Charles de Freitas
Amateur photographer, Badminton, Gaming, Supping + a bit of engineering
Work
- Architected multi-tenant AWS foundation with organisational units, OIDC identity workflows, and least-privilege IAM roles with permission boundaries across trading desks.
- Implemented Cloud WAN global network architecture with site-to-site VPNs, inbound DNS resolvers, and out-of-band access for hybrid on-premises infrastructure.
- Architected and developed declarative CI/CD framework using Python and HCL configuration language, supporting multi-tenant deployments with profile-based execution (Terraform, Docker, Python, C++), target matrix expansion, and dependency orchestration across AWS accounts/regions.
- Built framework with advanced capabilities including artifact cross-references between profiles, AWS Organizations integration, variable precedence systems, and promotion workflows with topological dependency resolution for trading system deployments.
- Built comprehensive platform services including SSM-managed instances, Session Manager access, managed Kafka, GitHub Actions runners, and Step Functions/ECS workflows.
- Established application distribution platform supporting AWS Lambda, container runtimes, and bare-metal deployments with pull-through caching and artifact management for trading systems.
- Architected data platform supporting push and pull market data sources using Apache Iceberg storage, AWS Lambda/ECS ETL pipelines, enabling historical dataset provision for quantitative research and ML model training.
- Designed zero-trust access control spanning cloud environments, collocated servers, and internal applications using SSO, AWS Session Manager, and Cloudflare Access.
- Built and maintained production-grade real-time alerting system for trading platforms (3+ years in production) with advanced routing logic and multi-sink event distribution to Slack and historical analytics.
- Implemented comprehensive observability stack with CloudWatch metrics/alarms, Grafana dashboards, and log archiving for SRE operations.
- Managed secrets infrastructure across OnePassword and AWS, implementing workload-specific roles for low-latency trading applications.
- Migrated legacy Jenkins/Terraform Cloud infrastructure to modern OIDC-based workflows, reducing operational complexity and improving security posture.
- Delivered technical compliance for Remote Gambling and Software Technical Standards (RTS) audit.
- Developing a SaaS solution - incorporating a Java, Golang and React stack
- Designing and implementing CI/CD for all components of the SaaS solution
- Delivering training to 500+ 10-17 year olds, introducing them to a range of current cyber-security topics.
- Facilitating lab activities and acting as point of contact with guest speakers.
Education
- 76% Masters Project - An Extensible Framework For Portable And Distributed Packet Capture
- 87% Computer Security
- 84% Team Project (Game development)
- 74% Mobile and Ubiquitous Computing
- 73% Computer Systems and Architecture
- 72% Computational Vision
- 71% Intelligent Robotics
- A Computer Science
- A Mathematics
- B Further Maths
- 9 GCSEs grade A-C, including Maths and English
Volunteer
- Helping to plan and organise an in person 24 hour hackathon with 250+ attendees.
- In 2020 moving online with over 700 attendees.
- Organisation of guest speakers across the extended online event.
- Tech lead for software developed to improve engagement at an online event.
- Company bookkeeping.
- Designed and built a cloud based platform to provide easy access to developer tools.
- Gave a workshop on the basics of web scraping.
- Developed a suite of bots for Discord to improve management and engagement at an online event.
Skills
Terraform
Docker
Git
Ansible
Kubernetes
Golang
Java
Python
Linux
Networking
Automation & Provisioning
AWS
GCP
Bash
HTML
CSS
Javascript
React