CISO

About Rauva:

Rauva is Portugal’s first all-in-one platform designed for business owners and entrepreneurs to start, run, and grow their businesses. From opening a business account and managing certified invoicing, expenses, and payments to accessing expert accounting services, Rauva brings everything you need into one single place.

Combining cutting-edge technology with personalized human support, we simplify daily business finances, so entrepreneurs can focus on what truly matters — growing their business. And this is just the beginning, as we're in the process of acquiring the bank Montepio Empresas.

Our achievements say it all:

• Awarded Mastercard For Fintechs Europe 2024
• Winner of the Banking Tech Awards 2024
• Recognized in the Technology Fast 50 2024 by Deloitte
• Winner of the Prémio Navegantes XXI 2024
• Selected by Banco de Portugal for the Finlab Portugal program
• Selected by Unicorn Factory Lisboa
• Honoured as the Tech Innovator in Portugal 2023 by KPMG

Rauva was founded just two years ago in Lisbon, Portugal, and we’ve been on an incredible growth journey ever since. Our team has expanded rapidly, from 40 members last year to 100 today, representing over 10 nationalities and proudly maintaining a workforce that is 47% female.

Your work at Rauva will directly impact thousands of entrepreneurs, as you collaborate with a passionate team of innovators to create cutting-edge, user-focused products that are transforming the future of Portuguese businesses.

Your Responsibilities:

Governance & Policy Management

• Establish and maintain security policies, standards, and guidelines aligned with leading frameworks (ISO 27001, PCI DSS).

• Communicate and enforce these policies across Rauva.

Regulatory Compliance & DORA Readiness

• Serve as the main liaison with auditors and regulators, demonstrating Rauva’s DORA compliance and overall operational resilience.

• Collaborate with the Risk and Compliance teams to implement and maintain robust security controls.

Risk Management & Operational Resilience

• Implement risk frameworks that balance security needs with business objectives.

• Continuously monitor the threat landscape and adapt security measures proactively.

• Integrate DORA guidelines into existing risk management processes, ensuring operational resilience is woven into all IT and cybersecurity activities.

Security Operations

• Lead day-to-day security tasks: threat monitoring, incident detection, and response.

• Oversee advanced security technologies (SIEM, IDS/IPS, EDR, etc.) and manage security partners.

• Conduct post-incident reviews to identify lessons learned and enhance processes.

Team Leadership & Collaboration

• Recruit, mentor, and manage a high-performing cybersecurity team.

• Work closely with the Head of ICT, DevOps, and Product leads to implement secure design principles.

• Champion a cross-departmental culture of shared security accountability.

Reporting & Metrics

• Define and track KPIs/KRIs related to security, risk, and operational resilience.

• Provide regular updates to the Executive Committee and the Board.

• Maintain clear, thorough documentation for audits and management reviews.

Key Focus Areas

1. Security Governance & Strategy

• Define and communicate a clear, actionable information security vision, strategy, and roadmap.

• Continuously assess and improve security posture to align with Rauva’s long-term goals.

2. Regulatory Compliance & DORA Alignment

• Ensure compliance with EU banking regulations, GDPR, and DORA requirements for operational resilience in financial services.

• Collaborate with relevant internal teams and regulatory bodies (e.g., Bank of Portugal) to ensure Rauva remains fully compliant with evolving norms.

3. Risk Management & Incident Response

• Identify, assess, and prioritize information security risks, including cyber threats and operational vulnerabilities.

• Develop and lead an incident response plan to quickly address, contain, and remediate security breaches.

4. Security Operations & Architecture

• Oversee vulnerability management, penetration testing, and threat intelligence initiatives.

• Partner with ICT, DevOps, and Product teams to embed security best practices into all systems and applications.

5. Security Culture & Training

• Foster a “security-first” mindset across all departments.

• Implement security awareness programs, ensuring every employee understands their role in protecting Rauva’s data and infrastructure.

What’s Your Ideal Background?

• Bachelor’s degree in Computer Science, Cybersecurity, or a related field. Advanced degrees or certifications (e.g., CISSP, CISM, CISA) are a plus.

• 7–10 years in cybersecurity or information security, with at least 3 years in a leadership role—preferably within European banking or fintech.

• Strong working knowledge of EU regulations including GDPR, PSD2, and DORA (Digital Operational Resilience Act).

• Hands-on expertise in incident response, risk assessment, and compliance management.

• Proficiency with security technologies (SIEM, IDS, WAF, EDR, etc.).

• Demonstrated ability to liaise with senior management, regulators, and auditors.

• Exceptional communication skills in English and Portuguese, able to translate complex security concepts for diverse audiences.

• Proven leadership abilities with a passion for fostering collaborative, high-trust teams.

• Self-starter who thrives in a dynamic startup environment, comfortable with evolving priorities.

What we can offer you:

• Remote Policy: Work from home or our office in Lisbon according to Rauva’s remote work policy
• Competitive Salary above the industry average
• Meal Allowance
• Leadership Opportunities (chances to lead projects and teams)
• Enjoy off-site events and getaways to build a strong sense of community
• Access to the latest accounting software and tools
• Opportunities to advance within a rapidly expanding organization that aims to be present throughout Southern Europe in the very near future.

The Hiring Process for This Role:

1. MBTI Test

2. 1st Interview: Intro call with People team for culture fit

3. 2nd Interview: Interview with the CTO

4. 3rd Interview: Interview with the CRO

5. Competencies & Technical Assessment

6. Job Offer

Join the Rauva mission to make entrepreneurship easily accessible to everyone.

Be part of Rauva’s mission to make entrepreneurship easily accessible to everyone.

If you’re driven about innovation, excel in a fast-paced startup environment, and want to be involved in impactful solutions, Rauva is the place for you. Join us in shaping the future of banking and enabling SMEs to grow and succeed across Europe. 

Be part of a groundbreaking journey where innovation meets impact, and help us create something truly pioneer.