Support Secure Product Development: Collaborate with product development, quality, and maintenance teams to integrate cyber security into the secure product development lifecycle, including secure design, development, maintenance, and DevSecOps practices.
Cyber Security Strategy & Governance: Assist in developing and implementing Sonova’s cross-divisional product cyber security strategy, roadmap, policies, standards, controls, and processes, ensuring adoption within Advanced Bionics.
Threat & Regulatory Monitoring: Monitor evolving cyber threats, industry trends, and regulatory requirements, conducting assessments against relevant standards and frameworks to maintain an effective security posture.
Security Requirements & Risk Management: Identify security requirements for products and business processes, monitor product cyber risks, and support initiatives to ensure product confidentiality, integrity, and availability.
Security Verification & Vulnerability Management: Conduct and support security verification activities including design and code reviews, vulnerability scanning, penetration testing, and ongoing vulnerability management for products and services.
Security Metrics, Documentation & Incident Response: Maintain required security documentation and quality deliverables, measure effectiveness of security controls through KPIs, and support cyber security incident response and investigations.
Cross-Functional Collaboration & Continuous Improvement: Work with internal teams, external partners, and customers to promote cyber security awareness, support communication on product security matters, contribute to R&D activities in an agile environment, and drive continuous improvement initiatives.

Requirements

Bachelor’s degree (or higher) in engineering or a related field, with further specialization in cybersecurity; professional security certifications preferred.
At least 5 years of experience in software engineering, system design/architecture, SDLC, and project management, including 3+ years in cybersecurity-related roles.
Experience with threat modeling, security assessments, vulnerability management, secure SDLC practices, and familiarity with cybersecurity frameworks, standards, and regulations (e.g., GDPR, MDR, FDA, HIPAA).
Knowledge of application security, cryptography, authentication/authorization protocols (e.g., OAuth2, WebAuthn), OWASP Top 10, SANS CWE-25, CI/CD pipelines, and DevSecOps practices.
Practical experience with programming languages such as C, C++, C#, Java, Swift, Kotlin, TypeScript, Rust, scripting languages such as Python, PowerShell, Bash, and frameworks/platforms including .NET, Angular, and Azure.
Understanding of communication and security protocols such as Bluetooth (Classic/LE), WLAN, TLS, wireless vulnerabilities (RF, Bluetooth, Wi-Fi), and experience with penetration testing, fuzz testing, and embedded or device software environments.
Strong analytical and problem-solving abilities, excellent written communication skills, ability to explain complex security topics to non-technical audiences, work collaboratively across teams, manage competing priorities, and perform effectively under pressure.
A minimum of 200Mb/sec download and 10Mb/sec upload speed internet connectivity is required to support any remote/hybrid employee functionality at Sonova.

Benefits

Medical, dental and vision coverage*
Health Savings, Health Reimbursement, Flexible Spending/Dependent Care Accounts
TeleHealth options
401k plan with company match*
Company paid life/ad&d insurance
Additional supplemental life/ad&d coverage available
Company paid Short/Long-Term Disability coverage (STD/LTD)
STD LTD Buy-ups available
Accident/Hospital Indemnity coverage
Legal/ID Theft Assistance
PTO (or sick and vacation time), floating Diversity Day, & paid holidays*
Paid parental bonding leave
Employee Assistance Program (24/7 mental health support hotline, 5 company paid counseling sessions and more)
Robust Internal Career Growth opportunities
Tuition reimbursement
Hearing aid discount for employees and family
Internal social recognition platform

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

cybersecuritysecure SDLCthreat modelingvulnerability managementpenetration testingprogramming languagesapplication securitycryptographyDevSecOpssecurity assessments

Soft Skills

analytical abilitiesproblem-solvingwritten communicationcollaborationtime managementability to explain complex topicsworking under pressurecontinuous improvementcross-functional collaborationcyber security awareness

Certifications

professional security certifications