Author Image

Kaleby Cadorin

Kaleby Cadorin

DevOps Engineer

I am a passionate DevOps engineer with years of working experience. I love building tools and applications that solve real-world problems.

In my free time, I enjoy contributing to open source projects, learning new technologies, and sharing knowledge through writing and speaking.

Certified Kubernetes Application Developer
Certified Kubernetes Administrator
Problem Solving
Leadership
Resilience
Fast Learner
Adaptability
Ownership
Collaboration

Skills

Kubernetes

Orchestrating containerized workloads at scale, including EKS and GKE clusters with Karpenter autoscaling, KEDA, HPA, ArgoCD GitOps, and Helm. Certified Kubernetes Administrator (CKA) and Application Developer (CKAD).

Terraform

Infrastructure as Code across AWS, GCP, and DigitalOcean environments, using Terraform and Terragrunt to manage multi-environment, multi-account cloud infrastructure with Atlantis for automation.

AWS

Deep experience across EKS, ECS Fargate, RDS Aurora, ElastiCache, Lambda, ALB, Route 53, IAM, Secrets Manager, Transfer Family, CloudWatch, and more, across multi-account production environments.

Docker

Containerizing applications for development, CI/CD, and production, with strong knowledge of image optimization, security scanning, and registry management.

Python

Building internal platform tools, automation scripts, deployment tooling, data pipelines, and CLI utilities across multiple production environments.

Information Security

Hands-on experience implementing ISMS, SOC 2, PCI-DSS, ISO 27001, and NIST frameworks. Background includes CISO leadership, security awareness programs, PAM, vulnerability management, and compliance auditing.

Pulumi

IaC with Pulumi and TypeScript to define and manage full Google Cloud architectures, including GKE, Cloud Armor, Cloud SQL, and GCS.

Observability

Building full observability stacks with Prometheus, Grafana, Loki, Promtail, and Datadog for metrics, logs, and alerting across Kubernetes and cloud environments.

Argo CD

GitOps continuous delivery for Kubernetes using ArgoCD, managing application deployments across multiple clusters and environments.

GitHub Actions

Building CI/CD pipelines for application builds, infrastructure automation, container image publishing, and multi-environment deployments.

Ansible

Configuration management and infrastructure automation using Ansible for provisioning and server hardening.

GCP

Extensive experience with GKE, Cloud Armor, Cloud SQL, BigQuery, Airflow, GCS, IAM, and site reliability engineering for production workloads.

AI / LLM Tooling

Building MCP (Model Context Protocol) servers, Claude Code plugins, and LangGraph-based AI agents to extend developer tooling and automate workflows.

Helm

Managing Kubernetes application deployments and configuration with Helm charts across multiple environments.

Blockchain / Web3

Operating full and archive nodes for Ethereum, Optimism, Arbitrum, Polygon, Avalanche, and Shape, with RPC proxying, failover, and indexing pipeline management.

Linux

Deep Linux systems administration experience across server management, networking, shell scripting, and security hardening.

CircleCI

Building CI/CD pipelines for mobile (iOS, Android), API, and infrastructure deployments with CircleCI.

React

Building frontends for internal platform tools, including security dashboards, access request portals, and secrets management UIs.

Node.js

Building APIs and web services, containerizing Node.js applications and migrating them to Kubernetes for cost and scalability improvements.

GitLab

Source code management and CI/CD pipelines with GitLab for microservice delivery across multi-tenant cloud environments.

Jenkins

Building and managing CI/CD pipelines with Jenkins for infrastructure automation and application delivery.

Spinnaker

Multi-cloud continuous delivery with advanced deployment strategies.

Experiences

1
Blockchain Data & Infrastructure Platform (US)

Web3 infrastructure provider indexing on-chain data across multiple EVM-compatible networks.

Senior SRE / DevOps Engineer
Responsibilities:
  • Designed and maintained the full AWS infrastructure using Terraform and Atlantis, managing EKS clusters, Aurora PostgreSQL, ElastiCache Redis, ECS Fargate, VPCs, ALBs, and Route 53 across dev, staging, and production environments.
  • Operated multi-chain blockchain node infrastructure running full and archive nodes for Ethereum, Optimism, Arbitrum, Polygon, Avalanche, and Shape, with RPC proxying, automatic failover, and health monitoring via CloudWatch and Slack alerts.
  • Built EKS cluster operations using ArgoCD for GitOps deployments, Karpenter for node autoscaling (spot and on-demand), and a full observability stack with Prometheus, Grafana, Loki, and Promtail.
  • Contributed to a Go-based blockchain data indexing pipeline ingesting blocks, transactions, events, NFTs, balances, and smart contracts into OpenSearch, exposed via a GraphQL API.
  • Developed Claude Code plugins and MCP servers to extend AI tooling for the team, including a blockchain data query tool and an AI agent (LangGraph) for natural language blockchain data queries.
  • Implemented EKS cost optimization using spot instances, Karpenter node pools, and an automated EBS cleanup tool, alongside a Python-based cost analysis script achieving significant cloud spend reductions.
  • Managed secrets, IAM, and Kubernetes security using External Secrets Operator, AWS ACK Pod Identity, and SOPS with KMS for secure and auditable access controls.
Healthcare Technology Platform (US)

Digital health provider delivering secure care coordination and analytics solutions.

Senior DevOps Architect
Responsibilities:
  • Built an internal security scanning platform (Python + frontend) that automatically checks all container images pushed to ECR for vulnerabilities, blocks CI/CD pipelines on critical CVEs, and allows developers to request time-limited exceptions through an approval workflow.
  • Developed a self-service privileged access system providing evaporative (time-limited) credentials to databases and message brokers, with a frontend for session auditing, kill-switch capabilities, and permission configuration.
  • Created a Kubernetes secrets management tool allowing teams to safely update secret values across environments without cluster access; changes flow through a queue consumed by environment-specific listeners, with masked values for production security.
  • Built a production access request portal with multi-step approval workflow that auto-generates temporary credentials upon final approval.
  • Implemented a disaster recovery architecture in Terraform enabling full service restoration from an AWS outage in under 30 minutes.
  • Hardened multi-account AWS infrastructure with automated SOC 2 guardrails, monitoring, and bastion host access across all accounts.
  • Orchestrated complex data pipelines with Prefect and built scheduled Lambda-based data bridges for automated database schema population.
2
3
Digital Commerce Platform (Canada)

Global discounts marketplace serving high-traffic consumer brands.

Sysadmin & DevOps Engineer
Responsibilities:
  • Engineered beta and production IaC stacks on Google Cloud using Pulumi and TypeScript, covering load balancers, Cloud Armor, Cloud SQL, GCS buckets, and GKE cluster configurations.
  • Led migration of legacy manually-deployed workloads to a fully IaC-managed design on GKE, eliminating configuration drift and enabling repeatable deployments.
  • Reduced overall infrastructure costs by 32% through preemptible GKE nodes, Cloud Armor policy restructuring, and log resource rightsizing.
  • Containerized a Node.js application to move from Cloud Functions to GKE, cutting compute costs by approximately 50%.
  • Migrated Pulumi state management from the Pulumi cloud service to a self-hosted backend for tighter governance and cost control.
  • Led the DevOps team, overseeing daily operations and driving platform stability initiatives.
Consulting Collective (US)

Advisory firm supporting venture-backed and enterprise engineering teams.

Senior DevOps Engineer (Part-time)
Responsibilities:
  • Delivered reusable Terraform and Terragrunt blueprints, reducing code repetition and standardizing infrastructure patterns across partner teams.
  • Built CI/CD pipelines in GitHub Actions and CircleCI accelerating software delivery and deployment cadence.
  • Drove an AWS cost reduction initiative using CUDOS dashboards and a detailed savings roadmap, helping a partner cut overall cloud spend by 50% through RDS consolidation, reserved instance purchases, and backup optimization.
  • Rolled out Datadog observability and alerting, improving incident detection and response for partner environments.
  • Deployed Vanta-driven SOC 2 controls into AWS accounts and implemented EKS clusters with HPA and Karpenter for high-availability workloads.
4
5
Messaging Platform Provider (EU)

Business messaging platform serving global brands with high-volume APIs.

Senior SRE Engineer (Part-time)
Responsibilities:
  • Operated GKE clusters with Helm-based deployments, configuration management, and environment hardening.
  • Built Grafana dashboards and alert rules for the API and Kubernetes cluster, increasing observability and reducing mean time to resolution.
  • Led incident reviews and authored postmortem reports, establishing a structured response process for critical events.
  • Introduced Argo Workflows automation to reduce manual toil for routine operational tasks.
  • Designed and ran load and performance tests to validate API reliability and identify bottlenecks under peak traffic.
Fintech Scale-up (US)

Card and spend management platform for high-growth businesses.

Senior Infrastructure & Security Architect
Responsibilities:
  • Architected DigitalOcean environments using Terraform and Terragrunt for all core application workloads.
  • Established the company-wide Information Security Management System (ISMS), authoring security policies and creating a full Security Awareness program with online lectures, marketing materials, and phishing simulations.
  • Automated full environment lifecycle management (create, update, destroy) through GitHub Actions pipelines with Python deployment tooling.
  • Led both the DevOps and Information Security teams, aligning delivery velocity with compliance and security goals.
6
7
Product Engineering Consultancy (Global)

Distributed consultancy delivering enterprise web and cloud programs across multiple industries.

Senior DevOps Engineer
Responsibilities:
  • Led DevOps workstreams across multiple simultaneous client engagements spanning startups and large public enterprises.
  • Designed AWS architectures using ECS, ECR, RDS, Bastion Host, ALB, CloudFront, and Route 53, fully managed with Terraform and Terraform Cloud.
  • Built comprehensive CI/CD pipelines covering mobile (iOS, Android), unit tests, e2e tests, and API/app builds using GitHub Actions and CircleCI.
  • Executed a 5-month AWS lift-and-shift migration combining VMware Cloud and cloud-native services for enterprise financial clients.
  • Migrated a large SVN repository (55,000+ revisions) and self-hosted Git repositories to Bitbucket Cloud with mirroring for zero-disruption transitions.
  • Replatformed a self-hosted GoCD server to AWS, restoring pipelines and automating server provisioning with Vagrant and Python.
  • Implemented and managed EKS clusters across multiple clients with Karpenter node autoscaling, KEDA workload autoscaling, and HPA.
Technology Services Provider (LATAM)

Nearshore engineering organization supporting regulated SaaS platforms across biopharma, medtech, and cybersecurity.

Senior DevOps Engineer
Responsibilities:
  • Provisioned GCP infrastructure (GKE, Redis, BigQuery, Airflow) via Terraform and Terragrunt for a global regulated IoT SaaS platform serving biopharma and medtech clients.
  • Built CI/CD pipelines with GitLab and Jenkins delivering microservices to multi-tenant GCP environments, including a Python deployer script to orchestrate Terragrunt module pipelines.
  • Created 20+ Kubernetes training courses covering topics from fundamentals through advanced security features, achieving over 95% five-star ratings from learners.
  • Served as team mentor and lead, onboarding new members and maintaining high team performance.
  • Conducted technical interviews for DevOps, networking, and information security candidates.
8
9
Aviation Operator (Brazil)

National airport network overseeing governance, IT operations, and security compliance across multiple airports.

Chief Information Security Officer
Responsibilities:
  • Directed information security and IT governance across multiple airports, acting as CISO, Governance Manager, and Privacy Committee Leader simultaneously.
  • Implemented the ISMS and ITSM systems across both airports, alongside a security awareness program achieving 97% employee participation and an 80% increase in incident reporting rates.
  • Implemented auditing across all environments enabling the compliance team to investigate ethics channel complaints; led rollout of IAM, PAM, antivirus, patch management, and vulnerability management toolsets.
  • Acting as change manager, reduced the rate of IT-related maintenance incidents by 96%.
  • Designed GCP IAM roles, RBAC for GKE, and defined site reliability engineering practices supporting airport digital operations.
Cloud Services Provider (Brazil)

Managed services partner delivering data center and infrastructure modernization projects.

Senior Security & Site Reliability Engineer
Responsibilities:
  • Architected AWS environments for enterprise clients, implementing IAM, automation with Ansible and Terraform, and Jenkins-based pipelines.
  • Migrated three clients from on-premises data centers to AWS, building scalable storage (S3, EBS), compute (EC2), and load-balanced application (ELB) architectures.
  • Configured Amazon CloudWatch monitoring and alerting across all client environments to improve reliability and incident visibility.
  • Created Bash and Python automation scripts for infrastructure tasks, reducing manual effort across the team.
10
11
Payment Processing Platform (Brazil)

Financial services provider handling high-volume transaction processing and Central Bank connectivity.

Senior Security & Site Reliability Engineer
Responsibilities:
  • Managed AWS and Azure cloud infrastructure with strong emphasis on security, availability, and PCI-DSS compliance.
  • Designed and maintained the certificate environment securing all communication between the company and Brazil’s Central Bank.
  • Ensured compliance with Brazil’s Central Bank Resolution 4.658 on cybersecurity policy and cloud computing requirements.
  • Led a datacenter migration to a new site with zero downtime, coordinating all infrastructure cutover activities.
  • Automated backups, server updates, and recurring infrastructure routines using Bash and Python scripts.

Education

Uniritter
2020-2021
MBA in Information Technology Management
GPA: 8.79 out of 10
ULBRA - Universidade Luterana do Brasil
2010-2011
Postgraduate in Information Security
GPA: 8.89 out of 10
ULBRA - Universidade Luterana do Brasil
2005-2008
Technological Degree in Computer Networks
GPA: 8 out of 10
Thesis:

Analysis of the Microsoft Unified Communications (UC) architecture for VoIP

Supervisor: M.Sc. Leonardo Garcia de Mello

This article analyzes Microsoft’s enterprise VoIP solution under the Unified Communications (UC) architecture. It outlines the components—such as Microsoft Office Communications Server 2007—and their interactions with other Microsoft systems. The solution integrates with IT infrastructure and existing telephony (including legacy PBX and PSTN) to deliver videoconferencing, audio conferencing, and instant messaging within Microsoft Office 2003 and 2007.

Recent Posts

Hero Image
Welcome to My Portfolio

Welcome! This is my personal portfolio website built with Hugo and the beautiful Toha theme. The site features smooth scrolling animations that create an engaging user experience as you navigate through different sections. What You’ll Find Here About Me: Learn about my background and experience Skills: Discover the technologies I work with Projects: Explore my latest work and contributions Experience: See my professional journey Education: My academic background Accomplishments: Certifications and achievements Feel free to explore and don’t hesitate to reach out if you’d like to connect!

Monday, December 23, 2024 Read