Raf Almeida

European Information Security Leader | Identity & Cyber Resilience at Scale | Enabling Secure Operations Across 20+ Countries | Board-level Risk

Marinha Grande, Leiria, Portugal

About

European Security & Corporate Technology Leader operating at CISO level, responsible for securing and enabling large-scale, complex, multi-entity environments across 20+ European countries. I don’t see Security and Corporate IT as separate functions. I see them as business capabilities that must work together to create resilient, scalable and trusted organisations. My role is to ensure people, technology and operations can continue to perform, even under pressure, disruption or cyber threat. Protect value. Maintain trust. Enable the business to move with confidence. I lead security, corporate technology and operational resilience across international environments, combining cybersecurity, identity, workplace technology, cloud governance and business continuity into a single strategic vision. In modern organisations, identity has become the perimeter. I lead identity-centric operating models based on Zero Trust principles, ensuring access is secure, observable and resilient across cloud, SaaS and hybrid ecosystems. At the same time, Corporate IT must enable productivity, collaboration and simplicity at scale. I work to modernise environments, reduce operational friction and create secure digital workplaces that support business growth without compromising resilience. I work closely with executive leadership and boards to translate technology and cyber risk into clear business decisions, prioritised investments and measurable operational outcomes. I lead incident response, crisis management and recovery capabilities at scale, ensuring organisations are prepared not only to prevent disruption, but also to respond and recover effectively when risk materialises. Across highly regulated and critical sectors, I align security and operational practices with frameworks such as NIS2, DORA, ISO 27001, TISAX and DFARS, not as compliance exercises, but as mechanisms to build structured, sustainable resilience. I drive transformation initiatives that simplify technology landscapes, strengthen security posture and improve operational maturity, always balancing risk, speed, user experience and business priorities. Technology and security should not slow organisations down. When designed well, they become invisible enablers of trust, resilience and growth.

Experience

  • European Information Security Lead at BCA Europe
    Jul 2025 - Present · 1 yr 1 mo

    Accountable for protecting business value and operational continuity across 20 European countries and 3 business units, owning enterprise cyber risk as a core business concern and supporting executive and board-level decision making. Information security is governed through a robust ISMS, supported by clear policies and standards that enable secure growth, regulatory compliance, and operational consistency across regions. The security strategy is preventive by design, strengthening the organization through cyber hygiene, security by design, and the development of a strong human firewall. Recognizing that zero risk does not exist, the focus extends to rapid detection, response, and recovery, ensuring resilience, continuity, and minimized financial and reputational impact

  • Head of IS at Shared Service Center de Lisbon, nearshore to France and Belgium at Inetum
    Sep 2022 - Jul 2025 · 2 yrs 11 mos

    Led high-performance teams managing enterprise datacenter and cloud infrastructure across Europe, covering networks, cybersecurity, storage, virtualization, operating systems, databases, and cloud platforms. Scaled the organization from 55 to 130 professionals, evolving the center to a dedicated client delivery model and significantly increasing service maturity, resilience, and delivery capacity across Run and Build activities from L1 to L3. Accountable for operational resilience, service continuity, and risk management, with ownership of delivery models involving architects, service managers, delivery managers, and project managers, while leading executive stakeholders in Belgium and France. Acted as taskforce lead for critical situations involving major enterprise clients, driving rapid decision-making, crisis response, and service recovery under high business pressure. The Lisbon Shared Service Center became one of Inetum’s fastest-growing and best-performing datacenter infrastructure service centers in Europe, recognized for delivery quality, scalability, and client satisfaction. Focused on driving sustainable growth, operational excellence, regulatory compliance, SLA and KPI governance, budget ownership, and people-centered leadership, ensuring alignment between infrastructure operations, cybersecurity, and business objectives.

  • IBEROMOLDES Group SGPS (13 yrs 7 mos)
    • Executive Board Member - Iberomoldes ACE
      Oct 2011 - Aug 2022 · 10 yrs 11 mos

      Member of the Executive Board, contributing to strategic decision-making at group level, including digital transformation, risk management, and long-term industrial strategy. Provided executive oversight on information systems, cybersecurity, and operational risk, supporting sustainable growth and international expansion.

    • CIO and CISO
      Feb 2009 - Aug 2022 · 13 yrs 7 mos

      Served as Group CIO and CISO for a multinational industrial group operating across multiple countries and highly demanding sectors, including automotive, aerospace, electronics, and medical devices, with over 1,500 employees and a strong export-oriented footprint. Accountable for enterprise information systems, cybersecurity, and digital strategy across the group, owning cyber risk, operational resilience, and business continuity in complex industrial and manufacturing environments. Led the design, implementation, and governance of group-wide IT and information security architectures, aligning technology, security, and operations with business strategy and industrial requirements. Acted as a trusted advisor to executive leadership, translating technology and cyber risk into business decisions, investment priorities, and long-term transformation initiatives

  • IT Director at Aguas do Minho e Lima - Grupo Aguas de Portugal
    Sep 2004 - Feb 2009 · 4 yrs 6 mos

    Aguas do Minho e Lima It has the responsibility to construct, operate and manage the Multi-System Water Supply and Sanitation Minho- Lima, a project developed by Águas de Portugal and by local councils, serving nearly 300,000 habitants. These municipalities are: Ponte da Barca , Caminha , Melgaço , Monção , Paredes de Coura, Ponte da Barca , Ponte de Lima , Valencia, Viana do Castelo and Vila Nova de Cerveira . Top Goals: - Implementation VoIP system over ADSL first in Portugal - Implementation GPRS system, multi point – multi point frist in Portugal, to support 250 automation infrastructures - Modeling process of business core and optimization in software application - IportalDoc implementation

  • Pre-Sales | System Architect | Project Management Manager | PMO implemention at Tecnidata
    Sep 2000 - Aug 2004 · 4 yrs

    Senior leadership roles in a leading technology company (1,400 professionals). • Head of PMO and Director of Pre-Sales and Project Management. • Led strategic clients, multi-vendor teams, contracts, and partnerships. • Delivered critical projects within scope, time, and budget. Highlights • Representative at HP Competence Center (Stuttgart). • IBM Top Gun participant. • IT coordination for EURO 2004 press systems. • Led Microsoft Gold Projects for Mota-Engil, Unicer, and Aenor. • 50+ certifications across HP, IBM, Cisco, Microsoft, and VMware.