Senior Engineer, Product Cybersecurity Systems

Who we are

In a life without sound our work provides meaning. As a leading provider of innovative hearing care solutions we are not just a company that makes products: we are a team on a mission to help people enjoy the delight of hearing. To enable a life without limitations through our core business brands Advanced Bionics Audiological Care Phonak Sennheiser (under license) and Unitron we develop manufacture and distribute solutions that push the limits of technology and redefine the future of our industry.

Valencia CA Hybrid

Senior Engineer Product Cyber Security Systems

The Senior Product Cyber Security Systems Engineer role focuses on supporting the cyber security efforts for products and end-consumer services brought to the market by Advanced collaboration with Sonovas Product Cyber Security Center of Expertise this position helps maintain robust product security practices ensuring that products are protected against cyber security threats and compliant with regulatory requirements.

Responsibilities:

• Collaborate with product development quality and maintenance teams to integrate cyber security into the secure product development lifecycle.
• Support the implementation of Sonovas cross-divisional product cyber security strategy roadmap and security capabilities.
• Monitor cyber threats regulatory changes and industry trends; conduct security assessments and ensure compliance with relevant standards.
• Define and maintain product security policies requirements standards and processes to mitigate risks and ensure confidentiality integrity and availability.
• Perform security verification activities including design/code reviews vulnerability scanning and penetration testing and manage vulnerability remediation.
• Contribute to DevSecOps automation and maintain security documentation KPIs and quality deliverables.
• Support incident response investigations and security awareness initiatives across the organization.
• Collaborate with internal teams external partners and customers on product security matters.
• Participate in R&D activities agile planning and interdisciplinary team collaboration; support knowledge sharing hiring and onboarding.
• Other duties as assigned.

Travelling Requirement: Travel to other Sonova group-companies may be needed up to twice per year.

More about you:

Education

• Bachelors degree in engineering or equivalent work experience

Nice to Have

• Masters degree in engineering

Further Education

• Further education and specialization in cybersecurity

Nice to Have

• Professional security certifications

Work Experience

• At least 5 years of practical experience in the following areas:
  • Software engineering
  • Software Development Life
  • Cycle (SDLC)
  • System design / architecture
  • Project management
• With a minimum of 3 years in cyber security related roles

Nice to Have

• Data privacy
• CI/CD DevSecOps
• Experience in regulated industry preferably medical devices
• Class II/II/III medical device experience
• Data privacy experience

Professional Competencies

• Ability to explain complex
• security topics to people without security background
• Ability to effectively integrate
• information from varied disciplines including multiple engineering disciplines marketing and regulatory affairs
• Threat modelling security
• assessments security verification security engineering
• Demonstrated competencies in
• current cybersecurity tools and technologies
• Experience with vulnerability identification and management
• Demonstrated knowledge of
• common attacker methodologies and/or threat modelling tools
• Comfort with technical and business issues/requirements
• sound business understanding.
• Strategic ability and aptitude.
• Stay up-to-date on the current
• Cyber Security trends best practices technologies regulatory requirements and risks
• Knowledge of OWASP-10 and
• SANS CWE-25

Nice to Have

• Secure SDLC practices
• CI/CD
• Cryptography
• Authentication and
• authorization protocols and methods such as OAuth2 and WebAuthn
• application security
• Vulnerability management
• Security audit
• Security-relevant
• communication to external stakeholders
• Security and privacy frameworks and standards
• Relevant regulations (e.g.
• GDPR MDR FDA HIPAA..)
• AI
• Practical experience with
• Programming languages
• such as C C C# Java Swift Kotlin TypeScript Rust
• Scripting languages such as:
• Python PowerShell bash
• Software frameworks and
• services such Core Angular Azure
• Communication protocols
• and security protocols such
• as Bluetooth (Classic LE) WLAN TLS
• Strong process/project management capabilities. -
• Practical experience with smart device PC and embedded software code.
• Familiarity with
• vulnerabilities of common
• wireless protocols such as RF Bluetooth and Wi-Fi.
• Experience with penetration and fuzz testing

Language(s)/ Level

• English/ Fluent

Nice to Have

• German/ Basic

IT Skills:

• Good working knowledge of Windows MS Office Linux Mac OS

Nice to Have

• Confluence MS Teams Polarion Jira

A minimum of 200Mb/sec download and 10Mb/sec upload speed internet connectivity is required to support any remote/hybrid employee functionality at Sonova

Dont meet all the criteria If youre willing to go allin and learn wed love to hear from you!

What we offer:

• Medical dental and vision coverage*
• Health Savings Health Reimbursement Flexible Spending/Dependent Care Accounts
• TeleHealth options
• 401k plan with company match*
• Company paid life/ad&d insurance
  • Additional supplemental life/ad&d coverage available
• Company paid Short/Long-Term Disability coverage (STD/LTD)
  • STD LTD Buy-ups available
• Accident/Hospital Indemnity coverage
• Legal/ID Theft Assistance
• PTO (or sick and vacation time) floating Diversity Day & paid holidays*
• Paid parental bonding leave
• Employee Assistance Program (24/7 mental health support hotline 5 company paid counseling sessions and more)
• Robust Internal Career Growth opportunities
• Tuition reimbursement
• Hearing aid discount for employees and family
• Internal social recognition platform
• D&I focused: D&I council and employee resource groups

*Plan rules/offerings dependent upon group Company/location.

This roles pay range is between $82400/yr - $123600/yr (may vary based on location). This role is also eligible for bonus.

How we work:

At Sonova we prioritize the well-being of our employees and foster an inclusive environment that promotes engagement and collaboration. Our team-customized hybrid work model empowers teams to balance individual needs with business goals offering flexibility and individualized time management. We recognize the importance of life outside of work and strive to create a supportive and motivating workplace where innovation thrives.