APIs, etc., as soon as the developer working on the system, or a new feature, makes a PR to a main/master branch, creating a mirrored environment (platform) from production.
Skills
Languages
Bash, Bash Script, Python, SQL, JavaScript, Rust, PHP, GraphQL, TypeScript
Tools
Odoo, GitHub, Git, Google Compute Engine (GCE), Google Kubernetes Engine (GKE), Terraform, GitLab CI/CD, GitLab, Ansible, CircleCI, Sentry, Helm, SonarQube, Vault, Celery, Prisma
Paradigms
DevOps, Agile, Continuous Delivery (CD), Continuous Integration (CI), DevSecOps, Serverless Architecture, Microservices Architecture, Application Architecture, Unit Testing, Azure DevOps
Platforms
Google Cloud Platform (GCP), Docker, Linux, Kubernetes, Google Cloud Engine, Amazon Web Services (AWS), Blockchain, Firebase, Azure, Proxmox, Ethereum, Amazon EC2, CentOS
Storage
Google Cloud, Databases, PostgreSQL, Google Cloud SQL, Database Performance, OVH, MySQL, Redis
Industry Expertise
Project Management, IT Security, Security
Other
GitHub Actions, Solution Architecture, Information Systems, Business Consulting, System Implementation, Enterprise Resource Planning (ERP), GitOps, Consulting, IT Consulting, Serverless, CI/CD Pipelines, Communication, Scripting, Architecture, Leadership, System Administration, Deployment, IT Deployments, Containerization, Infrastructure, Cloud Infrastructure, Agile DevOps, IT Projects, IT Project Management, Cloud Computing, DevOps Engineer, Load Balancers, GAP Analysis, IT Systems Engineering, VPC, Cloud Architecture, Information Security, Development, Networking, IT Automation, Product Development, APIs, Business Continuity Planning (BCP), Process Automation, Business Continuity, DNS, Infrastructure as Code (IaC), Autoscaling, Cloud Security, Integration, Data Analysis, Networks, IT Support, Cloudflare, Back-end Performance, Single Sign-on (SSO), Tax Accounting, Disaster Recovery Plans (DRP), ISO 22301, Information Security Management Systems (ISMS), ISO 27001, IT Service Management (ITSM), IT Services, Process Flows, Certified Ethical Hacker (CEH), Web Security, Ethical Hacking, ITIL 4, Cloud Migration, System Migration, Functions, Authentication, Knative, Site Reliability Engineering (SRE), Containers, Startups, Software Development Lifecycle (SDLC), Identity & Access Management (IAM), Okta, Google Cloud Functions, Configuration Management, Google BigQuery, SOC 2
Libraries/APIs
Auth, React, Node.js, Gigya
Frameworks
Laravel, Django
Education
Bachelor's Degree in Information Technology
UNIBE | Universad Iberoamericana - Santo Domingo, Dominican Republic
Certifications
Architecting with Google Kubernetes Engine Specialization
Coursera
Odoo v12 Certified Consultant
Odoo
ISO 22301:2013 Lead Implementer
PECB
ISO 27001:2013 Lead Auditor
PECB
ITIL® Foundation Certificate in IT Service Management
EXIN
Ethical Hacking and Countermeasures
EC-Council | via Udemy