🇺🇸 English | 🇧🇷 Português
📍 São Paulo, Brazil | 🌍 Open to relocation
I design and build production-grade generative AI systems for regulated financial institutions.
My work sits at the intersection of AI engineering, software architecture, security, observability, and regulatory governance. I build the technical platforms that allow organizations to adopt generative AI while maintaining control over identity, data access, model usage, auditability, resilience, and regulatory compliance.
This combination is still relatively uncommon: most professionals focus either on LLM application engineering or governance and policy. I work across both domains, translating regulatory and security requirements into enforceable architectural controls.
I have more than 22 years of experience in the financial industry, including 17 years at Caixa Econômica Federal, where I worked across corporate banking, treasury, regional operations, and national business units.
I later moved into software engineering and artificial intelligence roles at:
- BTG Pactual
- Cast Group, working with Banco do Brasil
- Itaú Unibanco
- ASA SCFI, where I became the company’s first professional dedicated exclusively to artificial intelligence
My experience ranges from banking operations and financial products to software engineering, generative AI architecture, AI governance, security, and enterprise adoption.
Refactored an enterprise banking conversational platform into a hexagonal, observable, and compliance-oriented architecture.
The platform was designed so that security, data protection, traceability, and auditability were structural properties of the system rather than controls added after implementation.
Technical details
- Refactored the platform using hexagonal architecture, with clear separation between domain, application, infrastructure, presentation, and composition-root layers
- Implemented model and conversation-flow orchestration with LangGraph, cognitive routing, and domain-specialized services
- Introduced pseudonymized identity using HMAC-SHA256, with session isolation, thread isolation, and LGPD-oriented data protection
- Designed synchronous and asynchronous multichannel processing with FastAPI, workers, Redis, and Azure Service Bus
- Implemented idempotency controls and persistent checkpoint management
- Added distributed observability with OpenTelemetry and Langfuse
- Standardized structured logging, request correlation, tracing, and automatic PII redaction
- Decoupled authentication from graphs and prompts through a secure Redis-backed context with controlled TTL
- Kept authentication tokens and sensitive credentials outside model context
- Implemented interchangeable feature flags using environment variables or Flagsmith
- Enabled gradual rollouts, controlled experimentation, and operational kill switches
- Applied dependency injection and ports-and-adapters patterns to simplify testing, provider substitution, and independent integration evolution
Designed a compliance-first LangGraph subgraph for investment-related interactions.
The solution combines DSPy-validated routing, Redis-backed retrieval, suitability controls, structured tool execution, and self-correcting responses. Regulatory requirements are enforced before the model receives product options or generates a response.
Technical details
-
Built a custom semantic-routing mechanism with negative-aware scoring
-
Implemented ambiguity detection using per-intent thresholds, an absolute confidence floor, and the score margin between candidates
-
Added automatic routing-cache invalidation through a SHA-256 fingerprint of the intent catalog
-
Defined LLM output contracts with DSPy declarative signatures and Pydantic validation
-
Used strongly typed
RouterOutputmodels withLiteraltypes -
Added a fail-safe coercion layer to absorb output-format drift before any tool execution
-
Implemented response self-correction with
dspy.Refine -
Created a compliance reward function covering mandatory disclaimers, third-person language, avoidance of imperative phrasing, and prohibition of portfolio opinions
-
Regenerated responses until they reached the required compliance score or exhausted the retry budget
-
Implemented a critique node for CVM and ANBIMA requirements
-
Injected mandatory disclaimers before response delivery
-
Enforced suitability on the product shelf before products became visible to the model, following CVM Resolution 30
-
Created a specialized asynchronous
BaseTooltoolset, instantiated dynamically for each interaction -
Supported market-shelf searches with semantic filters
-
Supported individual-asset and consolidated portfolio queries
-
Added on-demand product details and editorial or house-view retrieval
-
Generated PDF reports from conversation state using ReportLab
-
Applied a fat-and-slim Redis Stack data model
-
Indexed lean projections in RediSearch for retrieval and ranking
-
Retrieved full documents with
JSON.GETonly for records that entered the final model context -
Created a
QueryBuilderwith an explicit field taxonomy:TAGfor exact matchesTEXTfor tokenized and fuzzy searchesNUMERICfor range filters
-
Added special-character escaping for RediSearch
-
Enforced mandatory row-level security by CPF in application code, never through model instructions
-
Sanitized RediSearch input against prompt injection and command injection
-
Blocked aggregation and command verbs
-
Rejected control characters and enforced input-length limits
-
Added a wildcard fail-safe for invalid search expressions
-
Implemented anaphora resolution using a bounded entity stack in Redis
-
Applied semantic deduplication and short TTLs to the entity stack
-
Injected resolved entities into queries before DSPy processing
-
Added asynchronous portfolio pre-warming to remove portfolio loading from the first-turn critical path
-
Made initial response latency independent of portfolio size
-
Stored routing metrics in Redis hashes using
HINCRBYand rolling TTLs -
Aggregated metrics safely across multiple workers without centralized coordination
-
Added degradation alarms based on fallback-rate thresholds
Worked on the architecture, governance, and adoption of enterprise generative AI capabilities.
- Claude Code rollout for approximately 250 developers
- Claude Enterprise deployment for approximately 150 business and technology users
- Security hooks for deterministic policy enforcement
- MCP server governance and allowlisting
- Self-hosted AI gateway deployed inside a controlled VPC
- Model-access governance and provider-routing controls
- Standardized auditability and observability requirements
- Internal AI Academy with technical and governance certification tracks
- Architecture and security guidance for AI-assisted software development
- Training materials for developers, business users, architects, and governance teams
My work includes requirements and controls related to:
- BACEN and CMN regulations
- Brazilian General Data Protection Law, or LGPD
- CVM regulations
- ANBIMA guidelines
- European Union Artificial Intelligence Act
- Digital Operational Resilience Act, or DORA
- NIST AI Risk Management Framework
- ISO/IEC 42001
- NIST SP 800-53
- CIS Controls
- MITRE ATLAS
- OWASP guidance for LLM and agentic systems
Reference architecture for an enterprise knowledge assistant with authorization-aware retrieval.
The project demonstrates:
- DSPy-validated semantic routing
- ACL-aware RAG
- Access-control enforcement inside vector search
- Structured-query compilation for RediSearch
- Fat-and-slim Redis data modeling
- Deterministic fake providers for local execution
- Optional integration with DSPy and Groq
- Clean Architecture
- Twelve-Factor configuration
- Automated test coverage
Access control is enforced during retrieval and is never delegated to the language model.
Hands-on Claude Code laboratory built around an educational cryptocurrency portfolio application.
The project demonstrates:
- Claude Code subagents
- Reusable skills
- Deterministic hooks
- Dangerous-command blocking
- Out-of-scope prompt blocking
- Local MCP server integration
- Continuous integration and delivery
- Bilingual documentation in English and Brazilian Portuguese
Reusable Claude Code harness for Python engineering teams.
The project includes:
- Project bootstrap automation
CLAUDE.mdscaffoldingAGENTS.mdscaffolding- Reusable development standards
- Optional MCP governance
- Fail-closed security hooks
- CI-based policy enforcement
- Python quality and security tooling
The project follows a central principle:
Instruction is not control. Policies that must always hold belong in deterministic hooks and CI gates, not only in prompts.
Personal finance SaaS application focused on financial organization, account aggregation, transaction analysis, and intelligent financial insights.
Open-source Model Context Protocol server for the Brazilian Open Finance ecosystem, designed to expose standardized financial capabilities to AI agents through controlled and auditable interfaces.
- LangGraph
- DSPy
- LlamaIndex
- LangChain
- LiteLLM
- Mem0
- Model Context Protocol
- Agent-to-Agent architectures
- Semantic routing
- Retrieval-augmented generation
- Multi-agent orchestration
- Structured tool calling
- LLM evaluation and guardrails
- Microsoft Azure
- Amazon Web Services
- Azure OpenAI
- Amazon Bedrock
- Kubernetes
- Docker
- API gateways
- VPC-based AI infrastructure
- Python
- FastAPI
- PostgreSQL
- Redis Stack
- RediSearch
- RedisJSON
- Qdrant
- pgvector
- SQLAlchemy 2.0
- Pydantic
- Asynchronous processing
- Event-driven architectures
- REST APIs
- React
- Next.js
- TypeScript
- OpenTelemetry
- Langfuse
- Datadog
- Structured logging
- Distributed tracing
- Request correlation
- PII detection and redaction
- LLM Guard
- Zscaler
- Microsoft Entra ID
- Prompt-injection protection
- Model-access governance
- Secrets management
- MCP server governance
NIST AI RMF 1.0 · ISO/IEC 42001:2023 · OWASP LLM Top 10 · OWASP Agentic Security Guidance · NIST SP 800-53r5 · CIS Controls v8.1 · MITRE ATLAS
uvpyproject.tomlruffmypy --strictimport-linterpytestpydanticbanditpip-audit- Clean Architecture
- Hexagonal Architecture
- SOLID principles
- Twelve-Factor applications
- Dependency injection
- Idempotent processing
- Enterprise generative AI platforms
- AI architecture for financial institutions
- Agentic AI systems
- Multi-agent orchestration
- Model Context Protocol
- Agent-to-Agent communication
- Secure AI-assisted software development
- LLM application security
- Authorization-aware RAG
- AI observability and evaluation
- AI governance and regulatory compliance
- Enterprise adoption of coding agents
- Responsible AI engineering
I am open to opportunities such as:
- Staff AI Engineer
- Principal AI Engineer
- Generative AI Architect
- AI Platform Architect
- AI Governance Architect
- AI Security Architect
I am particularly interested in roles that combine engineering with architecture, security, governance, and enterprise-scale AI adoption.

