Marcelo Gimenes de Oliveira,巴西帕拉纳州maring<e:1>开发商
Marcelo is available for hire
Hire Marcelo

Marcelo Gimenes de Oliveira

Verified Expert  in Engineering

Software Engineer and Developer

Location
Maringá - State of Paraná, Brazil
Toptal Member Since
November 24, 2020

Marcelo可以采用高级目标并提供可发布的代码. To do so, he can readily learn most technologies as he goes. 他关心他所创造的任何东西的商业含义, and he understands the balance between craft, speed, and the bottom line. 此外,他认为技术是工具和权衡,而不是意识形态. Marcelo在许多技术和业务领域拥有超过8年的可扩展应用程序构建经验.

Back-endSoftware EngineeringSystem IntegrationWeb App SecurityWeb SecuritySecure Web DevelopmentSQLWindowsUnit TestingDatabasesREST APIsJenkinsAgileMicroservicesBash

Portfolio

Jobvite
Ruby on Rails (RoR), GraphQL, React, Relay, Kubernetes, Helm, Apache Kafka...
BoaCompra
Docker, Apache, NGINX, RabbitMQ, MySQL, Bash, Git, Jenkins, Jira...
BoaCompra
PHP,漏洞管理,漏洞评估,风险建模,NMap...

Experience

Microservices - 5 yearsPHP - 4 yearsRuby on Rails (RoR) - 4 yearsPython - 4 yearsJava - 3 yearsDomain-driven Design (DDD) - 3 yearsApplication Security - 2 yearsReact - 2 years

Availability

Part-time

Preferred Environment

Linux, Git

The most amazing...

...我开发的项目是一个安全漏洞管理应用程序,它改善了巴西最大的金融科技公司之一的安全团队的工作流程.

Work Experience

Senior Software Engineer

2021 - 2023
Jobvite
  • 集中了分布在不同模块中的公共列表特性.
  • Improved IaC features using SparkleFormation; Developed an internal feature to run one-time jobs on Kubernetes.
  • 使用Logstash、Kibana和Elasticsearch改进了应用程序日志索引.
  • Added many new features using React/Relay and GraphQL (Ruby).
  • 重构了一个用React编写的求职者门户的代码.
  • 将一些应用模块从裸机迁移到Kubernetes.
Technologies: Ruby on Rails (RoR), GraphQL, React, Relay, Kubernetes, Helm, Apache Kafka, SparkleFormation, Git, JavaScript, REST APIs, OOP Designs, SQL, Object-oriented Programming (OOP), Back-end

Lead Software Engineer

2020 - 2020
BoaCompra
  • 开发了一个新的API版本,通过使用最佳REST实践来提高可用性.
  • 创建了一个API网关库,可以轻松地按需构建API网关.
  • Designed a sandbox solution to improve client onboarding.
  • 帮助新成员了解公司的商业模式,掌握公司的代码规则.
Technologies: Docker, Apache, NGINX, RabbitMQ, MySQL, Bash, Git, Jenkins, Jira, Domain-driven Design (DDD), Amazon Elastic Container Service (Amazon ECS), SlimPHP, Amazon API Gateway, API Gateways, PHP, Leadership, REST APIs, OOP Designs, SQL, Object-oriented Programming (OOP), Back-end

Application Security Engineer

2018 - 2020
BoaCompra
  • 对100多名同事进行了基于OWASP标准的网络安全培训.
  • 映射和渗透测试整个系统的攻击面,以满足PCI义务.
  • Wrote handcrafted reports, 它不仅指出了安全漏洞,而且给出了缓解的指示和最佳实践.
  • 就开发团队当时正在开发的特性向他们提供具体的安全建议.
  • Defined model risk of new features, microservices, and APIs.
  • Managed the security vulnerabilities to meet deadlines.
  • 在交付后测试新的缓解和安全功能,看看是否没有绕过的方法.
Technologies: PHP,漏洞管理,漏洞评估,风险建模,NMap, Risk Analysis, Application Security, Bash, Metasploit, Python, Ruby on Rails (RoR), Ruby, REST APIs, OOP Designs, SQL, Object-oriented Programming (OOP), Back-end

Software Engineer

2016 - 2018
BoaCompra
  • Broke a core part of a monolith into a resilient microservice, which improved the development process of adding new features.
  • 开发了新的退款请求UI,提高了可用性.
  • 建立了一个新的结账微服务,将转化率提高了10%.
  • 创建了许多可重用库,以提高开发速度和可读性.
  • 使用旧框架和遗留系统,如osCommerce和Tomato.
  • 使用和推广领域驱动的设计技术以及SOLID和Clean Code实践,以提高代码的可维护性.
Technologies: Amazon Elastic Container Service (Amazon ECS), Amazon Simple Queue Service (SQS), Domain-driven Design (DDD), CQRS, Event Sourcing, GraphQL, Jira, Go, Node.js, Jenkins, Git, Amazon S3 (AWS S3), Amazon EC2, MySQL, MongoDB, RabbitMQ, NGINX, PHP, Docker, Apache, JavaScript, REST APIs, OOP Designs, SQL, Object-oriented Programming (OOP), Back-end

System Analyst

2015 - 2016
Benner
  • Analyzed and described requirements for the new features.
  • 针对每个特定客户的需求创建了许多不同的功能.
  • 开发COM对象,通过可重用组件增加系统功能.
技术:ActiveX, DLL, Microsoft SQL Server, Oracle, PL/SQL, JavaScript, c#, Delphi, ASP.. NET,需求分析,REST api,面向对象设计,SQL,面向对象编程,后端

Software Developer

2012 - 2015
TecnoSpeed
  • 在现有API的基础上创建一个REST API,在不更改旧代码的情况下改进其特性.
  • Developed a new UI, improving both usability and performance.
  • 发现并修复了一个导致重大随机问题的旧bug.
  • 开发了一种新产品,提高了客户在其主要业务领域的整体弹性.
  • 创建dll和COM对象以促进新客户端的集成.
  • Built and implemented many important invoice-related features, 例如跨字段语义验证和数字发票发送.
Technologies: Scrum, Inno Setup, COM, ActiveX, DLL, C#, Visual Basic 6 (VB6), Subversion (SVN), Jenkins, Redmine, PostgreSQL, JavaScript, HTML, CSS, Node.js、AngularJS、Delphi、REST api、OOP设计、SQL、面向对象编程(OOP)、后端

BoaCompra API

BoaCompra是PagSeguro PagBank的一部分,PagSeguro PagBank已将国际商家与当地支付联系起来超过15年. PagSeguro PagBank是一家为各种类型和规模的企业提供金融技术解决方案的颠覆性提供商, including POS, eCommerce, and digital banking.

BoaCompra专门为超过15个国家提供支付集成服务, 提供来自10个不同国家的近150种支付方式, 使合作伙伴可以用其他货币销售,买家可以使用当地的支付方式. 它是Riot(《欧博体育app下载》)等大型游戏公司的合作伙伴。, Valve (Steam), and EA (Battlefield and Need for Speed).

Vulnerability Management App

http://github.com/cgimenes/appsec-admin
创建了一个Rails web应用程序来代替电子表格,并轻松跟踪安全团队在渗透测试中发现的漏洞. 我还添加了一个Metabase安装,以便轻松访问商业智能和分析.

File Transferring through QR Code Images

http://github.com/cgimenes/binqr-server
A mobile app for file transferring through QR code images, 用户可以发送任何小文件到他的智能手机,而不需要他的手机以任何方式连接到电脑. 我开发了整个项目,包括网页,后端和原生移动应用程序.

Veterinary Clinic Management App

http://github.com/cgimenes/gohorse-backend
使用Spring Boot编写的一个应用程序,演示如何使用DDD(战术构建块), CQRS, and ES features can be connected and how the trade-off, when applied in a wrong scenario, 会大大降低开发速度和可维护性吗.

Languages

PHP, Java, Delphi, Bash, GraphQL, SQL, XML, PHP 7, PHP 5, Go, Python, JavaScript, Ruby, C#, CSS, Visual Basic 6 (VB6), CSS3, HTML5, R, Clojure, HTML, Haskell, Elixir, TypeScript

Frameworks

Ruby on Rails (RoR), ActiveX, PHPUnit, Twig, PhalconPHP, Bootstrap, Spring Boot, Tailwind CSS, Relay, Bulma, AngularJS, ASP.NET, Flask, Spring, Django, .NET Core, .NET

Libraries/APIs

API Development, REST APIs, Node.js, jQuery, React, Vue

Tools

Git, Docker Compose, Jenkins, RabbitMQ, Redmine, Subversion (SVN), NMap, Metasploit, Jira, Amazon Simple Queue Service (SQS), Amazon Elastic Container Service (Amazon ECS), RSpec, Helm, Apache, NGINX, Traefik, SparkleFormation

Paradigms

Microservices, CQRS, Event Sourcing, Requirements Analysis, Agile, Scrum, Kanban, Unit Testing, Object-oriented Programming (OOP), REST, Responsive Web Design (RWD), Penetration Testing, Functional Programming, ETL, DevOps

Platforms

Linux, Docker, Windows, Amazon EC2, Heroku, Kubernetes, Apache Kafka, Android, Oracle, Amazon Web Services (AWS), Google Cloud Platform (GCP), DigitalOcean, Firebase

Storage

SlimPHP, Databases, PostgreSQL, MySQL, MongoDB, PL/SQL, Amazon S3 (AWS S3), Redis, Microsoft SQL Server

Other

Domain-driven Design (DDD), Application Security, Software Engineering, Software Architecture, DLL, COM, Hardware, Software Development, Lean, Networks, Risk Modeling, Vulnerability Assessment, Vulnerability Management, Payment Gateways, APIs, Fintech, Online Payments, Payment APIs, Architecture, Single Sign-on (SSO), Back-end, System Integration, Integration Testing, Web App Security, Web Security, Secure Web Development, OOP Designs, LDAP, Software Design, Risk Analysis, Metabase, Full-stack, Front-end, CI/CD Pipelines, Native Mobile Apps, Inno Setup, Business Psychology, Mathematics, Statistics, QR Codes, Leadership, API Gateways, Amazon API Gateway, Machine Learning

Industry Expertise

Banking & Finance, Security, Cybersecurity

2013 - 2018

Bachelor of Engineering Degree in Software Engineering

Centro Universitário Cesumar (UniCesumar) - maring,帕拉纳岛,巴西

SEPTEMBER 2020 - SEPTEMBER 2023

Certified Application Security Engineer (CASE)

EC-Council