Paulo Henrique de Souza Pigatto, Developer in São Paulo - State of São Paulo, Brazil
Paulo is available for hire
Hire Paulo

Paulo Henrique de Souza Pigatto

Verified Expert  in Engineering

DevOps Engineer and AWS Developer

Location
São Paulo - State of São Paulo, Brazil
Toptal Member Since
March 7, 2022

Paulo is a talented and self-taught DevOps engineer who strongly believes in lifelong learning and hands-on experience. He started as a developer using a variety of programming languages and then specialized in cloud infrastructure, like AWS and DevOps engineering. With over seven years of experience working on IT for diverse sectors, Paulo adds excellent knowledge to each step of the development process, supporting other developers in creating scalable, cloud-native, and reliable solutions.

Software EngineeringAmazon RDSAWS DevOpsCloud InfrastructureInfrastructure as Code (IaC)CloudCloud ArchitectureTransport Layer Security (TLS)LinuxGitHubRedisBashAmazon EC2Amazon S3 (AWS S3)DevOpsAWS Cloudfront

Portfolio

MedGeo Ventures
GitHub, Databases, AWS Lambda, Terraform, AWS CloudFormation, AWS IAM...
Brex
Python, Terraform, Kubernetes, DevOps, Infrastructure as Code (IaC)...
Pocket Network
Blockchain, Kubernetes, Amazon Web Services (AWS), Terraform, Datadog, Linux...

Experience

Node.js - 7 yearsAWS Lambda - 6 yearsAmazon Web Services (AWS) - 6 yearsDocker - 6 yearsDevOps - 6 yearsTerraform - 5 yearsKubernetes - 3 yearsSite Reliability Engineering (SRE) - 3 years

Availability

Part-time

Preferred Environment

Node.js, Terraform, DevOps, AWS Lambda, Amazon Web Services (AWS)

The most amazing...

...system I've worked on was globally distributed across 12 regions and served over one billion daily requests for over 30 blockchains.

Work Experience

Senior AWS Cloud DevOps Engineer

2022 - PRESENT
MedGeo Ventures
  • Deployed and managed a serverless infrastructure entirely through infrastructure as code (IaC), using AWS CloudFormation, composed of over 25 Lambdas and over 10 Amazon ECS services running on AWS Fargate.
  • Created and maintained over 35 pipelines on AWS CodePipeline and GitHub Actions, from deploying and promoting code to scheduling and automating ETL workflows.
  • Spearheaded the implementation of an architecture based on Amazon CloudFront, AWS ALB, and Amazon Certificate Manager (ACM) to support multi-tenants in a clean and scalable manner.
  • Collaborated on many architecture and code decisions.
Technologies: GitHub, Databases, AWS Lambda, Terraform, AWS CloudFormation, AWS IAM, Containers, AWS Cloud Architecture, Amazon RDS, AWS CodeBuild, Scripting, AWS CodeDeploy, AWS CodeCommit, AWS Fargate, ECS, Load Balancers, DevOps, Amazon Aurora, Amazon API Gateway, Amazon Web Services (AWS), Amazon CloudFront CDN, DNS, Amazon Virtual Private Cloud (VPC), CORS, Elasticsearch, Amazon EC2, Amazon S3 (AWS S3), Amazon CloudWatch, Monitoring, Cloud Architecture, Docker, Software Engineering, Amazon Elastic Container Service (Amazon ECS), Networking, Architecture, Transport Layer Security (TLS), APIs

Senior IT Systems Engineer

2023 - 2024
Brex
  • Deployed and maintained an internal automation platform based on Retool and Python libraries for day-to-day IT operations.
  • Managed GitHub Actions workflows actively to automate operations, application patching, library versioning and publishing, IaC, etc.
  • Collaborated with many teams to maintain, improve, and integrate new features on critical internal systems, such as Okta, Duo, Slack, GitHub, Google Workspace, VPN, etc.
Technologies: Python, Terraform, Kubernetes, DevOps, Infrastructure as Code (IaC), GitHub Actions, Docker, Datadog, Retool, Amazon RDS, Transport Layer Security (TLS), Helm, APIs

DevOps Engineer

2022 - 2023
Pocket Network
  • Maintained over 30 blockchains on the platform, ensuring they were up-to-date, reliable, and ready to support over 1 billion daily requests in case of protocol failures.
  • Broke knowledge silos and created an automated process to onboard new blockchains into the network, which resulted in over ten blockchains being onboarded in record time.
  • Monitored blockchains actively, researched for the best instances and storage resources for each use case, and saved over $200,000 per year in cloud costs.
Technologies: Blockchain, Kubernetes, Amazon Web Services (AWS), Terraform, Datadog, Linux, TypeScript, CI/CD Pipelines, Node.js, Serverless Framework, Docker, Open Source, AWS DevOps, Google Kubernetes Engine (GKE), GitHub, Cloudflare, Observability Tools, Redis, VPN, Web Security, React, Continuous Delivery (CD), Continuous Integration (CI), Cloud Infrastructure, Scalable Application, Microservices, Linux Administration, Bash, Infrastructure as Code (IaC), Cloud, Containerization, Orchestration, Scripting Languages, Python, Amazon Virtual Private Cloud (VPC), AWS IAM, Amazon CloudFront CDN, CORS, Amazon EC2, Amazon S3 (AWS S3), Amazon RDS, Amazon CloudWatch, Monitoring, Cloud Architecture, Software Engineering, Amazon Elastic Container Service (Amazon ECS), Networking, Scripting, Architecture, Transport Layer Security (TLS), Helm, APIs, Ethereum, RPC

Senior Software Engineer

2021 - 2021
Banco Itaú
  • Collaborated with solutions architects from the bank and AWS to design a modernized system for loan booking, which had to support over 250 thousand loans per day.
  • Spearheaded the design and implementation of a background job to guarantee the consistency of unique identifiers with legacy mainframe systems. It was based on AWS Lambda and designed to support the usual load of 250 thousand loans and above.
  • Coordinated and implemented API contracts to expose microservices that comply with the bank's semantic and security guidelines.
  • Coordinated and implemented monitoring and alerting of four microservices that comply with the bank's operational guidelines.
Technologies: Java, Spring Boot, ECS, AWS Fargate, AWS Lambda, Python, Splunk, AppDynamics, AWS CloudFormation, Terraform, Amazon API Gateway, Grafana, Prometheus, Amazon DynamoDB, Linux, Amazon Web Services (AWS), AWS DevOps, GitHub, Observability Tools, Redis, VPN, Web Security, Continuous Delivery (CD), Continuous Integration (CI), Cloud Infrastructure, CI/CD Pipelines, Scalable Application, Microservices, Linux Administration, Bash, Infrastructure as Code (IaC), Cloud, Containerization, Orchestration, Scripting Languages, Amazon Virtual Private Cloud (VPC), AWS IAM, Amazon CloudFront CDN, CORS, Amazon EC2, Amazon S3 (AWS S3), Amazon RDS, Amazon CloudWatch, Monitoring, Cloud Architecture, Docker, Software Engineering, Amazon Elastic Container Service (Amazon ECS), Networking, Scripting, Architecture, Transport Layer Security (TLS), APIs

DevOps Engineer

2020 - 2020
Caylent
  • Performed load tests for the primary user journey, provided data and debated with AWS support for an increase in the account's Lambda concurrent execution quota to 30,000 to support a promotional event.
  • Implemented a web application firewall (WAF) with standard and custom rules for better security and to mitigate purposeful and organic distributed denial-of-service (DDoS) under load.
  • Spearheaded the monitoring and alerting of an Amazon Aurora cluster and over 200 Lambdas using Datadog.
Technologies: Node.js, Serverless Framework, Terraform, AWS CloudFormation, Amazon CloudFront CDN, Amazon RDS, Amazon Aurora, Datadog, AWS Lambda, GraphQL, Apollo Server, Web Application Firewall (WAF), Linux, Amazon Web Services (AWS), AWS DevOps, GitHub, Cloudflare, Observability Tools, Redis, VPN, Web Security, Continuous Delivery (CD), Continuous Integration (CI), Cloud Infrastructure, CI/CD Pipelines, Scalable Application, Microservices, Linux Administration, Bash, Infrastructure as Code (IaC), Cloud, Containerization, Orchestration, Scripting Languages, Python, Amazon Virtual Private Cloud (VPC), AWS IAM, CORS, Amazon EC2, Amazon S3 (AWS S3), Amazon CloudWatch, Monitoring, Cloud Architecture, Docker, Software Engineering, Amazon Elastic Container Service (Amazon ECS), Networking, Scripting, Architecture, Transport Layer Security (TLS), Helm, APIs

DevOps Engineer

2020 - 2020
TOTVS
  • Developed and maintained a serverless ETL for Jira and Zendesk, more than 3 million records were aggregated in DataStudio dashboards and supported project managers, the architecture was very optimized and costed less than $10 a month.
  • Collaborated with other specialists to design a telemetry hub that would be used by all products in the Retail and Distribution segment.
  • Collaborated with all the products in the Retail and Distribution segment with DevOps expertise, research of new technologies and systems design.
Technologies: Google Cloud Platform (GCP), PostgreSQL, Google BigQuery, Jira REST API, Zendesk API, Google Cloud Functions, Azure, Azure Kubernetes Service (AKS), Kubernetes, Docker, Google Pub/Sub, Linux, Amazon Web Services (AWS), GitHub, Observability Tools, Redis, VPN, Web Security, Continuous Delivery (CD), Continuous Integration (CI), Cloud Infrastructure, CI/CD Pipelines, Scalable Application, Microservices, Linux Administration, Bash, Infrastructure as Code (IaC), Cloud, Containerization, Orchestration, Scripting Languages, Python, CORS, Monitoring, Cloud Architecture, Software Engineering, Networking, Scripting, Architecture, Transport Layer Security (TLS), APIs

DevOps Engineer

2019 - 2020
BossaBox
  • Provided engineering support regarding infrastructure, CI/CD pipelines, architecture, and processes to all product squads.
  • Created production-ready landing zones on AWS for remote product squads using infrastructure as code (IaC).
  • Implemented tracking and improved observability of the internal platform entirely based on AWS Lambda.
Technologies: Node.js, GitLab, GitLab CI/CD, Google Cloud Platform (GCP), Java, Spring Boot, Distributed Tracing, MongoDB, Linux, Amazon Web Services (AWS), TypeScript, AWS DevOps, GitHub, Cloudflare, Observability Tools, Redis, VPN, Web Security, React, Continuous Delivery (CD), Continuous Integration (CI), Cloud Infrastructure, CI/CD Pipelines, Scalable Application, Microservices, Linux Administration, Bash, Infrastructure as Code (IaC), Cloud, Containerization, Orchestration, Scripting Languages, Terraform, Python, Amazon Virtual Private Cloud (VPC), AWS IAM, Amazon CloudFront CDN, CORS, Amazon EC2, Amazon S3 (AWS S3), Amazon RDS, Amazon CloudWatch, Monitoring, Cloud Architecture, Docker, Kubernetes, Software Engineering, Amazon Elastic Container Service (Amazon ECS), Networking, Scripting, Architecture, Transport Layer Security (TLS), APIs

Full-stack Developer

2018 - 2019
Swipe
  • Performed load tests and developed a report for the Brazilian Central Bank (BACEN) to suggest a new instant payment infrastructure. The prototype was based on the Stellar protocol and could achieve 105+ transactions per second without degradation.
  • Built capabilities and affordances to create private networks based on the Stellar protocol using Terraform and AWS. Over five big clients were prototyping with it.
  • Managed all the AWS infrastructure and CI/CD pipelines.
Technologies: Node.js, Kotlin, Stellar SDK, Blockchain, Terraform, Datadog, AWS Lambda, PostgreSQL, AWS Elastic Beanstalk, Linux, Amazon Web Services (AWS), TypeScript, AWS DevOps, GitHub, Observability Tools, Redis, VPN, Web Security, React, Continuous Delivery (CD), Continuous Integration (CI), Cloud Infrastructure, CI/CD Pipelines, Scalable Application, Microservices, Linux Administration, Bash, Infrastructure as Code (IaC), Cloud, Containerization, Orchestration, Scripting Languages, Python, Amazon Virtual Private Cloud (VPC), AWS IAM, Amazon CloudFront CDN, CORS, Elasticsearch, Amazon EC2, Amazon S3 (AWS S3), Amazon RDS, Amazon CloudWatch, Monitoring, Cloud Architecture, Docker, Software Engineering, Amazon Elastic Container Service (Amazon ECS), Networking, Scripting, Architecture, Transport Layer Security (TLS), APIs, Heroku, RPC

Junior Full-stack Developer

2017 - 2018
Grupo Ambipar
  • Developed and maintained a system for the procurement department to manage their process end-to-end. Over 100 internal customers used it daily, and more than 10,000 suppliers were in the database and interacted with the system regularly.
  • Built and maintained a system for the archive department to manage and safely store company documents. This solution is being used by over ten internal customers every day.
  • Created and maintained an internal employee reward system, regularly used by over 100 internal customers.
Technologies: PHP, Laravel, Node.js, MongoDB, MySQL, Windows Server, Apache, Linux, Amazon Web Services (AWS), GitHub, Continuous Delivery (CD), Continuous Integration (CI), Cloud Infrastructure, CI/CD Pipelines, Scalable Application, Scripting Languages, Software Engineering, Scripting, Architecture, APIs

Modernization of a Loan Booking Architecture for the Biggest Private Bank of LATAM

Itaú is the biggest private bank of LATAM and has a huge legacy architecture based on mainframes. In their modernization effort, I worked on a product team organized in an SRE fashion, aiming to improve the core system responsible for booking loans. During this process, I led the solutions architecture meetings since my team members were not too versed in English. We worked closely with AWS architects and consultants to design a modern and sustainable solution that would account for future system demands and evolvability.

I was responsible for deploying most of the infrastructure using Terraform and CloudFormation, exposing the applications according to the bank's compliance and tools, and setting up observability using Splunk and AppDynamics.

Migration of a Blockchain Infrastructure to Kubernetes

Pocket had a legacy architecture based on EC2 instances to host Blockchain nodes that served as backups and could be queried to validate network response for security and integrity. I worked as a DevOps engineer in a team of four to keep all of this up, running, and patched. When we started adding more Blockchains to the platform, we realized this approach was not scalable, so we initiated a project to migrate everything to Kubernetes and chose GKE for that.

So we did the following:
• Built a GitHub Actions workflow to build and push updated images from blockchain clients automatically. (https://github.com/pokt-foundation/docker-images)
• Deployed three clusters in three different regions using GKE.
• Built a snapshotter application to stop blockchain containers, create a snapshot of the disk, and replicate it across regions
• Built a sidecar to check the blockchain node health and block height and availability. (https://github.com/pokt-foundation/chain-healthcheck-sidecar)
• Managed the blockchain nodes through ArgoCD.

LIFT Prototype

https://medium.com/@swipetech/dlt-for-fast-payments-a-proof-of-concept-69be579e3d89
A prototype based on the Stellar protocol. It was presented to the Brazilian Central Bank (BACEN) as a possible solution for the new instant payment ecosystem. After the LIFT program, BACEN decided to build their system, Pix, which is already well spread amongst Brazilian consumers.

I was responsible for:
• Creating Terraform stacks so we could scale the application to dozens of machines
• Writing Locust tasks and gathering results of the load tests
• Interpreting the results to help write the report
• Finding quick wins on the code and infrastructure to get better results

Alle Loyalty

https://alle.com/
A loyalty program for Allergan products. I was one of the DevOps engineers working to ensure their promotional Botox Day was a success. It was possible through infrastructure as code (IaC), security improvements, load testing, capacity planning, and system optimizations, such as using read replicas. The Botox Day was indeed a success, achieving 530,000 unique visitors, more than 1,100 requests per second during peak, over 260 requests per second on average, and more than 30,000 Lambda concurrent executions.
OCTOBER 2021 - OCTOBER 2024

Certified Kubernetes Administrator

The Linux Foundation

OCTOBER 2020 - OCTOBER 2023

AWS Certified Cloud Practitioner

Amazon Web Services

OCTOBER 2020 - OCTOBER 2023

AWS Certified Solutions Architect Professional

AWS

DECEMBER 2019 - OCTOBER 2023

AWS Certified Solutions Architect Associate

AWS

Libraries/APIs

Node.js, Jira REST API, Zendesk API, React

Tools

Terraform, Amazon CloudFront CDN, GitHub, VPN, AWS IAM, Amazon Virtual Private Cloud (VPC), Amazon CloudWatch, Amazon Elastic Container Service (Amazon ECS), Google Kubernetes Engine (GKE), Helm, Apache, Stellar SDK, Azure Kubernetes Service (AKS), AWS Fargate, Splunk, AppDynamics, AWS CloudFormation, Grafana, GitLab, GitLab CI/CD, AWS CodeBuild, AWS CodeDeploy, AWS CodeCommit, Retool

Languages

Python, Bash, Java, PHP, Kotlin, GraphQL, TypeScript, JavaScript

Platforms

AWS Lambda, Kubernetes, Linux, Docker, Amazon Web Services (AWS), Amazon EC2, Google Cloud Platform (GCP), Blockchain, Heroku, Ethereum, Windows Server, AWS Elastic Beanstalk, Azure

Paradigms

DevOps, Continuous Delivery (CD), Continuous Integration (CI), Scalable Application, Microservices, Load Testing

Storage

Redis, Amazon S3 (AWS S3), MongoDB, MySQL, Datadog, PostgreSQL, Amazon DynamoDB, Amazon Aurora, Databases, Elasticsearch

Frameworks

Laravel, Spring Boot, Locust, Serverless Framework

Other

Amazon RDS, CI/CD Pipelines, AWS DevOps, Observability Tools, Cloud Infrastructure, Linux Administration, Infrastructure as Code (IaC), Cloud, Containerization, Orchestration, Scripting Languages, Scripting, CORS, Monitoring, Cloud Architecture, Software Engineering, Architecture, Transport Layer Security (TLS), APIs, Cloudflare, Web Security, Networking, RPC, Site Reliability Engineering (SRE), Google BigQuery, Google Cloud Functions, Google Pub/Sub, ECS, Amazon API Gateway, Prometheus, Apollo Server, Distributed Tracing, Web Application Firewall (WAF), Open Source, Containers, AWS Cloud Architecture, Load Balancers, DNS, GitHub Actions, Argo CD, Web3, Shell Scripting, AWS CodePipeline

Collaboration That Works

How to Work with Toptal

Toptal matches you directly with global industry experts from our network in hours—not weeks or months.

1

Share your needs

Discuss your requirements and refine your scope in a call with a Toptal domain expert.
2

Choose your talent

Get a short list of expertly matched talent within 24 hours to review, interview, and choose from.
3

Start your risk-free talent trial

Work with your chosen talent on a trial basis for up to two weeks. Pay only if you decide to hire them.

Top talent is in high demand.

Start hiring