Senior Cloud Engineer

Marcos Ferreira

I design resilient, cost-efficient cloud architectures and production data platforms at scale.

Distributed Systems/AWS Architect/Infrastructure as Code
View Case StudiesContactDownload CV

Approach

How I Think About Systems

01

Scalability before convenience

Architect for the load you'll have tomorrow, not the shortcuts you want today.

02

Infrastructure as Code as a control layer

Every resource is versioned, reviewed, and reproducible. No manual interventions.

03

Observability as a first-class requirement

If you can't measure it, you can't manage it. Metrics, logs, and traces from day one.

04

Security hardening early, not after incidents

Shift security left. Scan images, rotate secrets, enforce least privilege by default.

05

Migrations without downtime

Zero-downtime is not optional. Dual-write, validate, cutover, rollback-ready.

Experience

Career Evolution

Current

Senior Cloud Engineer

Nexter

Designing and operating cloud-native data platforms on AWS, stabilizing production infrastructure, and leading architectural initiatives across distributed systems.

  • Designed AWS-based data platform supporting thousands of concurrent workflows
  • Stabilized 300 production pipelines
  • Led zero-downtime RDBMS migration (SQL Server → PostgreSQL)
  • Built serverless validation architecture reducing feedback loop to ~30 seconds
  • Hardened container images across microservices (40 critical vulnerabilities remediated)

Previous

Full-Stack Developer

Earlier Career

Where the engineering foundation was built. Shipped end-to-end features across Angular and Django, then gravitated toward infrastructure — writing ETL pipelines, containerizing workloads with Docker, and authoring AWS CloudFormation templates that planted the seed for a career in cloud.

  • Led development of an Angular web interface backed by Django, owning the full request lifecycle from UI to API
  • Designed and implemented automated ETL pipelines using Docker and AWS CloudFormation, improving data reliability
  • Optimized user experience through streamlined workflows and more intuitive interface design
  • Developed and integrated key APIs, extending system capabilities and enabling third-party service integrations

Case Studies

Selected Work

Deep dives into production systems I designed and built. Each project demonstrates architectural decision-making at scale.

Problem

A legacy DB2 system couldn't scale to meet extraction and load demands, and fully migrating to the cloud wasn't immediately feasible.

Architecture

  • Hybrid deployment: on-premises extraction + cloud-based processing
  • ECS + Fargate for containerized workers
  • EFS for shared persistence
  • S3 for durable storage
  • Secrets Manager for credential isolation
  • Terraform for environment reproducibility

Challenges

  • Bridging on-premises DB2 with cloud workloads
  • Concurrent data workflows at scale
  • Failure isolation across hybrid boundaries
  • Operational cost control

Results

  • Accelerated extraction and load through hybrid architecture
  • Standardized deployment across environments
  • Increased system reliability
  • Reduced operational friction

Problem

DAG deployment cycles were slow with no pre-flight validation, leading to broken pipelines in production.

Architecture

  • S3 event-driven ingestion
  • Lambda-based validation
  • ECR image usage
  • Integration with MWAA
  • 30-second E2E feedback loop

Challenges

  • Developer experience improvement
  • Faster iteration cycles
  • Reduced deployment risk
  • Seamless CI/CD integration

Results

  • 30-second end-to-end feedback loop
  • Drastically reduced broken deployments
  • Improved developer velocity
  • Self-service validation for data engineers

Problem

Critical production databases needed migration without service interruption or data loss.

Architecture

  • Migration strategy & planning
  • Dual-write / replication approach
  • Data validation strategy
  • Rollback plan
  • Cutover process

Challenges

  • Zero tolerance for downtime
  • Data integrity across systems
  • Schema compatibility mapping
  • Stakeholder coordination

Results

  • Eliminated 3 SQL Server licenses
  • Reduced long-term operational cost
  • Improved portability and open-source alignment
  • Zero data loss during migration

Problem

Container images had accumulated critical vulnerabilities across multiple microservices.

Architecture

  • Vulnerability scanning process
  • Base image replacement
  • Multi-stage builds
  • Reduced attack surface
  • Compliance alignment

Challenges

  • 40+ critical CVEs across services
  • Minimal disruption to active development
  • Consistent hardening standards
  • Automated scanning integration

Results

  • 40 critical vulnerabilities remediated
  • Reduced container image sizes
  • Compliance-ready posture
  • Automated scanning in CI pipeline

Stack

Technical Domains

Cloud Architecture

  • AWS ECS, Lambda, EC2, S3, EFS
  • Infrastructure as Code (Terraform)
  • IAM & Secrets Management

Distributed Systems

  • ETL Orchestration
  • DAG-based workflows
  • Microservices

Containers & Orchestration

  • Docker
  • OKD / OpenShift
  • CI/CD pipelines

Backend Engineering

  • Django
  • REST APIs
  • PostgreSQL

Credentials

Education & Certifications

AWS Solutions Architect

Professional

AWS Solutions Architect

Associate

B.S. Computer Engineering

Bachelor of Science