DevOps / Platform Lead (Cloudflare-first) — Reliability + IT Ops (Light Helpdesk) — E-commerce
Campinas, SP (base) | Hybrid (Brazil — 3 days/week in-office in Campinas-SP)
CLT | Full-time
Easy Apply (LinkedIn) | Resume required (PDF)
About firmly
firmly solutions turn moments of product discovery (AI, social, content, ads, messaging, etc.) into instant purchases through its agentic commerce platform — with fast, embedded checkout and a strong focus on security and reliability.
The role
We're looking for a
highly accomplished DevOps / Platform Lead
to own reliability, delivery, and platform foundations for mission-critical commerce and checkout systems in a
Cloudflare-first (edge/serverless)
environment. You'll set the standard for how we build, ship, observe, secure, and operate production systems—enabling teams to move fast with confidence.
You'll also own
Corporate IT operations
, including
light helpdesk
(user setups, access, device configuration), while prioritizing automation and self-service to keep support scalable (approx.
70% Platform/Reliability, 30% IT Ops
).
This is a hybrid role with 3 days per week in-office in Campinas-SP.
What you'll do (Platform / DevOps / Reliability)
* Own and evolve our
Cloudflare-first platform
, including
Workers
and related services (e.g.,
KV, Durable Objects, Queues, R2, D1
— as applicable).
* Lead our
Infrastructure as Code
practice – owning the approach, tooling, and standards (tool-agnostic), with strong reviewability, repeatability, and secure-by-default controls.
* Own
Cloudflare tooling and automation
(
Wrangler
, CI/CD integration, environment management, secrets, rollouts).
* Build and continuously improve
CI/CD pipelines
, release processes, and deployment safety (staged rollouts, canary/blue-green patterns where applicable, fast rollback).
* Drive
observability
(logs/metrics/tracing), define and operationalize
SLOs/SLIs
, improve alerting quality, and raise on-call readiness ("you build it, you run it").
* Lead incident practices: triage, comms,
blameless postmortems
, and prevention plans that measurably reduce repeat incidents.
* Strengthen security posture across systems:
least privilege
, secrets management, secure configuration, and secure-by-default standards.
* Improve performance and resilience across edge/serverless systems: latency, caching strategy, rate limiting, backoff/retries, graceful degradation.
* Own operational standards: runbooks, reliability reviews, and DR/backup strategy (as applicable to the architecture).
What you'll do (Corporate IT, IT Operations & Light Helpdesk — scoped)
* Own
identity & access
for corporate tools (SSO/MFA, access reviews, joiner/mover/leaver processes; least privilege).
* Provide
light helpdesk support
for user setup and common requests (accounts, permissions, device setup, basic troubleshooting), with a focus on
fast resolution and clear escalation
.
* Manage
onboarding/offboarding
end-to-end (laptops, accounts, tool access, checklists) and keep documentation current.
* Administer core
SaaS tools
and coordinate vendor support when needed.
* Own lightweight
IT Operations
: request intake/triage, SLAs, ticket hygiene, and reducing repeat issues through automation.
* Maintain baseline
endpoint and security hygiene
(patching expectations, MDM/endpoint controls if applicable, secure configs).
* Support
network access operations
where applicable (VPN/Zero Trust policies, access rules, Wi-Fi office setup).
* Maintain
asset and license inventory
, and streamline procurement/renewals (devices, peripherals, licenses).
* Reduce support load by building
self-serve
resources and automation (templates, scripts, runbooks, tools, onboarding flows).
What we're looking for
* 8+ years
in DevOps/SRE/Platform Engineering, including leading initiatives and mentoring engineers.
* Proven track record operating
production systems
with strong uptime, latency, and security requirements.
* Strong experience with
Infrastructure as Code
and Git-based workflows (code reviews, modules, multi-environment setups).
* Strong experience with
CI/CD
and safe delivery practices (quality gates, staged deploys, fast rollback).
* Strong
observability and incident management
skills (logs/metrics/tracing, SLOs, alert tuning, postmortems).
* Strong security fundamentals (authN/authZ, secrets management, least privilege, secure-by-default design).
* Experience running production workloads on Cloudflare—especially Workers—is strongly preferred; equivalent serverless/edge experience is also welcome, with willingness to ramp up quickly on Cloudflare.
* Comfort owning
Corporate IT/IT Ops
in a lean environment, including light helpdesk, with a strong bias toward automation and scalable processes.
* Excellent communication and leadership—able to influence engineering habits and architecture across teams.
* Advanced English (spoken and written)
— you'll collaborate with a global team in English.
* Ability to work in a hybrid model: 3 days/week in our Campinas-SP office.
Bonus points
* Experience with
e-commerce
, checkout, payments, fraud/risk, or other mission-critical transaction systems.
* Cloudflare security/performance:
WAF, DDoS, bot management, rate limiting, caching/CDN strategy
.
* Event-driven architectures, async processing, queues/streams (including edge patterns).
* Experience implementing
SSO/IdP
(Okta, Google Workspace, Azure AD) and endpoint management/MDM practices.
* Internal developer platform / developer experience (golden paths, templates, paved roads, self-service tooling).
* Cost optimization mindset (FinOps) for serverless/edge workloads.
Benefits & growth
* Unimed Nacional health plan (coverage for spouse/partner and children)
* Meal and food allowance (VR/VA)
* Life insurance
* UniOdonto dental plan
* Career growth & advancement opportunities (mentorship, ownership, room to grow with the team)
* Clear growth path (regular feedback and performance cycles)
* Ownership & autonomy (high-impact work, end-to-end responsibility)
* Learning & development support
How to apply
Click Easy Apply on LinkedIn and attach your resume (PDF).
Tip: parts of the interview process may be conducted in English.