Gustavo Adolfo Valverde De Soto, Developer in Lisbon, Portugal
Gustavo is available for hire
Hire Gustavo

Gustavo Adolfo Valverde De Soto

Verified Expert  in Engineering

Bio

Gustavo is a solution-driven and highly proactive ITC professional used to working with fast-paced teams from the Big Four and startups. He has over six years of experience working on infosec, IT audits, BCP, solutions architecture, DevOps, and product management. Throughout his career, Gustavo designed DRPs for financial institutions, leveraged DevOps in several startups, supported critical infrastructure for SaaS solutions, and led the development of countrywide digital products.

Portfolio

Zcash Foundation
GitHub, GitHub Actions, Rust, Docker, Google Cloud Platform (GCP), Google Cloud...
iterativo LLC
DevOps, Python, APIs, Kubernetes, Google Cloud Platform (GCP), Tax Accounting...
Oficina Gubernamental de Tecnologías de la Información y Comunicación (OPTIC
Cloud Architecture, DevOps, Agile, Kubernetes, Google Cloud Platform (GCP)...

Experience

Availability

Full-time

Preferred Environment

Kubernetes, Google Cloud Platform (GCP), Docker, GitHub Actions, Bash, DevOps, Solution Architecture, Cloud Architecture, Information Security, Cybersecurity

The most amazing...

...project I've done was the fast-paced, countrywide implementation of a digital identity platform for citizens using Amazon Rekognition, Ory, and Next.js.

Work Experience

DevOps Engineer

2021 - PRESENT
Zcash Foundation
  • Standardized the SDLC by implementing containers, conventional commits, issue and PR templates, merge queues, rulesets, linting, and pipeline automation using GitHub Actions and self-hosted runners for long integration tests.
  • Reduced build and test times for developers from 24+ hours to 45 minutes by optimizing Dockerfiles, including the use of multistage builds and caching. This resulted in a nearly 97% reduction in development time while increasing the test scope.
  • Implemented GitHub rulesets and queue management to streamline and automate integration testing and merging, saving the engineering team over eight hours weekly on PR reviews, updates, and merge fixes.
Technologies: GitHub, GitHub Actions, Rust, Docker, Google Cloud Platform (GCP), Google Cloud, Git, Software Development Lifecycle (SDLC), Google Compute Engine (GCE), CI/CD Pipelines, Bash Script, Scripting, Blockchain, Containerization, Architecture, Cloud Security, Agile DevOps, IT Project Management, DevSecOps, Cloud Computing, DevOps Engineer, Unit Testing, Load Balancers, Security, IT Support, Google Cloud SQL, SQL, IT Systems Engineering, VPC, Firebase, Single Sign-on (SSO), Auth, Cybersecurity, System Development Life Cycle (SDLC), Containers, Go, Prometheus, NGINX, SecOps, Release Management, Cloud, Kubernetes, Scalable Web Services, Cloud Engineering, Web Security, Microservices Architecture, Documentation, Automation

Co-founder

2016 - PRESENT
iterativo LLC
  • Led and supported the transformation of work procedures to create market-leading products. This involved embedding Agile work practices and the concept of autonomous delivery teams.
  • Assisted the development team in creating the overall product architecture, maximizing the reuse of standard components to develop cost-efficient solutions, and leveraging serverless technology.
  • Developed the localization for the Dominican Republic, which included CoA, tax computations, fiscal sequences, fiscal invoicing emission, payroll requirements automation, and 3rd-party integrations.
  • Coordinated the efforts needed to bring together the main parties involved in the accounting systems definition. Also developed a standardized chart of accounts to be used countrywide in an open-source ERP.
  • Grew the company team from one consultant and one software engineer to over 30 employees, distributed through the financial, customer support, research and development, consultancy, and operations departments.
  • Guided the company to become the leading Odoo ERP partner in its region through the successful implementation of over 60 clients.
  • Managed the creation of the first API-driven e-invoicing system in the country, using microservices and serverless architecture with an on-demand subscription based on consumption.
  • Supported the creation of the first developer portal providing identity information for companies and individuals, IRS invoicing system validation, multi-bank currencies, and fuel prices.
Technologies: DevOps, Python, APIs, Kubernetes, Google Cloud Platform (GCP), Tax Accounting, GitOps, Infrastructure as Code (IaC), Autoscaling, Consulting, IT Consulting, Serverless, CI/CD Pipelines, Linux, Communication, Amazon Web Services (AWS), Scripting, Helm, Architecture, PostgreSQL, Leadership, System Administration, Cloud Security, Google Cloud, GitLab, Ansible, Deployment, Continuous Delivery (CD), Continuous Integration (CI), Databases, IT Deployments, Integration, IT Security, Amazon EC2, Infrastructure, Cloud Infrastructure, Agile DevOps, Project Management, IT Projects, IT Project Management, Cloud Computing, DevOps Engineer, Unit Testing, Load Balancers, Networks, Security, Google Cloud Functions, Google Cloud SQL, Database Performance, SQL, Cloudflare, GAP Analysis, Configuration Management, Git, IT Systems Engineering, Google Compute Engine (GCE), VPC, Back-end Performance, Cybersecurity, Containers, Domain-driven Design (DDD), Jenkins, NGINX, SecOps, API Integration, Release Management, Cloud, Scalable Web Services, Cloud Engineering, Data Engineering, REST APIs, FastAPI, Product Development, Microservices Architecture, Documentation, Docker Swarm, Automation

Principal Software Architect & Advisor

2020 - 2024
Oficina Gubernamental de Tecnologías de la Información y Comunicación (OPTIC
  • Earned a successful Google Cloud case study when Implementing the COVID-19 logistics solution with critical satellite APIs, securing citizen data during vaccination. Used Odoo as ERP and Google Cloud Platform for infrastructure.
  • Pioneered the Dominican Republic’s first open-source governmental digital ID system as a lead software architect and product manager, using GCP, Amazon Rekognition, Ory, Ballerina, and a custom Next.js frontend with serverless NestJS APIs.
  • Led a team of software engineers, product owners, and UX designers, guiding the government’s architectural strategy using Jamstack, a headless CMS, site generators, and X-ROAD for API interoperability, leveraging open-source solutions.
  • Designed and developed digital products to simplify governmental processes, including APIs, mobile apps, back offices, and identity management platforms.
Technologies: Cloud Architecture, DevOps, Agile, Kubernetes, Google Cloud Platform (GCP), GitOps, Infrastructure as Code (IaC), Autoscaling, Consulting, IT Consulting, Serverless, CI/CD Pipelines, Linux, Communication, Azure, Amazon Web Services (AWS), Scripting, Helm, Architecture, PostgreSQL, Leadership, System Administration, Cloud Security, GitLab CI/CD, Google Cloud, Deployment, Continuous Delivery (CD), Continuous Integration (CI), Databases, IT Deployments, Integration, IT Security, Data Analysis, Amazon EC2, Application Architecture, Infrastructure, Cloud Infrastructure, PHP, Laravel, MySQL, Agile DevOps, Project Management, IT Projects, IT Project Management, DevSecOps, Identity & Access Management (IAM), Cloud Computing, DevOps Engineer, Unit Testing, Node.js, GraphQL, Load Balancers, Networks, Security, IT Support, Google Cloud Functions, Google Cloud SQL, Database Performance, SQL, Cloudflare, Redis, Configuration Management, Git, IT Systems Engineering, Google Compute Engine (GCE), Google BigQuery, VPC, Single Sign-on (SSO), Cybersecurity, Containers, API Gateways, Domain-driven Design (DDD), Go, Prometheus, NGINX, SecOps, API Integration, Release Management, Disaster Recovery Consulting, Cloud, REST APIs, Scalable Web Services, Cloud Engineering, Data Engineering, Microsoft Visual Studio, Web Security, Product Development, Microservices Architecture, Documentation, Automation

DevOps Engineer

2022 - 2023
Colgate-Palmolive
  • Architected a HIPAA-compliant solution using Django, Celery, Redis, RabbitMQ, KEDA, Vault, Helm, and Kustomize, supported by various GCP services such as Cloud SQL, Cloud Pub/Sub, Memorystore, Cloud Run, GKE, Cloud Storage, and others.
  • Deployed a Django back end in Kubernetes under a zero-trust architecture, granting only specific permissions using IAM and controlling network access through Kubernetes network policies, starting with no inbound or outbound connections.
  • Optimized event-driven autoscaling with KEDA for Redis-backed Celery workers deployed on Kubernetes, enabling the workers to scale up based on workload and automatically scale down when there are no tasks in the queue.
Technologies: Containerization, Kubernetes, Google Cloud Platform (GCP), Python, Django, Terraform, Celery, Redis, Pub/Sub, DevOps, DevSecOps, RabbitMQ, Google Cloud Functions, Identity & Access Management (IAM), Kubernetes Event-driven Autoscaler (KEDA), Vault, Okta, Gigya, CI/CD Pipelines, GitHub Actions, Jira, Helm, Google Cloud SQL, Cloud Architecture, Application Architecture, Web Security, Microservices Architecture, Documentation, Automation, Datadog, HIPAA Compliance

Enterprise Risk Services Manager

2015 - 2017
Deloitte
  • Led Deloitte's cyber risk and IT risk services in the country. Managed a team in charge of implementing cybersecurity, IT internal audit, BCP, and DRP projects.
  • Executed several BCP and DRP advisories for the financial services industry, including developing BIA, risk assessments, and business continuity plans. Led all local IT internal audits and ethical hacking projects.
  • Identified security breaches in regular operations, made recommendations, and proposed security controls and alternatives to comply with general security standards and other security-related methodologies.
Technologies: Cloud Architecture, Business Consulting, Business Continuity Planning (BCP), Disaster Recovery Plans (DRP), Linux, Communication, Architecture, PostgreSQL, Leadership, Cloud Security, Ansible, Deployment, IT Security, Data Analysis, Project Management, IT Projects, IT Project Management, Identity & Access Management (IAM), Load Balancers, Security, SQL, GAP Analysis, Git, IT Systems Engineering, SOC 2, Cybersecurity, Containers, NGINX, SecOps, Disaster Recovery Consulting, Cloud, Cloud Engineering, Web Security, Ethical Hacking, Documentation

Senior Information Technology Consultant

2013 - 2014
Concentra
  • Led the implementation of multiple ITIL management practices in the banking industry, including portfolio management, supplier management, incident and problem management, and service desk.
  • Handled the proper and successful implementation and on-time delivery of different IT projects.
  • Oversaw IT processes automation through process definition, diagramming, and implementation of IT service desks.
Technologies: ITIL 4, IT Services, IT Service Management (ITSM), Business Consulting, Process Flows, System Implementation, Process Automation, Linux, Communication, Architecture, Leadership, System Administration, Cloud Security, Deployment, IT Deployments, Integration, IT Security, Data Analysis, Application Architecture, Infrastructure, Cloud Infrastructure, Project Management, IT Projects, IT Project Management, Networks, Security, IT Support, SQL, CentOS, GAP Analysis, Git, IT Systems Engineering, SOC 2, Cybersecurity, NGINX, Disaster Recovery Consulting, Cloud, Web Security, Documentation

Enterprise Risk Services Consultant

2012 - 2013
Deloitte
  • Led major information systems audits, IT advisory projects, the development of disaster recovery plans, and the resolution of complex business issues. Interacted with diverse audiences and mentored less senior staff.
  • Prepared formal reports with the results of information system audits and special projects for distribution to the executive management team and the board of directors' audit committee.
  • Handled the evaluation of internal control environments and computing environments and architectures, using CAAT applications like ACL, SQL, MS Access, or MS Excel for data extraction and manipulation.
Technologies: Business Consulting, Disaster Recovery Plans (DRP), Business Continuity, ISO 22301, ISO 27001, IT Services, Process Flows, Business Continuity Planning (BCP), Consulting, IT Consulting, Linux, Communication, Leadership, Cloud Security, Deployment, IT Security, Data Analysis, Project Management, IT Projects, IT Project Management, Networks, Security, IT Support, SQL, CentOS, GAP Analysis, IT Systems Engineering, Back-end Performance, SOC 2, Cybersecurity, Domain-driven Design (DDD), Disaster Recovery Consulting, Cloud, Ethical Hacking, Documentation

Citizens Digital Identity Platform

https://github.com/ogticrd/cuenta-unica-registry
Created an open-source system for Dominican citizens to establish their digital identity in under three minutes using Amazon Rekognition, Ory, and Next.js, enabling unified authentication across governmental services.

Blockchain Nodes CI/CD Automation

https://github.com/ZcashFoundation/zebra
I refactored the software development lifecycle for Zebra, a Rust-based Zcash node, utilizing GitHub Actions, merge queues, GitOps, Terraform, and GCP. This overhaul increased development speed, reduced release cycles, expanded test coverage, and improved security. As a result, the core engineering team saved time and could focus more on the product while also improving the quality of the codebase.

Build times were reduced from three hours to 15 minutes without cache and five seconds with cache, improving the merging speed by more than 300% when combined with the automated queue and merging system.

Countrywide COVID-19 Logistics Solution

https://cloud.google.com/customers/ogtic
Led the fast-paced countrywide implementation of the software and infrastructure to tackle the logistics and vaccination needs for COVID-19 using Odoo framework and Google Cloud Platform with Kubernetes to accomplish a fast and automated solution.

On-premise Monolith to Cloud Native (with GKE in GCP)

Undertook the challenge of migrating an established infrastructure that had been operational for over two years on OVH using Proxmox. The setup, which utilized ZFS and automatic service discovery with NGINX and CoreDNS, consisted of hundreds of LXC servers, each hosting an Odoo monolith app with a PostgreSQL database. The existing structure posed significant challenges, particularly during updates, as each server required manual intervention, leading to maintenance windows that often exceeded six hours.

To address these issues, Kubernetes was chosen as the migration platform. The infrastructure was deployed using GKE, incorporating CertManager, Istio, Jaeger, Cloud SQL, Cloud MemoryStore (Redis), and AWS S3.

Software Development Life Cycle (SDLC) Automation

This client had to wait for months to visualize the work, even if it was a WIP, as the development team had to provision servers and do time-consuming tasks, which led to needless delays.

Continuous integration and continuous delivery led to the inclusion of DevOps practices in the institution, guiding the team with Docker use and Dockerfile best practices, pipeline design with Github Actions, solutions architecture, and code standardization, linters, pre-committers, security scanners, etc. The development lifecycle was supported by Cloud Run on most products, from building development instances before merging to master, generating staging instances as a pre-production stage, and deploying to production using Github Releases, all fully adapted to the team size, actual knowledge, and capacity.

Deliveries are now being done under four weeks, and tech leads can see and test the front end, back ends, APIs, etc., as soon as the developer working on the system, or a new feature, makes a PR to a main/master branch, creating a mirrored environment (platform) from production.

SSDLC Processes for LegalTech with AI

https://briefcatch.com/
Established secure software development processes integrating advanced tools, ensuring compliance with SOC2, ISO 27001, and GDPR while improving deployment efficiency for a LegalTech.

I developed and automated complex CI/CD pipelines of GPU workloads for ML applications, which required integration testing in dev environments with low-cost and short-lived instances.

Serverless Architecture Using GCP Best Practices with FAST

https://www.the-pool.tv/
Designed a serverless architecture in the Google Cloud Platform using Terraform and Google's best practices based on FAST.

I automated the whole software development lifecycle (SDLC) from development, testing, QA, and deployment to production.

I also configured all the CI/CD pipelines using GitHub Actions to automate deployments using Google Cloud Run, securing the deployments via Workload Identity Federation.
2007 - 2011

Bachelor's Degree in Information Technology

UNIBE | Universad Iberoamericana - Santo Domingo, Dominican Republic

SEPTEMBER 2024 - SEPTEMBER 2027

AWS Certified Solutions Architect – Associate

Amazon Web Services Training and Certification

JULY 2019 - PRESENT

Architecting with Google Kubernetes Engine Specialization

Coursera

MAY 2019 - PRESENT

Odoo v12 Certified Consultant

Odoo

SEPTEMBER 2016 - PRESENT

ISO 22301:2013 Lead Implementer

PECB

JUNE 2016 - PRESENT

ISO 27001:2013 Lead Auditor

PECB

FEBRUARY 2014 - PRESENT

ITIL® Foundation Certificate in IT Service Management

EXIN

JANUARY 2012 - PRESENT

Ethical Hacking and Countermeasures

EC-Council | via Udemy

Libraries/APIs

REST APIs, Auth, React, Node.js, Gigya, Amazon Rekognition

Tools

Odoo, GitHub, Terraform, Git, Google Compute Engine (GCE), NGINX, Jira, Google Kubernetes Engine (GKE), Helm, GitLab CI/CD, GitLab, Ansible, CircleCI, Microsoft Visual Studio, Sentry, SonarQube, Vault, Celery, Prisma, Jenkins, RabbitMQ, GCP Security, Docker Swarm, Grafana

Languages

Bash, Bash Script, Python, SQL, JavaScript, Rust, PHP, GraphQL, TypeScript, Go

Paradigms

DevOps, Agile, Continuous Delivery (CD), Continuous Integration (CI), DevSecOps, Automation, Serverless Architecture, Microservices Architecture, Application Architecture, Unit Testing, HIPAA Compliance, Azure DevOps

Platforms

Kubernetes, Google Cloud Platform (GCP), Docker, Linux, Google Cloud Engine, Amazon Web Services (AWS), Blockchain, Firebase, Azure, Proxmox, Knative, Ethereum, Amazon EC2, CentOS

Storage

Google Cloud, Databases, PostgreSQL, Google Cloud SQL, Database Performance, OVH, MySQL, Redis, Datadog

Industry Expertise

Project Management, Cybersecurity, System Development Life Cycle (SDLC)

Frameworks

Laravel, Django, Next.js, Material UI

Other

GitHub Actions, Solution Architecture, Cloud Architecture, Information Systems, Business Consulting, Disaster Recovery Plans (DRP), System Implementation, Enterprise Resource Planning (ERP), GitOps, Infrastructure as Code (IaC), Consulting, IT Consulting, Serverless, CI/CD Pipelines, Communication, Scripting, Architecture, Leadership, System Administration, Deployment, Site Reliability Engineering (SRE), IT Deployments, Containerization, Infrastructure, Cloud Infrastructure, Containers, Agile DevOps, IT Projects, IT Project Management, Cloud Computing, DevOps Engineer, Load Balancers, GAP Analysis, IT Systems Engineering, VPC, API Gateways, Domain-driven Design (DDD), SecOps, Release Management, Disaster Recovery Consulting, Cloud, Scalable Web Services, Cloud Engineering, Documentation, Information Security, Development, Networking, IT Automation, Product Development, APIs, Business Continuity Planning (BCP), Process Automation, Business Continuity, DNS, Autoscaling, Cloud Security, Integration, IT Security, Data Analysis, Networks, Security, IT Support, Cloudflare, Back-end Performance, Single Sign-on (SSO), API Integration, AWS Certified Solution Architect, Tax Accounting, ISO 22301, Information Security Management Systems (ISMS), ISO 27001, IT Service Management (ITSM), IT Services, Process Flows, Certified Ethical Hacker (CEH), Web Security, Ethical Hacking, ITIL 4, Cloud Migration, System Migration, Functions, Authentication, Startups, Software Development Lifecycle (SDLC), Identity & Access Management (IAM), Okta, Google Cloud Functions, Configuration Management, Google BigQuery, SOC 2, Prometheus, Data Engineering, Pub/Sub, Kubernetes Event-driven Autoscaler (KEDA), FastAPI, Identity, Ory

Collaboration That Works

How to Work with Toptal

Toptal matches you directly with global industry experts from our network in hours—not weeks or months.

1

Share your needs

Discuss your requirements and refine your scope in a call with a Toptal domain expert.
2

Choose your talent

Get a short list of expertly matched talent within 24 hours to review, interview, and choose from.
3

Start your risk-free talent trial

Work with your chosen talent on a trial basis for up to two weeks. Pay only if you decide to hire them.

Top talent is in high demand.

Start hiring