Gustavo Adolfo Valverde De Soto
Verified Expert in Engineering
Solution Architect and Developer
Lisbon, Portugal
Toptal member since December 4, 2021
Gustavo is a solution-driven and highly proactive ITC professional used to working with fast-paced teams from the Big Four and startups. He has over six years of experience working on infosec, IT audits, BCP, solutions architecture, DevOps, and product management. Throughout his career, Gustavo designed DRPs for financial institutions, leveraged DevOps in several startups, supported critical infrastructure for SaaS solutions, and led the development of countrywide digital products.
Portfolio
Experience
Availability
Preferred Environment
Kubernetes, Google Cloud Platform (GCP), Docker, GitHub Actions, Bash, DevOps, Solution Architecture, Cloud Architecture, Information Security, Cybersecurity
The most amazing...
...project I've done was the fast-paced, countrywide implementation of a digital identity platform for citizens using Amazon Rekognition, Ory, and Next.js.
Work Experience
DevOps Engineer
Zcash Foundation
- Standardized the SDLC by implementing containers, conventional commits, issue and PR templates, merge queues, rulesets, linting, and pipeline automation using GitHub Actions and self-hosted runners for long integration tests.
- Reduced build and test times for developers from 24+ hours to 45 minutes by optimizing Dockerfiles, including the use of multistage builds and caching. This resulted in a nearly 97% reduction in development time while increasing the test scope.
- Implemented GitHub rulesets and queue management to streamline and automate integration testing and merging, saving the engineering team over eight hours weekly on PR reviews, updates, and merge fixes.
Co-founder
iterativo LLC
- Led and supported the transformation of work procedures to create market-leading products. This involved embedding Agile work practices and the concept of autonomous delivery teams.
- Assisted the development team in creating the overall product architecture, maximizing the reuse of standard components to develop cost-efficient solutions, and leveraging serverless technology.
- Developed the localization for the Dominican Republic, which included CoA, tax computations, fiscal sequences, fiscal invoicing emission, payroll requirements automation, and 3rd-party integrations.
- Coordinated the efforts needed to bring together the main parties involved in the accounting systems definition. Also developed a standardized chart of accounts to be used countrywide in an open-source ERP.
- Grew the company team from one consultant and one software engineer to over 30 employees, distributed through the financial, customer support, research and development, consultancy, and operations departments.
- Guided the company to become the leading Odoo ERP partner in its region through the successful implementation of over 60 clients.
- Managed the creation of the first API-driven e-invoicing system in the country, using microservices and serverless architecture with an on-demand subscription based on consumption.
- Supported the creation of the first developer portal providing identity information for companies and individuals, IRS invoicing system validation, multi-bank currencies, and fuel prices.
Principal Software Architect & Advisor
Oficina Gubernamental de Tecnologías de la Información y Comunicación (OPTIC
- Earned a successful Google Cloud case study when Implementing the COVID-19 logistics solution with critical satellite APIs, securing citizen data during vaccination. Used Odoo as ERP and Google Cloud Platform for infrastructure.
- Pioneered the Dominican Republic’s first open-source governmental digital ID system as a lead software architect and product manager, using GCP, Amazon Rekognition, Ory, Ballerina, and a custom Next.js frontend with serverless NestJS APIs.
- Led a team of software engineers, product owners, and UX designers, guiding the government’s architectural strategy using Jamstack, a headless CMS, site generators, and X-ROAD for API interoperability, leveraging open-source solutions.
- Designed and developed digital products to simplify governmental processes, including APIs, mobile apps, back offices, and identity management platforms.
DevOps Engineer
Colgate-Palmolive
- Architected a HIPAA-compliant solution using Django, Celery, Redis, RabbitMQ, KEDA, Vault, Helm, and Kustomize, supported by various GCP services such as Cloud SQL, Cloud Pub/Sub, Memorystore, Cloud Run, GKE, Cloud Storage, and others.
- Deployed a Django back end in Kubernetes under a zero-trust architecture, granting only specific permissions using IAM and controlling network access through Kubernetes network policies, starting with no inbound or outbound connections.
- Optimized event-driven autoscaling with KEDA for Redis-backed Celery workers deployed on Kubernetes, enabling the workers to scale up based on workload and automatically scale down when there are no tasks in the queue.
Enterprise Risk Services Manager
Deloitte
- Led Deloitte's cyber risk and IT risk services in the country. Managed a team in charge of implementing cybersecurity, IT internal audit, BCP, and DRP projects.
- Executed several BCP and DRP advisories for the financial services industry, including developing BIA, risk assessments, and business continuity plans. Led all local IT internal audits and ethical hacking projects.
- Identified security breaches in regular operations, made recommendations, and proposed security controls and alternatives to comply with general security standards and other security-related methodologies.
Senior Information Technology Consultant
Concentra
- Led the implementation of multiple ITIL management practices in the banking industry, including portfolio management, supplier management, incident and problem management, and service desk.
- Handled the proper and successful implementation and on-time delivery of different IT projects.
- Oversaw IT processes automation through process definition, diagramming, and implementation of IT service desks.
Enterprise Risk Services Consultant
Deloitte
- Led major information systems audits, IT advisory projects, the development of disaster recovery plans, and the resolution of complex business issues. Interacted with diverse audiences and mentored less senior staff.
- Prepared formal reports with the results of information system audits and special projects for distribution to the executive management team and the board of directors' audit committee.
- Handled the evaluation of internal control environments and computing environments and architectures, using CAAT applications like ACL, SQL, MS Access, or MS Excel for data extraction and manipulation.
Experience
Citizens Digital Identity Platform
https://github.com/ogticrd/cuenta-unica-registryBlockchain Nodes CI/CD Automation
https://github.com/ZcashFoundation/zebraBuild times were reduced from three hours to 15 minutes without cache and five seconds with cache, improving the merging speed by more than 300% when combined with the automated queue and merging system.
Countrywide COVID-19 Logistics Solution
https://cloud.google.com/customers/ogticOn-premise Monolith to Cloud Native (with GKE in GCP)
To address these issues, Kubernetes was chosen as the migration platform. The infrastructure was deployed using GKE, incorporating CertManager, Istio, Jaeger, Cloud SQL, Cloud MemoryStore (Redis), and AWS S3.
Software Development Life Cycle (SDLC) Automation
Continuous integration and continuous delivery led to the inclusion of DevOps practices in the institution, guiding the team with Docker use and Dockerfile best practices, pipeline design with Github Actions, solutions architecture, and code standardization, linters, pre-committers, security scanners, etc. The development lifecycle was supported by Cloud Run on most products, from building development instances before merging to master, generating staging instances as a pre-production stage, and deploying to production using Github Releases, all fully adapted to the team size, actual knowledge, and capacity.
Deliveries are now being done under four weeks, and tech leads can see and test the front end, back ends, APIs, etc., as soon as the developer working on the system, or a new feature, makes a PR to a main/master branch, creating a mirrored environment (platform) from production.
SSDLC Processes for LegalTech with AI
https://briefcatch.com/I developed and automated complex CI/CD pipelines of GPU workloads for ML applications, which required integration testing in dev environments with low-cost and short-lived instances.
Serverless Architecture Using GCP Best Practices with FAST
https://www.the-pool.tv/I automated the whole software development lifecycle (SDLC) from development, testing, QA, and deployment to production.
I also configured all the CI/CD pipelines using GitHub Actions to automate deployments using Google Cloud Run, securing the deployments via Workload Identity Federation.
Education
Bachelor's Degree in Information Technology
UNIBE | Universad Iberoamericana - Santo Domingo, Dominican Republic
Certifications
AWS Certified Solutions Architect – Associate
Amazon Web Services Training and Certification
Architecting with Google Kubernetes Engine Specialization
Coursera
Odoo v12 Certified Consultant
Odoo
ISO 22301:2013 Lead Implementer
PECB
ISO 27001:2013 Lead Auditor
PECB
ITIL® Foundation Certificate in IT Service Management
EXIN
Ethical Hacking and Countermeasures
EC-Council | via Udemy
Skills
Libraries/APIs
REST APIs, Auth, React, Node.js, Gigya, Amazon Rekognition
Tools
Odoo, GitHub, Terraform, Git, Google Compute Engine (GCE), NGINX, Jira, Google Kubernetes Engine (GKE), Helm, GitLab CI/CD, GitLab, Ansible, CircleCI, Microsoft Visual Studio, Sentry, SonarQube, Vault, Celery, Prisma, Jenkins, RabbitMQ, GCP Security, Docker Swarm, Grafana
Languages
Bash, Bash Script, Python, SQL, JavaScript, Rust, PHP, GraphQL, TypeScript, Go
Paradigms
DevOps, Agile, Continuous Delivery (CD), Continuous Integration (CI), DevSecOps, Automation, Serverless Architecture, Microservices Architecture, Application Architecture, Unit Testing, HIPAA Compliance, Azure DevOps
Platforms
Kubernetes, Google Cloud Platform (GCP), Docker, Linux, Google Cloud Engine, Amazon Web Services (AWS), Blockchain, Firebase, Azure, Proxmox, Knative, Ethereum, Amazon EC2, CentOS
Storage
Google Cloud, Databases, PostgreSQL, Google Cloud SQL, Database Performance, OVH, MySQL, Redis, Datadog
Industry Expertise
Project Management, Cybersecurity, System Development Life Cycle (SDLC)
Frameworks
Laravel, Django, Next.js, Material UI
Other
GitHub Actions, Solution Architecture, Cloud Architecture, Information Systems, Business Consulting, Disaster Recovery Plans (DRP), System Implementation, Enterprise Resource Planning (ERP), GitOps, Infrastructure as Code (IaC), Consulting, IT Consulting, Serverless, CI/CD Pipelines, Communication, Scripting, Architecture, Leadership, System Administration, Deployment, Site Reliability Engineering (SRE), IT Deployments, Containerization, Infrastructure, Cloud Infrastructure, Containers, Agile DevOps, IT Projects, IT Project Management, Cloud Computing, DevOps Engineer, Load Balancers, GAP Analysis, IT Systems Engineering, VPC, API Gateways, Domain-driven Design (DDD), SecOps, Release Management, Disaster Recovery Consulting, Cloud, Scalable Web Services, Cloud Engineering, Documentation, Information Security, Development, Networking, IT Automation, Product Development, APIs, Business Continuity Planning (BCP), Process Automation, Business Continuity, DNS, Autoscaling, Cloud Security, Integration, IT Security, Data Analysis, Networks, Security, IT Support, Cloudflare, Back-end Performance, Single Sign-on (SSO), API Integration, AWS Certified Solution Architect, Tax Accounting, ISO 22301, Information Security Management Systems (ISMS), ISO 27001, IT Service Management (ITSM), IT Services, Process Flows, Certified Ethical Hacker (CEH), Web Security, Ethical Hacking, ITIL 4, Cloud Migration, System Migration, Functions, Authentication, Startups, Software Development Lifecycle (SDLC), Identity & Access Management (IAM), Okta, Google Cloud Functions, Configuration Management, Google BigQuery, SOC 2, Prometheus, Data Engineering, Pub/Sub, Kubernetes Event-driven Autoscaler (KEDA), FastAPI, Identity, Ory
How to Work with Toptal
Toptal matches you directly with global industry experts from our network in hours—not weeks or months.
Share your needs
Choose your talent
Start your risk-free talent trial
Top talent is in high demand.
Start hiring