Chief Information Security Officer (CISO)

Job description

“One of Castor’s core values is to: ‘Act responsibly and protect the data’. Our customers trust us with some of the world’s most valuable research data and expect us to keep it secure. You will lead our security efforts and ensure our ISO27001 ISMS can support our global expansion.”

Rob Konterman, COO.

Who is Castor?

Castor is a leading cloud-based clinical data platform working with some of the world’s largest pharmaceutical companies, medical device companies, biopharmas, and renowned academic institutes.

We simplify the clinical trial process, from recruitment to analysis, with user-friendly, patient-centric technology. Our mission is to bring medical research into the digital age. Why? Because medical research is still largely run using free-text, paper, and legacy technology.

Our self-service platform enables our users to run remote (decentralized), device enabled, patient-centric trials. By helping our users capture high-quality data and making it machine-readable, we are fundamentally changing the flawed evidence-based medicine process.

How is Castor supporting the Coronavirus crisis?

Castor has joined the global fight against the Coronavirus by making our research data capture system available for free for all COVID-19 research projects. Castor is supporting more than 200 COVID-19 studies across the world, including the World Health Organization’s SOLIDARITY trial.

What you’ll do

Castor is a growing start-up that is scaling from 90 to 140 employees by the end of this year. As the first dedicated security Castorian, we expect you to play both a strategic and hands-on role. This means you will be building strategic business cases for security investments but also implementing operating procedures yourself. You will work closely with Compliance, Quality Assurance, and our Platform team (total 10 FTE) and directly manage our Local System Administrator. You will take care of:

  • Managing information security compliance and associated audits (e.g. ISO27001, HIPAA);
  • Collaborating with the platform team on the selection and implementation of security measures such as intrusion detection, vulnerability management, and SIEM services;
  • Leading the cross-functional response to security incidents on a 24x7 basis;
  • Communicating our security capabilities and measures to prospects and customers;

What you’ll bring

You will play both a strategic and hands-on role in a growing company, initially operating at a Senior Manager level. You’ll be successful by being:

  • Certified Information Systems Security Professional (CISSP) or you intend to obtain this within 6 months;
  • Familiar with information security standards such as ISO/IEC 27001 and/or SOC2 and have at least 3 years of experience implementing and/or maintaining these standards;
  • Excellent with your communication skills, feeling comfortable in writing comprehensive policy and procedural documentation in English;
  • Proven in your ability to work with stakeholders in a startup environment.

What you’ll learn

It’s a crucial time for Castor. We’re on ‘full power mode’ and scaling-up at an exponential rate. For you, the opportunities are endless:

  • Take charge as ‘chief’ leading security at a company that carries security in their DNA;
  • Be involved in maximizing the impact of medical research through global reuse of data;
  • Work tightly with the security experts on our Platform team to optimize our security;
  • Use your security expertise to infuse our Engineering teams with the knowledge to develop securely

What you'll get

At Castor we truly live and breathe our core values, believing we can achieve anything with a healthy and happy team.' With this in mind, we offer the following benefits:

  • A flexible, office-based, and partly remote working opportunity
  • A competitive salary and a guaranteed 'happy holidays' bonus
  • 30 days annual leave (plus national holiday days)
  • Interested in ‘lifelong learning’? You’ll love using our development and training budget
  • Flexible approach to working - nobody is tracking your time
  • A MacBook or Dell laptop, we’re a tech start-up after all ;)
  • Like to feel zen? You’ll love our company subscription to Calm for meditation and yoga


Our current CISO and Site Reliability Engineer, Nick Groenen, who is transferring to a full-time Site Reliability Engineer role, in his latest blog shares insights on information security challenges and growth opportunities at Castor. Check it here!

Want to know more? Check out the role profile for some further insights, or apply now!

Castor continues to grow as an Equal Opportunities Employer. We strongly encourage applications from women, people of colour, and people from the LGBTQ(+) community. In your application, please feel free to share the pronouns you use (for example, she/her/hers, he/him/his, they/them/theirs, etc.).