Skip to content
View othiagorpantoja's full-sized avatar
🏠
Working from home
🏠
Working from home

Block or report othiagorpantoja

Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
othiagorpantoja/README.md
╔══════════════════════════════════════════════════════════════════╗
║   THIAGO PANTOJA  ·  Principal Solutions Architect  (Staff+)     ║
║   Business Strategy  ×  Platform Engineering  ×  Multi-cloud     ║
╚══════════════════════════════════════════════════════════════════╝

LinkedIn Email WhatsApp SP WhatsApp AM Location Languages


$ whoami

Principal Solutions Architect (Staff+) na interseção entre estratégia de negócio e Platform Engineering.

Projeto arquiteturas multi-account / multi-region em AWS, Azure, GCP e OCI com Cloud Governance, Security by Design e FinOps como pilares — não como afterthought.

Padronizo o SDLC com IaC (Terraform / CDK / Ansible), Kubernetes (EKS / AKS / GKE / OKE) e pipelines CI/CD que entregam escala, resiliência e otimização de custo em ambientes multi-cloud de alta complexidade.

"Architecture is a conversation between constraints and possibilities — I make sure cost, risk, and time-to-market sit at the same table."


$ cat expertise.yaml

domains:
  modernization_and_migrations:
    - Landing Zones & AWS Organizations
    - Policy-as-Code (OPA/Conftest/SCPs)
    - Networking: TGW, Direct Connect, VPC design
    - Containers: ECS/Fargate, EKS, service mesh
    - API Gateway + event-driven (EventBridge / SQS / Step Functions / Lambda)

  security_and_compliance:
    - Zero Trust architecture
    - IAM, KMS, Secrets lifecycle management
    - WAF / ALB, account segregation
    - DR / Backup with compliance (LGPD, SOC2)
    - Supply-chain security: SBOM, cosign image signing

  platform_engineering_and_devex:
    - IDP / Backstage: service catalog & golden paths
    - Opinionated templates: Terraform / CDK / K8s
    - Reusable pipelines (GitHub Actions)
    - PR preview environments
    - Self-service with guardrails

  observability_and_reliability:
    - OpenTelemetry end-to-end instrumentation
    - Prometheus · Grafana · Loki stack
    - SLOs from day one (not day two)
    - DORA metrics & continuous improvement

$ tech --list --all

🖥️ Languages & Runtimes

Java C# .NET Node.js TypeScript Python PHP Go Kotlin Bash PowerShell

⚙️ Backend & Frameworks

Spring Boot Quarkus ASP.NET Core NestJS FastAPI Laravel

☁️ Cloud Providers

AWS Azure GCP OCI

🐳 Containers & Orchestration

Docker Kubernetes Helm EKS GKE AKS Karpenter

🏗️ IaC & Policy-as-Code

Terraform AWS CDK CloudFormation Ansible OPA

🔁 CI/CD & GitOps

GitHub Actions GitLab CI Azure DevOps Argo CD Flux Jenkins

📡 Messaging & Integration

Kafka SQS EventBridge Step Functions Apigee Camunda

🔭 Observability & AIOps

OpenTelemetry Prometheus Grafana Loki Dynatrace New Relic PagerDuty

🔐 Security by Design

Zero Trust IAM KMS Vault cosign WAF


$ git log --oneline --selected-projects

📦 FinOps Automation — CUR + Athena + Glue + PDF Insights

Automated cost ingestion pipeline with serverless ETL and executive-grade reporting.

✔ CUR ingestion → Glue ETL → Athena queries → scheduled Lambda exports
✔ Cost allocation by tag/account | rightsizing suggestions
✔ Savings Plans / RIs coverage | monthly deltas and KPIs
✔ PDF/HTML insights auto-delivered to stakeholders

🔗 thiagorpantoja/finops-automation


📦 Chatwoot on ECS Fargate — Multi-tenant + ALB + WAF

Production-grade multi-tenant deployment with security and observability baked in.

✔ ECS Fargate + RDS + Redis | ALB rules per host | WAF + TLS 1.2/1.3
✔ Blue/green ready | autoscaling policies | least-privilege IAM + KMS
✔ Full observability pack included

🔗 thiagorpantoja/chatwoot-ecs


📦 EKS Blueprints + Karpenter — SLO-first Platform

Reference platform for app teams with golden paths, guardrails, and SLOs from day one.

✔ EKS + Karpenter | OTel + Prometheus + Grafana + Loki
✔ IDP/Backstage onboarding | PR environment previews
✔ Golden Paths templates | self-service with guardrails

🔗 thiagorpantoja/eks-blueprints-slo


$ metrics --impact

Metric Reference Value
🏦 Cloud cost reduction via FinOps up to 40%
🚀 Deployment lead time improvement DORA Elite tier
🛡️ Security findings remediation automated & policy-gated
☁️ Clouds managed simultaneously 4 (AWS · Azure · GCP · OCI)
🧩 Platform golden paths delivered catalog-driven, self-service

$ connect --open-to

✅ Complex multi-cloud architecture reviews
✅ Platform Engineering / IDP setup & maturity
✅ FinOps strategy & cost governance programs
✅ DevSecOps pipeline hardening
✅ Staff-level technical mentorship
✅ Consulting & fractional CTO engagements

"Ship fast. Stay secure. Optimize relentlessly."

LinkedIn Email

Popular repositories Loading

  1. SistemaPepsus SistemaPepsus Public

    Forked from tailanefv/SistemaPepsus

    Prontuário Eletrônico do Paciente

    Python 1

  2. SistemaHospitalar SistemaHospitalar Public

    Forked from yasminvic/SistemaHospitalar

    Repositório para Sistema Hospitalar com Prontuário Eletrônico.

    C# 1

  3. Sistema-de-Gerenciamento-Hospitalar Sistema-de-Gerenciamento-Hospitalar Public

    Forked from Kauanesco/Sistema-de-Gerenciamento-Hospitalar

    Sistema de gerenciamento de pacientes, funcionários e prontuários.

    C# 1

  4. rabbitmq rabbitmq Public

    Smarty 1

  5. flutter_laravel_firebase_app flutter_laravel_firebase_app Public

    PHP 1

  6. easynext_finops_gcp easynext_finops_gcp Public

    Python 1