1. Digital Health Jobs
  2. Caspar Health

Head of Information Security / CISO (all identities)

Posted on May 27, 2025 (7 days ago)

Job description

What To Expect

Caspar Health was founded in 2016 and is a digital clinic with a vision to provide effective healthcare to everyone everywhere. This is your chance to reshape traditional healthcare concepts in prevention and rehabilitation, allowing people to receive the best care during and after hospital stays regardless of time and place.
Our highly motivated team works daily to integrate healthcare and technology to benefit our patients and improve the healthcare system through innovation.
As Head of Information Security / CISO (all identities) at Caspar, you will ensure readiness for ISO 27001 and GDPR audits and that our infrastructure is up-to-date with cybersecurity standards. If you want to contribute to transforming healthcare, apply to become a Casparian.

Your Challenges

  • Support management in aligning Caspar Health towards building a security-focused environment
  • Train employees directly and help them meet ISMS requirements efficiently and sustainably in business processes
  • Take responsibility for annual ISO 27001 audits
  • Ensure the organization has optimal incident management, real-time vulnerability management, and cyber defense
  • Be fully responsible for all ISMS and cybersecurity topics
  • Collaborate closely with executives, tech department, legal, and quality management
  • Monitor security landscape, advise system and infrastructure department heads on automated cybersecurity, endpoint security, asset management, and GDPR requirements
  • Define and monitor progress of security concept implementation
  • Support staff with ISMS-related standard operating procedures (SOPs)
  • Work closely with the tech department (DevOps, SecOps, SysAdmin) on configuration and troubleshooting of information security infrastructure devices and systems
  • Ensure swift and broad dissemination of security incident information and prevention methods within the company
  • Make data security part of Caspar's DNA
  • Drive investigation and mitigation processes for security incidents
  • Write reports with assessment-based insights, results, and suggestions for system and data security improvements

Your Profile

  • Extensive leadership experience in a similar role with software company background
  • Experience as network engineer, information security engineer, or system engineer in medium-sized company (100-500 full-time employees)
  • Trained employees on system and data security practices, established strong security awareness
  • Deep understanding of regulatory requirements (ISMS, PCI-DSS, ISO 27001) with certification and audit experience, guiding external auditors and building relationships
  • Experience in regulated industries like healthcare, pharma, finance, or public sector
  • Ability to develop and implement comprehensive security strategies aligned with business goals
  • Excellent communication, clarifying security needs and supporting optimal and automated ISMS and GDPR compliance methods
  • Strong risk management expertise with effective risk assessment and prioritization skills
  • In-depth knowledge of cybersecurity principles, standards, frameworks (e.g., ISO 27001, NIST, CIS Controls)
  • Expertise in network, OS, and cloud security; knowledge of security systems like firewalls, IDS/IPS, AV & EDR, URL filtering, scanning, risk assessment, forensic tools
  • Comprehensive understanding of security principles, protocols, and attack vectors including XSS, Injection, DoS, Hijacking, Social Engineering
  • Fluency in German and English, both written and spoken
  • Preferably certified CISSP, CCSP, OSCP, or similar

Why Caspar Health?

  • Remote-first with flexible working hours – office optional in Berlin Mitte or 90 days per year outside Germany
  • Monthly home office allowance and meal subsidy
  • 30 days of vacation per year
  • Budget for continuing education, conferences, and coaching tailored to your potential and development
  • High responsibility and decision-making freedom: no micromanagement, hiring experts who know their craft #MakeAnImpact!
  • True collaboration: no silos, no ego – united by a shared vision #ValueFocus!
  • Access to Caspar's mental and physical health offerings #HealthyTogether!
  • All snack wishes fulfilled, joint sports sessions, an always stocked beverage fridge, and a good sense of humor

Team Culture

  • Diversity is everyday life, not just a label
  • Feedback is part of culture, not just a tool
  • Technology only makes sense if it helps people
  • Driven by purpose with professionalism

How to Apply

Your contact is Dana Kussatz, Talent Acquisition Expert. They are interested in your earliest possible starting date and salary expectations. For further questions, contact [email protected]. They will get back to you as soon as possible.
Please apply exclusively via the application link to ensure data protection. Privacy policy link is provided in the post.
You can also apply directly on the company's website.

How to apply

How to Apply

Your contact is Dana Kussatz, Talent Acquisition Expert. They are interested in your earliest possible starting date and salary expectations. For further questions, contact [email protected]. They will get back to you as soon as possible.
Please apply exclusively via the application link to ensure data protection. Privacy policy link is provided in the post.
You can also apply directly on the company's website.