Arthur Duarte
Verified Expert in Engineering
Cloud Architect and Developer
Arthur is an AWS Professional Certified Cloud Architect who has worked on global projects, positively impacting the lives of millions of users through cloud migrations to high availability and disaster recovery solutions. He has also implemented CI/CD pipelines to ensure the continuous delivery of high-quality solutions. Arthur maximizes scalability and efficiency for an excellent user experience, applying his advanced knowledge of cloud management tools like Terraform and CloudFormation.
Portfolio
Experience
Availability
Preferred Environment
Amazon Web Services (AWS), Terraform, AWS CloudFormation, Infrastructure as Code (IaC), AWS Cloud Development Kit (CDK), AWS DevOps
The most amazing...
...thing I've designed is the first AWS RDS Aurora cluster-managed unplanned failover, which auto-changes the write node to another region without downtime.
Work Experience
DevOps Engineer
Stern Pinball, Inc
- Orchestrated the successful implementation of AWS landing zone in conjunction with AWS SSO, driving enhanced resource management, robust AWS account isolation, and streamlined user access management across systems.
- Spearheaded the implementation of network security measures, including AWS Client VPN, to enforce secure remote access to critical resources and the widespread adoption of Session Manager for all instances to eliminate direct SSH access.
- Leveraged Terraform for Infrastructure as Code (IaC) implementation, skillfully importing the existing infrastructure into the codebase, enabling seamless integration and deployment without the need for destructive rebuilds.
- Provided expert consultation, leveraging in-depth AWS knowledge and FinOps expertise to guide stakeholders in making informed decisions regarding optimal resource selection and cost reduction strategies on the AWS platform.
- Reduced the monthly bill by more than $6,000 by implementing FinOps together with architect techniques, enabling investment in more infrastructure to speed the company software deliveries.
Senior Cloud Specialist
International Computing Centre
- Conducted a thorough analysis of internal AWS projects, uncovering opportunities for improved security, performance, and cost reduction through data-informed insights.
- Spearheaded the complete, secure documentation for implementing AWS Session Manager, following best practices in security and infrastructure-as-code to meet UN security standards for consistent, secure implementation.
- Pioneered the development of a proof of concept for innovative AWS technologies, conducting tests to evaluate their viability and potential for project implementation, driving improvements for future designs.
- Oversaw the AIDA cloud architecture on AWS, ensuring compliance and validating the technical roadmap. Successfully launched phase 2, providing scalable and efficient solutions that elevate AIDA's ability to offer actionable insights in global development.
Engineer
Amplify Group Inc
- Migrated the users' accounts from Microsoft 365 to Google Workspace. This included all the mail accounts, emails, and calendars.
- Performed the DNS migration from Microsoft 365 back to GoDaddy and organized the DNS management. Also, I set up the entries to make the migration switch to Google Workspace without downtime.
- Migrated 50 GB of data from OneDrive to Google Drive.
DevOps Engineer
AmVentureX Inc. (DBA BioCoach)
- Orchestrated the implementation of a complete AWS landing zone, ensuring a robust and secure cloud environment tailored for HIPAA compliance in the production account.
- Adhered to HIPAA guidelines meticulously, integrating these standards into the AWS infrastructure to prepare it for compliance auditing.
- Demonstrated a comprehensive understanding of the specific healthcare data protection and privacy needs within the cloud infrastructure.
- Showcased strong capability in strategic planning and execution within the AWS ecosystem.
DevOps Engineer
FormulaRx Inc
- Orchestrated the implementation of a complete AWS landing zone, ensuring a robust and secure cloud environment tailored for HIPAA compliance in the production account.
- Adhered to HIPAA guidelines meticulously, integrating these standards into the AWS infrastructure to prepare it for compliance auditing.
- Demonstrated a comprehensive understanding of the specific healthcare data protection and privacy needs within the cloud infrastructure.
- Showcased strong capability in strategic planning and execution within the AWS ecosystem.
AWS DevOps | Communication Market
Ttdrs Intermediacao e Agenciamento de Negocios de Entretenimento LTDA
- Conducted damage analysis on AWS following a security breach and resource abuse incident. This involved dealing with attacks across all AWS regions, necessitating the development of automated scripts to remove resources deployed by the attacker.
- Performed a detailed investigation into the incident's timeline and entry points by analyzing CloudTrail logs. This analysis enabled me to pinpoint the attack's method and timing accurately.
- Played a key role in the project to enhance AWS account security, ensuring that the upcoming application launch adheres to AWS's best practices. This experience has significantly strengthened my cloud security and resource management skills.
AWS Cloud Architect
Blue Saturn
- Spearheaded the implementation of AWS landing zone, seamlessly integrated with AWS SSO, to enhance resource management capabilities, institute stringent AWS account isolation protocols, and devise a comprehensive user access control framework.
- Conceived and articulated sophisticated architectural designs for the solution, incorporating intricate data flows and an underlying infrastructure composed exclusively of serverless resources within the AWS ecosystem.
- Engineered an agile CI/CD pipeline utilizing GitHub Actions and the Serverless Framework. This integration streamlined the code deployment process, enhanced productivity, and ensured rapid, reliable, and consistent delivery of features and updates.
AWS DevOps Engineer
Premier Lacrosse League, Inc.
- Orchestrated the implementation of the AWS landing zone, synergized with AWS single sign-on (SSO), to bolster resource management capabilities, ensuring stringent isolation of AWS accounts and crafting a refined user access management schema.
- Engineered a robust infrastructure overhaul and orchestrated strategic upgrades. Calibrated to accommodate traffic surges and ensure ultra-high availability during peak periods preceding gaming seasons.
- Functioned as a subject matter expert in the AWS ecosystem, providing incisive consultation on resource selection and cost optimization strategies, leveraging FinOps principles to drive operational efficiency and cost-effectiveness.
AWS Cloud Architect
Maestria Law
- Created the AWS landing zone using AWS Control Tower and migrated workloads from the main account to the production account.
- Built an ETL pipeline on AWS using various resources such as DynamoDB, Glue, Athena, EC2, Lambda, SNS, SQS, EKS, and ECS. The project focused on costs, so available resources were used to achieve the objective while controlling costs.
- Implemented an architecture focused on the use of internal communication via VPC endpoints. This also included a Milvus cluster running on EKS that was completely private.
AWS Cloud Architect
F45 Training Incorporated
- Created the AWS infrastructure architectures and CI/CD pipelines with AWS DevTools, coordinating with a team of engineers and developers, with a delivery deadline of fewer than two weeks.
- Designed an architecture for a CI/CD pipeline using AWS DevTools and Terraform, with manual approval gates for production and the possibility of automatic gates in the testing phase.
- Created CI/CD pipelines for both application and infrastructure, possibly combining them to have a single pipeline for the entire application and its needs. This pipeline also built the test environment from scratch whenever necessary, saving costs.
AWS and Terraform Consultant
Curva
- Designed and implemented an efficient architecture for WebSphere servers using the Red Hat Linux operating system with Terraform. This solution ensured high performance and stability for the WebSphere platform.
- Performed in-depth cost analyses for infrastructure projects on AWS, ensuring that implemented solutions were cost-effective and within budget. These analyses provided a solid basis for financial decisions and project budget management.
- Conducted careful reviews of solution designs to ensure they were optimally implemented on AWS. The analyses included assessing business needs, identifying optimization opportunities, and defining recommendations for implementing the solution.
AWS Cloud Architect
Grange Insurance
- Led a security and compliance improvement initiative aimed at reducing the number of vulnerabilities and compliance issues in over 100 Lambda functions, resulting in a significant improvement in system security.
- Provided an automatic solution design for deploying baselines and resources across multiple AWS accounts using Terraform, enabled by a JSON or YAML configuration file.
- Implemented the BeyondTrust Password Safe Cloud security solution to replace the previous on-premises version, enabling secure access to sensitive data and offering a more flexible and easily accessible solution.
- Migrated 24 accounts—without service interruption—from one AWS Organizations service to another, which was already properly configured with Control Tower and SSO.
- Created clear documentation on enforcing Lambda functions and identity and access management (IAM) policies—effectively adopted by the company's cloud center of excellence—providing a solid foundation to consistently and securely implement solutions.
AWS Cloud Architect
Booz Allen Hamilton
- Performed the integration between AWS and Slack, using ChatBot for AWS resource notifications and Lambda for custom and application notifications. The integration made communication more efficient and convenient.
- Designed, architected, and implemented Global Accelerator to increase the speed of changing regions and reduce the number of AWS resources, improving the connection to the internal network. This solution eliminated the need for a VPC DMZ.
- Acted as a Well-Architected Framework reviewer for AWS implementations, both within companies and for customers, ensuring the quality and compliance of implemented solutions.
- Used AWS CDK and Typescript to develop AWS resources and Jenkins to automate deployments.
- Implemented the CDK's custom multi-region feature for deployment in two different regions, enabling data replication for disaster recovery.
AWS Solutions Architect
Abastece Aí
- Implemented the basic network infrastructure within and between AWS accounts using Terraform, ensuring a consistent and streamlined setup. This provided a solid foundation for future projects and ensured efficient resource utilization.
- Created and implemented a network hub solution using AWS Transit Gateway—enabling routing between AWS accounts, other clouds such as GCP and Oracle, partners, and VMC on AWS—allowing the creation of an IAM-federated AWS Client VPN.
- Adapted CloudWatch resource monitoring to all Terraform repositories, ensuring every resource creation and modification had its appropriate monitoring implemented on AWS.
- Designed databases to be sources for a data lake created in GCP in a specific AWS account for data. Used Transit Gateway to reach AWS accounts, on-premise environments, and AWS DMS for granular data synchronization.
- Devised and built—in less than 30 days—a disaster recovery architecture for the company's flagship digital wallet using best practices and an elasticsearch solution with cross-region replication using DynamoDB and Lambda functions.
- Developed the first AWS RDS Aurora cluster managed unplanned failover. It allowed the implementation of the RDS Aurora cluster in a disaster recovery environment with an automatic change of the write node to another region, avoiding downtime.
- Provided a hosting solution for the company's website utilizing limited on-premises DNS and AWS resources. Implemented a non-conventional solution using Global Accelerator, EC2, S3, and CloudFront.
- Oversaw the migration of Brazil's oldest and most famous online loyalty program with over 20 million users. It involved moving many servers from on-premises to a multi-cloud solution. It was such a large project that AWS considered making it a case.
- Produced an ephemeral development environment solution so different dev areas could have their own dev environment, which would be taken down and rebuilt when necessary. Used a CI/CD pipeline with AWS CodePipeline and Terraform workers.
- Assisted in implementing a data lake on GCP where all data was collected from databases in different AWS accounts and placed into a data source also in AWS. This was a project partially sponsored by Google.
AWS Consultant
Same No More
- Assisted with EC2 server maintenance and implementation of security measures for the AWS account and resources, making the application run on a more robust yet cost-effective infrastructure architecture.
- Made improvements to the application with the development team for better performance. I implemented New Relic for application tracing, which was not previously available.
- Performed FinOps work to identify excessive spending with Cloud providers and helped reduce resources during the pandemic to run the application with the minimum necessary, as the client wouldn't be providing their services during that time.
AWS Consultant
Lexnautas
- Designed a feature using AWS resources that displayed a "standby" screen outside business hours. This reduced AWS cloud infrastructure costs by over 60% using Route 53 Health Checks and S3.
- Migrated a complete infrastructure hosted on a private cloud to AWS in under a month. This lift-and-shift migration was modified with a high-standard VPC design.
- Assisted the client in making cloud cost decisions and analyzing the assumption of server costs provisioned by another company. This resulted in further cost reduction, and the client didn't have to retain infrastructure above their needs.
Systems Integration Developer
Duoshiro
- Created a system that allowed for the migration of eCommerces from the XTech to Nuvemshop. This migrated all products, categories, sales, customers, and history, enabling clients to keep their activities due to the closure of the old platform.
- Developed an integration between a custom ERP system that used SOAP to integrate with the REST-based Nuvemshop platform. This integration allowed the client to publish over 600 products on their new eCommerce.
- Built the first multi-store project on the Nuvemshop platform, enabling quick franchise setup with API integration of products and categories from the main store. This got featured on the Nuvemshop platform.
AWS Consultant
CarroAluguel
- Performed server migration from private cloud to AWS Brazil region, improving network infrastructure and application performance while achieving a 50% cost reduction.
- Assisted in upgrading web servers from Apache to Nginx, resulting in a 33% performance gain for the application.
- Implemented a local email server for all employees using AWS integration, daily backups saved in S3 buckets, reducing email infrastructure costs while maintaining secure operation and data backup.
AWS Infrastructure and Monitoring Specialist
Agrotopus
- Collaborated with the IoT team to develop a tractor monitoring system with a PHP-based management dashboard powered by Zabbix. Utilized EC2 and RDS on AWS for server management, leading to a 50% improvement in daily support actions.
- Developed a weather API monitoring system using Zabbix, with alerts displayed on office TVs through Chromecast and Raspberry Pi streaming. This resulted in proactive action and prevented downtime in the team's proactive reaction.
- Prevented potential losses during a new product launch by conducting a thorough software team analysis, leading to the identification and resolution of a crashing issue with over 10 user logins.
eCommerce and Web Developer
Duoshiro
- Implemented custom functionality for clients with virtual stores on the Nuvemshop platform, from simple custom fields in product screens to complex systems for generating custom products with over 200 images each.
- Created virtual stores on different platforms, including Nuvemshop, XTech, WordPress WooCommerce, Magento, Loja, and Integrada.
- Brought the company to be among the top 10 partners of the Nuvemshop platform, competing with big market players. When Nuvemshop clients needed complex feature development, we were called.
- Developed the first digital product delivery system for the Nuvemshop platform, consisting of two systems, one managing digital products and the other for delivery using Amazon SES for email delivery and integrated with the platform via REST API.
IT Infrastructure and Security Manager
MalaPronta
- Eliminated local testing environment by creating a comprehensive AWS-based one. Cost reduction is achieved through auto-start and stop routines. This accelerated delivery by the QA team and faster availability of new customer functionalities.
- Developed a dedicated server for cron jobs to alleviate the overloading of application servers. Resulting in reduced downtime and a dedicated server for running specific tasks with monitoring.
- Implemented Zabbix monitoring for autoscaling instances and added New Relic for complete visibility of the application, enabling a proactive instead of a reactive approach for the team.
- Assisted with the PCI-DSS certification process by focusing on network compliance to meet necessary standards.
IT Analyst
Verti Tecnologia
- Assisted in the PCI-DSS certification process by providing the auditor with software, hardware, and physical facility information to ensure comprehensive compliance.
- Led the re-cabling and datacenter reconstruction process to align with best practices for PCI-DSS certification and maintain compliance during renewal.
- Designed a comprehensive security camera and video recording system, including a reliable backup solution, enhancing daily protection for employees.
Chief System Administrator
Kii Corporation
- Leveraged Zabbix's auto-recovery feature to handle first-level support and reduced 60% of the system admin workload, freeing up time for more projects.
- Developed a data portal for the investment team using Drupal as a base, enabling them to analyze app performance and identify potential investment opportunities. This resulted in a significant increase in the company's portfolio.
- Assisted the web app development team in fixing CSS front-end issues, which hindered their ability to find someone capable. With my Zabbix-controlled sysadmin tasks under control, I could lend a hand and contribute to the company's efforts on this.
- Detected potential hacking threats in company servers in China and acted quickly to remediate them, increasing security and avoiding costly fines.
Knowledge Analyst 1 | Support
Oracle
- Led technical implementation and maintenance of Sun Microsystems' official courses, delivered by multiple external providers.
- Improved customer support experience by creating email templates aligned with the company brand and colors, making a strong visual impression on clients.
- Enabled digital features for Oracle's global online courses, serving thousands of learners worldwide.
Linux System Administrator and Web Programmer
Servo Software
- Implemented a centralized authentication solution using an LDAP server and Atlassian Crowd for Jira and Confluence, resulting in increased security for servers and systems and a centralized user management location.
- Implemented secure server maintenance and updates on AWS EC2, including security patches, new server deployments, and backup routines.
- Implemented version control systems like Subversion, Mercurial, and Git to improve the development process for various teams in the company.
Application Support Administrator
Sun Microsystems
- Collaborated with team to develop a tool streamlining course file preparation, reducing prep time from 30 min to two min, significantly improving the team's productivity and efficiency.
- Implemented and prepared official Java and Solaris courses for all company providers, including the partner area. Achieved five exceptional work awards.
- Optimized course set-up time by 70% using browser automation bots, streamlining the course set-up process for providers.
Experience
Design of the First AWS RDS Aurora Cluster Managed Unplanned Failover
Cloud-based Game Streaming
Technologies used:
AWS EC2
NVIDIA T4 GPU
Windows Server
Steam Gaming Platform
Project description:
In the early days of cloud-based game streaming, such services were unavailable in Brazil, and VPN solutions provided unplayable latencies. AWS EC2 instances equipped with Windows Server and NVIDIA T4 GPUs were leveraged to tackle this challenge.
The project was implemented in the São Paulo AWS region, which yielded a sub-3ms latency, ensuring a smooth gaming experience. Utilizing the high computational power of the NVIDIA T4 GPUs, the system could process and stream video flawlessly, enabling seamless gameplay of Steam games in real-time.
Outcome:
Successfully demonstrated that cloud-based gaming can be viable in regions where traditional cloud gaming services are unavailable, providing an optimized gaming experience with minimal latency and high-quality video processing.
Cryptocurrency Mining Experimentation on AWS
Technologies Used:
• AWS EC2
• NVIDIA T4 GPU
• CUDA
• SPOT instances
Project Description:
During the hype of cryptocurrency mining, this project aimed to evaluate the profitability and technical feasibility of mining using AWS resources. A small farm of EC2 instances equipped with NVIDIA T4 GPUs was set up for this purpose. CUDA was employed to optimize the mining processes. To maximize cost-efficiency, all instances operated in SPOT mode.
Outcome:
The project concluded that, despite using SPOT instances for cost reduction, the expenses of running the instances outweighed the gains from mining. However, the project provided valuable insights into the capabilities of CUDA for such resource-intensive tasks.
Skills
Languages
Python 3, PHP 7, PHP, JavaScript, HTML, CSS, Python, TypeScript, Bash, SQL
Frameworks
Twig, Serverless Framework, .NET
Libraries/APIs
AWS Amplify, Node.js, React, OneDrive, OneDrive API
Tools
Terraform, AWS CloudFormation, VPN, AWS Cloud Development Kit (CDK), Amazon CloudWatch, Amazon Virtual Private Cloud (VPC), NGINX, Zabbix, Jenkins, Beanstalk, AWS CLI, Confluence, Jira, GitHub, VMware, Amazon Elastic Container Service (Amazon ECS), GitLab, Git, AWS IAM, AWS ELB, Amazon EKS, AWS Fargate, Amazon Simple Queue Service (SQS), AWS CodeBuild, ELK (Elastic Stack), Bitbucket, OpenVPN, Provisioning Tools, AWS Glue, Logging, AWS CloudTrail, Apache Tomcat, CloudOps, Microsoft Outlook
Paradigms
DevOps, REST, Automation, Continuous Integration (CI), Continuous Delivery (CD), DevSecOps, Microservices, HIPAA Compliance, Microservices Architecture, Serverless Architecture
Platforms
Amazon Web Services (AWS), Solaris, AWS Lambda, WebSphere, Red Hat OpenShift, Docker, Amazon EC2, AWS ALB, Linux, Windows Server, Kubernetes, Cloud Native, CentOS, WordPress, AWS Elastic Beanstalk, Oracle Cloud Infrastructure (OCI), Amazon Lightsail, DigitalOcean, Cloud Gateway, OCI Vault, Google Cloud Platform (GCP)
Storage
Azure Active Directory, MySQL, On-premise, Amazon DynamoDB, Redis Cache, Redis, OVH, Amazon S3 (AWS S3), PostgreSQL, Database Security, Amazon Aurora, Oracle Cloud, Elasticsearch
Industry Expertise
Cybersecurity
Other
Infrastructure as Code (IaC), Windows Subsystem for Linux (WSL), AWS Certified Solution Architect, English, ITIL V3 Foundation Certified, AWS Cloud Architecture, AWS Cloud Development, Amazon RDS, AWS VPN, AWS Transit Gateway, Amazon API Gateway, Enterprise Architecture, AWS DevOps, Startups, Infrastructure Monitoring, Amazon Route 53, AWS Database Migration Service (DMS), FinOps, Cost Reduction & Optimization, CI/CD Pipelines, Cloud Infrastructure, Shell Scripting, Site Reliability Engineering (SRE), Cloud Security, Content Delivery Networks (CDN), DNS, AWS Auto Scaling, Cloud Architecture, Backup & Recovery, Disaster Recovery Plans (DRP), F5 Networks, DevOps Engineer, Architecture, Solution Architecture, ECS, APIs, Containers, Containerization, Firewalls, Security, Computer Networking, System Administration, Orchestration, VMC Algorithms, GitHub Actions, Computer Science, Computer Engineering, Cloud Engineering, Cloud, eCommerce, Microsoft 365, Cloud Migration, GitOps, Networking, Network Architecture, GPU Computing, Cloudflare, TCP/IP, Web Scalability, Scalability, Infrastructure, Load Balancers, IaaS, SSL, IP Networks, CCTV, Video Surveillance, Videos, API Gateways, Data Feeds, SIM Cards, Monitoring, Business Continuity & Disaster Recovery (BCDR), Transport Layer Security (TLS), IT Security, Single Sign-on (SSO), Mail Servers, SDKs, SMTP, Server Migration, Migration, Digital Commerce, Amazon EventBridge, Linux Administration, Serverless, Scripting Languages, AWS CodePipeline, IMAP, GoDaddy, DNS Servers, Microsoft OneDrive, Email, Google Workspace, Outlook, Networks, Gmail
Education
Bachelor's Degree in Computer Engineering
Universidade Descomplica - Curitiba, Parana, Brazil
Bachelor's Degree in Computer Science
Universidade Paulista (UNIP) - Santos, Sao Paulo, Brazil
Certifications
FOCP: FinOps Certified Practitioner
The Linux Foundation
Oracle Cloud Infrastructure 2022 Certified Foundations Associate
Oracle University
EF SET Certificate – C2 Proficient
EF Standard English Test
HashiCorp Certified: Terraform Associate
HashiCorp
AWS Certified Solutions Architect – Professional
Amazon Web Services
Sun Certified Solaris Associate
Sun Microsystems
ITIL V3 Certification
EXIN
Certificate of Competency in English (ECCE)
University of Michigan
How to Work with Toptal
Toptal matches you directly with global industry experts from our network in hours—not weeks or months.
Share your needs
Choose your talent
Start your risk-free talent trial
Top talent is in high demand.
Start hiring