Fábio Paiva

In my current role at Eijsink, I am focused on transforming the company's infrastructure by shifting from serverless architectures to containerized applications, using Terraform for infrastructure management. My responsibilities include converting existing infrastructure deployments from CloudFormation to Terraform, ensuring a smooth and efficient transition. Additionally, I have played a key role in overhauling the authentication and authorization processes, deploying and configuring Keycloak to replace the existing solution. My work emphasizes scalability, security, and maintaining high standards of reliability across the infrastructure.

As a Software Engineer, I was responsible for overseeing the maintenance of PoR data platform infrastructure on Azure using Kubernetes to optimize performance. In addition to developing and refining Golang applications for data lake ingestion, I manage the configuration and monitoring of Prometheus metrics to ensure the health of PoR applications and infrastructure. My role also includes creating dashboards and setting alarms in Grafana to uphold system efficiency and reliability.

At Eijsink, I focused on maintaining and enhancing the company's infrastructure, primarily within AWS and Kubernetes environments. My role involved utilizing tools like CloudFormation and Terraform for infrastructure as code, along with Helm for managing Kubernetes applications. A significant part of my work was dedicated to bolstering security measures and configuring AWS accounts to ensure robust protection and compliance. I also developed multi-account deployments using Terraform, which streamlined our operational workflows. My expertise extended to configuring Kubernetes through Terraform, ensuring a seamless and efficient deployment process. Additionally, I was instrumental in setting up and managing their observability framework, integrating tools such as Grafana, Grafana Loki, Opensearch, Kinesis, and Firehose to monitor, log, and analyze system performance and health, thereby enhancing our overall infrastructure reliability and efficiency. For auditing and compliance, I created a data process combining CloudTrail events with AWS Step Functions, Lambdas and SNS in order to create a monthly report with relevant events to be observed.

As the Technical Lead at NNIP, I played a pivotal role in enhancing their cloud architecture and development processes. My key contributions included spearheading the strategic migration of main applications from a shared AWS account to multiple dedicated team environments, ensuring operational efficiency and security. I developed and implemented a robust cross-account pipeline, streamlining development workflows across various AWS accounts. Additionally, I restructured their IAM (Identity and Access Management) configuration, introducing a more secure and flexible access control mechanism. I also led the creation of a cutting-edge Data Platform using Cloud Native applications on AWS, such as AWS Step Functions and AWS MWAA, which significantly boosted our data-driven capabilities. My focus on empowering developers and data engineers with secure, structured access to AWS services was instrumental in fostering an environment of innovation and agility. My tenure at NNIP was marked by transformative initiatives that significantly enhanced the company's cloud infrastructure, setting new standards in technological advancement.

Skyworkz is a boutique cloud consultancy based in Utrecht and helps companies in their Cloud journey. In my role as cloud engineer I help companies by introducing cloud technology and improving their setup. Working with Skyworkz gives me an unfair advantage: I have access to brilliant colleagues, who have experience with a variety of technology. This helps me to come up with better solutions and to get feedback on my own ideas and implementations.

Responsible for DevOps working massively with Terraform, AWS, Gitlab CI and eventually working with Java. The current goal for the team is to build reliable and robust RESTful API's to provide and consume data to and from CRM/marketing-related applications. The whole infrastructure is configured via Terraform/Gitlab CI. It's only possible to change infra using AWS Console (manually) in the development environment, all the changes to infra are reviewed and applied as IaC using Terraform. The services are deployed and orchestrated by AWS ECS Fargate. Not only the infrastructure is deployed via CI pipelines, but services deployment is also automated in a pipeline that runs test, scan, package, container build, and release. The Zero trust concept is applied from day 1. Services are isolated in private subnets as much as possible and AWS WAF is in place. On the application level, Kong is used to route requests with the OAuth2 authentication layer and ACL control for authorization. Keycloak is used for IAM. Automation is key for the team. Everything that can be automated is automated. Just as an example, we don't use Kong or Keycloak UI, all the configuration is synced by CI pipelines, and even actions like providing credentials to a client are automated in a pipeline. The team was created less than 1 year ago but the impact on the company is already big. A pub/sub queue pattern with a retry mechanism is already helping to save precious data that were lost before when applications were connecting directly to CRM applications. Also, OAuth2 and ACL brought a huge improvement on security protecting PII data.

MYTOMMY was the Tommy Hilfiger loyalty application in Europe and was available from mid-2017 until March 2020. The application was built by an external vendor and I joined the team when PVH decided to bring the development in-house. I took the responsibility of bringing the development in-house and helped to build the team. I was responsible, technically, for recruiting 5 developers for the team. I'm really proud of the team we built, currently(November 2020), 4 of the 5 developers I helped to recruit are still working and growing within PVH. Automation was very important in this project. It used to use Github with Travis CI for deployments and got migrated to Gitlab CI in a later stage. The iOS mobile application build was automated using Bamboo CI and Fastlane. Unfortunately, the project got phased out before finishing the ongoing Android build automation. It would use Gitlab CI with Fastlane. The whole infrastructure was deployed using Gitlab CI and Terraform after migrating to AWS.

At Chama, I worked on the development of the portal application used by partners that sell their products on Chama's platform. It was a standard React/Redux web application consuming data from the Firebase database.

At Innovactory, initially, I was responsible for maintaining a web application that runs embedded in one of their mobile applications TimesUp. At a later stage, the company decided to rewrite the application using React Native and I could help on-boarding the existing team to the React/React Native world. The migration to React Native brought several benefits to the team, as they were spending a lot of time to develop the almost identical Android and iOS applications using different technologies. Besides sharing knowledge with the team, I was also responsible for building all React Native components related to MapBox. During this project, I could learn more about React Native. Working with map markers and coordinates can be quite challenging given how React Native bridge works. It required some deep optimizations to have the maps working correctly.

SixtyMe was a startup focused on bring recruitment to the next level, allowing candidates to share in a 60 seconds video why they are the right one for companies looking for very specific talents. The big challenge for this application was having a highly available platform across the world. The application was deployed to AWS in different parts of the world and Route53 would route the connections to the nearest region by checking the lowest latency. DocumentDB was not available by the time, so, I had to configure MongoDB heartbeats and replications to keep the databases in sync across the world.

At Praxis Softwares Gerenciais I worked on the development of the I10 Bibliotecas application. I10 Bibliotecas was a web application used by libraries to have control over their books and a social network for library members. The tech stack was a monolith PHP/MySQL application built with Zend Framework configured with Vagrant. The application was running on AWS using EC2 instances, Auto Scaling groups, and a Load Balancer. My best contributions to the project were starting the migration from Zend Framework 1 to Symfony, started creating React web components, and introducing the concept of 3 tier applications.

accessART is a global online platform linking hand-picked artists to young art buyers that are looking for something unique, yet affordable. At accessART I worked on replacing the WordPress website with a custom-tailored application built with MEAN JS.

During this period I worked on creating web applications for medical companies at Thor Sistemas and several different side projects using PHP and Javascript(frontend and backend) using frameworks like AngularJS, API development with Zend Apigility, and cloud management (AWS and Digital Ocean). Initially, my projects used a handcrafted PHP/Mysql application deployed in a Linux server running on Digital Ocean. At a later stage, I started migrating/creating applications using the 3 tier application pattern, with Zend Apigility for building APIs and Angular for the frontend. I also started using AWS to deploy applications.

At Paranet I worked on their web application using PHP/MySQL, Javascript, CSS, and HTML. My first experience using versioning control (SVN, GIT)

I worked in various roles: freelance developer, founder, entrepreneur, linux sysadmin etcetera. Small teams, a variety of technologies and a lot of fun