Ronald Carvalho — DevOps & Platform Engineer

About

Engineering reliable platforms

DevOps & Platform Engineer with 8+ years building and operating distributed systems. I specialize in Kubernetes, infrastructure-as-code, CI/CD, observability and service meshes — providing end-to-end support and spreading a strong DevOps and SRE culture so organizations can move faster while keeping their systems secure, scalable and resilient.

Containers & Orchestration

DockercontainerdPodman KubernetesNomadSwarm

Kubernetes Ecosystem

cert-managerexternal-secrets external-dnsingress-nginx oauth2-proxyRookLonghorn

Platform Engineering

Internal Developer PlatformsArgoCD CrossplaneBackstage Golden PathsSelf-service IaC

IaC & GitOps

TerraformTerragruntAnsible HelmArgoCDCrossplane AtlantisJsonnet

Observability

PrometheusGrafanaThanos Elastic / KibanaJaegerKiali

CI/CD

GitHub ActionsGitLab CIJenkins Azure DevOpsBuildkite

Cloud

AWSAzureGoogle Cloud

Service Mesh & Networking

IstioLinkerdgRPC CalicoOpenVPNStrongSwan

Languages

GoPythonTypeScript JavaBash

Career

Experience

Mottu

Oct 2025 — Present

Senior DevOps / Platform Engineer

Designed new deployment processes with a multi-cluster, multi-AZ strategy for GKE.
Built internal components in Python and Go to integrate tooling into Mottu's IDP (Mottu Turbo).
Created the Preview environments deploy process using ArgoCD and Crossplane for dynamic provisioning of cloud resources.
Refactored the entire Helm process for Mottu's microservices, reducing cognitive load and improving integration with the internal IDP (Mottu Turbo).
Expanded Mottu's IaC capabilities — improved the Terraform apply process and optimized parallel execution with Terragrunt and Atlantis, isolating prod, hml and dev states and drastically cutting pipeline times.
Improved cluster RBAC, OAuth2 and OIDC for unprivileged, audited access to Kubernetes clusters.
Designed a new multi-region cluster topology on GCP for the internationalization of Mottu's backends (Brazil and Mexico).

Kubernetes (GKE)DatadogGitHub Enterprise Pub/SubTerraformTerragrunt HelmArgoCDCrossplane Istio / EnvoyCNCF tooling

Zup Innovation

Sep 2023 — Oct 2025

Senior DevOps / Platform Engineer

Cloud specialist supporting one of the largest telecommunications companies in Latin America. Zup — recently acquired by Itaú Unibanco — builds Stackspot, an AI-powered Internal Developer Platform, and serves clients across banking and telecom through its Professional Services division.

Ensured security compliance across Kubernetes environments on AWS.
Defined SLOs and SLIs for infrastructure, enabling SRE golden signals.
Led a zero-downtime migration between AWS accounts.
Hardened cloud access with IAM best practices, network segmentation, SSO and OAuth2 (oauth2-proxy, Dex, Keycloak).
Drove DevOps practices across multiple product teams and conducted technical interviews and code reviews.
Backend development in Go and TypeScript.

KubernetesAWSAzure EKSStackspotArgoCD TerraformTerragruntLinkerd GoTypeScript

Liferay Cloud

Jun 2021 — Sep 2023

DevOps Engineer (IV – V)

Member of Liferay's Cloud Infrastructure team, maintaining the PaaS and SaaS environments powering Liferay Experience Cloud and its self-managed edition — Kubernetes-based platforms supporting both multi-tenant and self-managed customer deployments.

Managed multiple GKE clusters across the Americas, Europe and Asia.
Maintained the Internal Developer Platform using ArgoCD, Helm, Terraform and Terragrunt.
Ran periodic Disaster Recovery tests (cluster, storage and data loss) with Velero, GKE and Cloud Storage.
Secured access with IAM, network segmentation, SSO and OAuth2 (oauth2-proxy, Teleport).
Improved IaC maintainability through DRY principles and Atlantis automation; contributed to open-source IaC tools.
Delivered internal summit talks and mentored teammates.

KubernetesGKEAKS AtlantisArgoCDTerraform TerragruntGoogle CloudPython TypeScript

Stone

Apr 2021 — Jun 2021

Site Reliability Engineer

Sustained the product on Azure's public cloud.
Suggested new logging and monitoring practices.
Took part in the technical interview process.

AzureAKSTerraform AnsiblePythonF5 Big-IP Linux

Acqio

May 2019 — Apr 2021

DevOps Engineer (Junior → Mid)

Acqio is a payments fintech operating a franchise model, with franchisees deploying POS devices across Brazil. I joined the first DevOps/SRE team, building the initial Kubernetes infrastructure for the non-PCI backend services behind Acqio's customer platforms and mobile apps.

Designed and implemented the first Terraform-based IaC framework for all Azure resources.
Led Kubernetes adoption, improving reliability, scalability and security; managed releases with Helm.
Introduced the first service mesh for gRPC services using Istio.
Adopted Trunk-Based Development for deterministic, idempotent builds and championed DevOps culture.

KubernetesAKSAzure TerraformIstioBazel (Starlark) AnsibleJsonnetBuildKite

ISI-TICs — Instituto Senai de Inovação

Feb 2018 — May 2019

DevOps Engineer — Intern

The company was adopting DevOps culture, and I helped lead the choice of tooling to improve its development lifecycle while learning alongside the team.

Drove DevOps practices grounded in 12-Factor and DRY for infrastructure and configuration management.
Configured and maintained production workloads and shaped the first SDLC processes (Git, containers, config mgmt).
Built Ansible boilerplate for EC2 configuration and package management across multiple machines.
Imported existing AWS resources into Terraform for centralized management.

Docker & SwarmRancherAWS JenkinsPythonShell Jira

Education

Education & Training

UniFBV Wyden

Bachelor of Computer Science · 2015 — 2020

Thesis: Continuous delivery proposal for microservice-based architectures on Kubernetes.

Final score 9 / 10

Contact

Let's connect

Open to conversations about platform engineering, reliability and distributed systems.

Email r@ronaldmiranda.com.br GitHub @ronaldmiranda LinkedIn rmirandaa Twitter @ronaldkame Keybase rronaldm