João Pedro Gonçalves

CISO | Deal Sourcing & Value Creation @ EQT

15+ years experience

EQT Group

A purpose-driven global investment organization. EQT has a 30-year track record of delivering consistent and attractive returns across multiple geographies.

<aside> <img src="https://prod-files-secure.s3.us-west-2.amazonaws.com/707dc589-6f14-4c7b-a2f0-8b0b1a018456/44219414-14d3-450d-b24a-f147834d9e0a/1x1-ffffff7f.png" alt="https://prod-files-secure.s3.us-west-2.amazonaws.com/707dc589-6f14-4c7b-a2f0-8b0b1a018456/44219414-14d3-450d-b24a-f147834d9e0a/1x1-ffffff7f.png" width="40px" /> As the CISO at EQT Group, I lead the Cyber Security Acceleration Program, driving the implementation of cybersecurity technologies and processes to enhance security maturity. I advise deal teams and portfolio companies on cybersecurity strategies, support Ventures, Growth, and PE teams in deal sourcing, and conduct due diligence and cyber assessments for strategic initiatives. I also engage in cybersecurity think tanks, monitoring emerging technologies and market trends. Additionally, I oversee site reliability engineering to ensure the scalability and seamless operation of EQT’s critical infrastructure, continuously driving innovation.

</aside>

• Chief Information Security Officer (& Managing Director) @ EQT Group

   2019/02 - Present 🇸🇪
  

• Heading the Security Platform Engineering Team (& Managing Director) @ EQT Group

   2021/04 - Present 🇸🇪
  

Qliro

Qliro is a leading fintech company offering safe and simple digital payment solutions, including a complete check-out to e-merchants.

<aside> <img src="https://prod-files-secure.s3.us-west-2.amazonaws.com/707dc589-6f14-4c7b-a2f0-8b0b1a018456/44219414-14d3-450d-b24a-f147834d9e0a/1x1-ffffff7f.png" alt="https://prod-files-secure.s3.us-west-2.amazonaws.com/707dc589-6f14-4c7b-a2f0-8b0b1a018456/44219414-14d3-450d-b24a-f147834d9e0a/1x1-ffffff7f.png" width="40px" /> Successfully established and led the information security and risk management department at Qliro AB from the ground up, implementing comprehensive security frameworks, governance structures, and operational processes to protect the company's digital assets and ensure regulatory compliance in the fintech sector.

</aside>

• Head of Information Security and Risk Management @ Qliro

   2017/04 - 2019/02 🇸🇪
  

• Information Security Risk Officer @ Qliro

   2016/07 - 2017/03 🇸🇪
  

EY (Ernst & Young)

Ernst & Young Global Limited, trading as EY, is a multinational professional services partnership. EY is one of the largest professional services networks in the world.

<aside> <img src="https://prod-files-secure.s3.us-west-2.amazonaws.com/707dc589-6f14-4c7b-a2f0-8b0b1a018456/44219414-14d3-450d-b24a-f147834d9e0a/1x1-ffffff7f.png" alt="https://prod-files-secure.s3.us-west-2.amazonaws.com/707dc589-6f14-4c7b-a2f0-8b0b1a018456/44219414-14d3-450d-b24a-f147834d9e0a/1x1-ffffff7f.png" width="40px" /> I was engaged in multiples roles: auditing SOX S&P 500 firms, advising in cybersecurity strategy and operational processes, IPOs (i.e Spotify) and IT risk management assessments. Audited by the PCAOB without findings.

</aside>

• Manager at IT Advisory services @ EY

   2014/09 - 2016/06 🇸🇪
  

• Senior Consultant @ EY

   2012/09 - 2014/08 🇸🇪
  

• Senior Consultant @ EY

   2009/09 - 2012/09 🇵🇹🇦🇴
  

Early Career

• Researcher and Consultant @ INOV

   2008 - 2009 🇵🇹
  

• Founder & President of Relationship Group with other Universities and Organisations @ IST University

   2007 - 2008 🇵🇹
  

• Intern at Distributed Systems Group @ INESC-ID

   2004 - 2006 🇵🇹
  

<aside> <img src="https://prod-files-secure.s3.us-west-2.amazonaws.com/707dc589-6f14-4c7b-a2f0-8b0b1a018456/037e3885-db26-48b5-ad17-1f1f976f8f55/mailbox-closed-flag-up.png" alt="https://prod-files-secure.s3.us-west-2.amazonaws.com/707dc589-6f14-4c7b-a2f0-8b0b1a018456/037e3885-db26-48b5-ad17-1f1f976f8f55/mailbox-closed-flag-up.png" width="40px" /> Contacts 𝕏/@joaosobral in/@joaosobral

</aside>

<aside> <img src="/icons/computer-chip_gray.svg" alt="/icons/computer-chip_gray.svg" width="40px" /> Bio

As an experienced technology leader, I've driven cybersecurity, digital transformation, and innovation in various industries. I led EQT's digital transformation, establishing it as an industry leader. I've contributed significantly to high-profile IPOs like Spotify and EQT AB, participated in M&As, and managed several incidents and crises.

My expertise in cybersecurity, technology leadership, architecture, and automation has gained me recognition, including the 2024 EY Risk Transformation award in Digital and AI Transformation.

</aside>

<aside> <img src="https://prod-files-secure.s3.us-west-2.amazonaws.com/707dc589-6f14-4c7b-a2f0-8b0b1a018456/4c7ffb4c-76ab-4ee3-bbb1-0701a479c94b/chat.png" alt="https://prod-files-secure.s3.us-west-2.amazonaws.com/707dc589-6f14-4c7b-a2f0-8b0b1a018456/4c7ffb4c-76ab-4ee3-bbb1-0701a479c94b/chat.png" width="40px" /> **Languages

🇬🇧** English (C2, Proficient) 🇵🇹 Portuguese (C2, Native) 🇪🇸 Spanish (B2, Upper Intermediate) 🇸🇪 Swedish (A2, Elementary)

</aside>

<aside> <img src="/icons/arrivals_gray.svg" alt="/icons/arrivals_gray.svg" width="40px" /> **Countries were I worked, at least, more than 3 months

🏴󠁧󠁢󠁥󠁮󠁧󠁿** England (London) 🇵🇹 Portugal (Lisbon, Porto) 🇦🇴 Angola (Luanda) 🇸🇪 Sweden (Stockholm)

</aside>

<aside> <img src="https://prod-files-secure.s3.us-west-2.amazonaws.com/707dc589-6f14-4c7b-a2f0-8b0b1a018456/f1e0c265-3dce-4d87-b738-85fbcdf063cd/classroom.png" alt="https://prod-files-secure.s3.us-west-2.amazonaws.com/707dc589-6f14-4c7b-a2f0-8b0b1a018456/f1e0c265-3dce-4d87-b738-85fbcdf063cd/classroom.png" width="40px" /> **Education

MIT Sloan School of Management, Executive Ed.**

• Generative Artificial Intelligence: Applied Generative AI for Digital Transformation (June 2024 - July 2024)

Saïd Business School, University of Oxford

• Private Markets Investments Programme advanced knowledge and skills in private equity and debt (February - March 2023)

Information Systems Audit and Control Association, ISACA

• Certified Information Systems Auditor, is world-renowned as the standard of achievement for those who audit, control, monitor and assess an organization’s information technology and business systems. (March 2013)

Instituto Superior Técnico, Lisbon

• MsC, Computer Science and Engineering - Major Information Systems and Minor Software Development (2007 - 2009)
• BsC, Computer Science and Engineering (2003 - 2007)

University of Cambridge

• First Certificate in English B2 (2003)

Other certifications

• APMG, ITIL V3 Foundation (2011)
• British Standards Institution, ISO/IEC 27001:2005 (2009) </aside>

<aside> <img src="https://prod-files-secure.s3.us-west-2.amazonaws.com/707dc589-6f14-4c7b-a2f0-8b0b1a018456/619abd41-5881-4d34-8892-42e0586286c4/podium-with-speaker.png" alt="https://prod-files-secure.s3.us-west-2.amazonaws.com/707dc589-6f14-4c7b-a2f0-8b0b1a018456/619abd41-5881-4d34-8892-42e0586286c4/podium-with-speaker.png" width="40px" /> **Selected Publications, Talks & Awards

Papers**

• Ten Key Insights for Informed Cyber Oversight
• Reporting Cyber Risk to Boards. CISO Edition
• Master Thesis, Integrating Organizational Design and Architecture: A Case Study

Talks

• Future of Threat Intelligence (2024)
• The CISO Experience (2022)

Awards / Mentions

• EY Nordic Risk Transformation Awards, category of Digital and AI transformation (2024)
• EQT in the 99th percentile of the S&P 500 Global ESG Score, Cybersecurity domain for alternative investments. (2024) </aside>