FERNANDO ESPINOSA      

Expert hands-on technical leader with over 15+ years of experience in all aspects of software and platform engineering, solutions architecture and continuous delivery of highly available distributed systems, server-side and client-based enterprise applications, multi-tenancy, security, identity & access management.

Fervent practitioner of cloud-native technologies, practices & patterns such as: Kubernetes, Infrastructure-as-Code, DevOps, CI/CD, Microservices and Event-Driven Architectures (CQRS, Event Sourcing, PubSub); Serverless Computing (Fargate, Lambda, Cloud Run, Functions); NoSQL & Big Data (Cassandra, MongoDB, DynamoDB, Spark, Kafka, Kinesis); DDD, TDD, OOP and Functional programming (C/C++/C#, Java, Scala, Python, Golang, Rust).

Railz Financial Technologies Inc. — VP of Infrastructure Engineering

180 John St. • Toronto, ON • M5T 1X5 | FEBRUARY 2021 - PRESENT

★ Establish and manage the technical roadmap & KPIs for Infrastructure Engineering in the company, leading the design of Railz’s Financial Data Platform as a cloud-native, yet vendor-agnostic, highly available and elastic distributed system.

★ Successfully deliver massive scalability and peak performance with a Microservices+CQRS architecture that overcomes the tradeoffs between different system characteristics (availability -vs- consistency) over tens of thousands of nodes.

★ DevSecOps best-practices, infrastructure-as-code and platform observability (SIEM, APM & log analytics) with:

• Kubernetes: EKS • Fargate • AKS • GKE • CloudRun • Karpenter.sh • KEDA • ArgoCD • cdk8s • Helm • Kustomize
• Infrastructure-as-Code: Terraform • Terragrunt • CloudFormation • AWS CDK • Packer • Docker
• Security: HashiCorp Vault • OneTrust Tugboat Logic • Snyk • StackHawk • AWS KMS • Secrets Manager • IAM
  Cognito • CloudTrail • GuardDuty • WAF & Shield • • SOPS/KSOPS
• Languages: Rust • Golang • Python • Bash • HCL • TypeScript • Node.js • React • Vue.js
• Data Engineering: MongoDB Atlas • Argo Workflows • Amazon Kinesis Streams & Firehose • Athena • AWS Glue
  Redis Sentinel & Cluster • RabbitMQ Cluster & Federation • RDS Aurora PostgreSQL+MySQL • Airbyte ELT/ETL
• Observability: Datadog • Prometheus • Grafana • Fluent Bit • Amazon CloudWatch • New Relic • Elastic Cloud
• CI/CD: Tekton Pipelines • ArgoCD • Terraform Cloud • TeamCity Enterprise • Bitbucket • GitHub

★ Achieve and maintain SOC2 Type 1 and Type 2 certifications “in-a-breeze” over the past 2 years with all the above.

RBC Ventures — Senior Cloud Consultant • Solutions Architect (Terraform • AWS • Azure)

20 Bay Street • Toronto, ON • M6J 2N8 | FEBRUARY 2020 - DECEMBER 2021

Provided technical expertise in areas of reference architecture, infrastructure-as-code and security automation. Led their implementation across 25 subsidiaries of RBC Ventures:

• Infrastructure-as-Code: Terraform • CloudFormation • AWS CDK • Packer • Docker • Ansible
• AWS: Amazon ECS • Fargate • EC2 • Lambda • API Gateway • VPC • VPN • Route53 • WAF • CloudFront
  KMS • SNS/SQS • S3 • RDS Aurora PostgreSQL/MySQL • ElastiCache Redis • Elasticsearch • IAM • Cognito
• Azure: App Service Environment • API Management • Application Gateway • Azure  AD • App Insights
• Languages & Frameworks: Python • GraphQL • C# • TypeScript • React • Node.js • .NET Core
• CI/CD: CircleCI • GitHub Enterprise • AWS CodeDeploy • Azure DevOps
• Instrumentation & Integrations: New Relic • Sumo Logic • NGINX • Squid Proxy • Okta • Contrast Security

PureFacts Financial Solutions — Senior Consultant • Kubernetes • Azure Solutions Architect

48 Yonge Street Suite 400 • Toronto, ON • M5E 1G6 | FEBRUARY 2020 - JULY 2020

Led the overhaul and modernization of CI/CD and infrastructure automation in Azure.

• Azure Kubernetes Service (AKS) • Cluster Autoscaler • Helm • NGINX Ingress Controller
• Azure Functions • Cosmos DB • Application Gateway • Azure Load Balancer • Azure AD
• Azure DevOps • YAML Pipelines • Azure Resource Manager • TeamCity • Octopus Deploy

FIS Global — North America Lead DevOps Engineer • Ambit Risk and Compliance • Azure and AWS

100 King Street West #5350 • Toronto, ON • M5H 4C7 | AUGUST 2019 - JANUARY 2020

Led the modernization of FIS Ambit Risk & Compliance CI/CD and infrastructure automation.

• VMware ESXi • vSphere 6.7 • RHEL 7 • TeamCity • Azure DevOps • SVN • Bitbucket • Git LFS.
• Led the implementation of  100% cloud-native CI/CD toolchain
• Infrastructure-as-Code with AWS  CloudFormation on AWS and Terraform on Azure
• Configuration-as-Code with Kotlin DSL in TeamCity

Polymath — AWS Solutions Architect

155 Wellington Street West #3130 • Toronto, ON • M5V 3H6 | MARCH 2019 - JULY 2019

Defined cloud architecture and led infrastructure automation using CloudFormation and Terraform. Responsible for the implementation of best practices, CI/CD, security, cost management and operations of Polymath’s platform of Ethereum dApps on the company’s blockchain network across all multiple accounts, regions and environments:

• AWS Elastic Kubernetes Service • ECS Fargate • Docker
• AWS Organizations • SAML Identity Federation • IAM Cross-Account Access • MFA • Single Sign-On • EC2 • Auto Scaling • Elastic Load Balancing • SNS/SQS • RDS MySQL & PostgreSQL • RDS Aurora • VPC • Peering • AWS Client VPN • OpenVPN • Aviatrix VPN • Route 53 • Amazon CloudFront • CloudWatch
• CI/CD: TeamCity • Octopus Deploy • GitHub • Webpack • Yarn • npm • TDD • Semantic release management
• Languages and Frameworks: Golang • TypeScript • Node.js • React • Web3.js • Ethereum • Solidity

LoyaltyOne — Senior Consultant • AIR MILES Data Platform • AWS Solutions Architect

351 King Street East • Toronto, ON • M5G 0L6 | JULY 2018 - MARCH 2019

New AIR MILES platform: Led the development and successful delivery of data pipelines and event-driven microservices written in Scala, Akka, Kotlin, Spring Boot, Apache Cassandra, Kafka, ZooKeeper, AWS DynamoDB, Kinesis and RDS Aurora. Led the implementation of the AWS Well Architected Framework and the Developer Experience (DX) initiative across the organization.

• Architecture: Microservices • CQRS • Event Sourcing
• Languages and Frameworks: Scala • sbt • Akka  ★ Java 8 • Spring Boot • Gradle ★ TypeScript • ES6 • Node.js
• Data Stack: Apache Cassandra • Amazon DynamoDB  • Kinesis • RDS Aurora MySQL & PostgreSQL
• Cloud/DevOps: Docker • AWS Cloud Formation • ECS • EC2 • Auto Scaling • Lambda • API Gateway • SNS/SQS • S3
  VPC • Route 53 • IAM • CloudWatch • Splunk • NewRelic • Runscope • Gatling • Jenkins • GitHub

Xello — Staff Software Engineer

FEBRUARY 2018 - JULY 2018

Led the overhaul and modernization of  front-end continuous-delivery, leveraging componentization.

• Architecture & Dev Stack: Composite UIs • Thin-server • C# 7 •  .NET Core • SQL Server • Redis
  Angular 6 • TypeScript • RxJS 6 • @ngrx/store • Sass • Webpack • Grunt • Karma • Jest • Jasmine • Cypress
• Cloud & DevOps: Azure Resource Manager • Azure CDN • Azure VMs • Octopus Deploy • Docker • Jenkins • GitHub

Lendified — Lead DevOps Engineer • Azure Solutions Architect

330 Bay Street #306 • Toronto ON • M5H 2S8 | JANUARY 2017 - FEBRUARY 2018

Provided technical expertise in the architecture and implementation of Lendified’s multi-tenant financial platform. In charge of cloud-first continuous-delivery on Microsoft Azure, operations management and application security.  Owned the architecture and implementation of claims-based IAM solutions for the company’s APIs, front-end applications and integration with 3rd party financial APIs.

• Architecture & Dev Stack: Microservices • Thin-server • C# 7 • .NET Core • ES6 • React • Webpack • Redux
• Cloud & DevOps: App Service Environment • API Management • Application Gateway • Load Balancing • WAF
  Operations Management • Log Analytics • App Insights • Virtual Networks • Virtual Machines
  Azure SQL server • Failover Groups • Active Geo-replication • Azure DevOps • Azure Pipelines • TeamCity
• Application Security: Claims-based identity • Azure AD • IdentityServer4 • OpenID Connect • OAuth 2.0 • JWT

D+H (Finastra) — Lead Azure Engineer • H2-Commercial Product Development

55 Standish Court • Mississauga ON • L5R 4B2 | JULY 2016 - JANUARY 2017

Involved in all aspects of full-stack development and architecture of SaaS, multi-tenant, cloud-native Azure applications.

★ Architecture & Dev Stack: CQRS, Event-Sourcing, Thin-server, .NET Framework 4.6, ASP.NET Web API 2, C# 6, SignalR, Entity Framework 6, OWIN/Katana, AngularJS, Angular Material, ES6, D3.js, npm, Bower, gulp, Sass, Karma, Jasmine, Protractor

★ DevOps Stack: Azure Resource Manager, App Service, Service Bus, Redis, WebJobs, Blob Storage, Azure SQL Server, Application Insights, Powershell, Git, VSTS

★ Security: Claims-based identity, OAuth 2.0, JWT

Armstrong Fluid Technology — Senior DevOps Engineer

400 University Ave • Toronto, ON • M7A 1T7 | APRIL 2015 – JULY 2016

Led the design and implementation of continuous-delivery pipelines, providing for continuous integration, automated testing, deployment automation, configuration and release management. Led the architecture and implementation of claims-based single sign-on for the company’s APIs and front-end applications.

★ Security: OAuth 2.0, JWT, OpenID Connect, IdentityServer, Active Directory Federation Services

★ Dev Stack: .NET Framework 4.6, C# 6, ES6, ASP.NET MVC, Web API, SignalR, OWIN, Katana, Entity Framework, TPL, TAP async/await, NUnit, Autofac, Visual Studio, SQL Server, IIS, Windows Server

★ DevOps: Octopus Deploy, Git, TeamCity, PowerShell, NuGet, TFS, Jenkins CI, Chocolatey, AWS EC2

The Canadian Press — Senior Software Engineer

36 King Street East • Toronto, ON • M5C 2L9 | MAY 2012 – APRIL 2015

Involved in all aspects of full-stack development, architecture and successful delivery of several key projects since their inception, most notably all the systems, services, Web APIs and front-end applications that comprise the new content distribution strategy of The Canadian Press.

★ Architecture: Microservices, CQRS, Event-Sourcing, PubSub

★ Dev Stack: .NET 4.5, C# 5, ASP.NET MVC, ASP.NET Web API, OWIN/Katana, Angular, ES5, Entity Framework, IIS, SQL Server, Redis, MySQL, TPL, TAP async/await, RSS, MRSS, NUnit, Autofac, Castle Windsor, log4net, AWS EC2

★ DevOps: TFS, TeamCity, Octopus Deploy, PowerShell, NuGet

Megabyte Programming Services Corp. — Senior Software Developer

488 Carlingview Drive • Etobicoke, ON • M9W 6M8 | SEPTEMBER 2007 – APRIL 2012

Designed, developed and successfully delivered the foundation framework and key components of the MPTS2010 Megabyte Property Tax System of the state of California.

★ Dev Stack:  .NET 3.5, C# 3, WinForms, GDI+, MS SQL Server, ADO.NET, XML, DevExpress, SAP Crystal Reports XI

Calculated Structured Designs Inc. — Software Developer (Contract)

48-151 Townsgate Drive • Thornhill ON • L4J 8A4

Developed user configuration features of the iStruct 2010 CAD Suite. Implemented AutoCAD DXF format import/export of drawings used for integration with third parties.

★ Dev Stack:   .NET 4.0, C# 4.0, WPF, XAML, Java SE, XML

IBM Canada Ltd. — Technical Analyst

3600 Steeles Avenue East • Markham ON • L3R 9Z7 | SEPTEMBER 2005 – MARCH 2007

Designed and implemented client automation of the Remedy ITSM Enterprise System in JavaScript and .NET.

★ Key Technologies: Java, JavaScript, HTML, DOM, CSS, XML, AJAX, .NET, C#, Active Directory, Excel, VBA

Education and Certifications

University of Toronto

Honours Bachelor of Science – Mathematics and Applied Mathematics - See diploma

University College • St. George Campus | SEPTEMBER 1999 - APRIL 2004

• CKAD: Certified Kubernetes Application Developer: Credential ID: LF-awyp31qjn8 - Credential URL

• HashiCorp Certified Cloud Professional: Credential ID: D7R90M8KLBEE1BWJ - Credential URL

• AWS Certified Solutions Architect: Credential ID: D7R90M8KLBEE1BWJ - See diploma - Credential URL

• Sun Certified Java Programmer: Credential ID: 220456544SCPJSE5P - See diploma