Who we are
You enjoy creating and innovating. You never stop striving for better. You take responsibility and you get results. You love being part of a team. Above all, you want your work to matter: Welcome to our world! At Sonova we create sense by bringing sound to life. Our innovative hearing care solutions help millions of people enjoy life's unforgettable moments. We offer exceptional career opportunities through market-leading brands from consumer to medical, products and services that keep pushing hearing care forward, and a culture where you can quickly belong and perform at your best. If you want the freedom to explore, opportunities to grow, and make positive change on people lives through your work, this is the place for you. Join Sonova. Create sense.
Valencia (CA), United States
Senior Engineer, Product Cybersecurity Systems
Who we are In a life without sound, our work provides meaning. As a leading provider of innovative hearing care solutions, we are not just a company that makes products: we are a team on a mission to help people enjoy the delight of hearing. To enable a life without limitations, through our core business brands - Advanced Bionics, Audiological Care, Phonak, Sennheiser (under license) and Unitron - we develop, manufacture and distribute solutions that push the limits of technology and redefine the future of our industry. Valencia, CA - Hybrid Senior Engineer, Product Cyber Security Systems The Senior Product Cyber Security Systems Engineer role focuses on supporting the cyber security efforts for products and end-consumer services brought to the market by Advanced Bionics. In collaboration with Sonova's Product Cyber Security Center of Expertise, this position helps maintain robust product security practices, ensuring that products are protected against cyber security threats and compliant with regulatory requirements. Responsibilities:
- Collaborate with product development, quality, and maintenance teams to integrate cyber security into the secure product development lifecycle.
- Support the implementation of Sonova's cross-divisional product cyber security strategy, roadmap, and security capabilities.
- Monitor cyber threats, regulatory changes, and industry trends; conduct security assessments and ensure compliance with relevant standards.
- Define and maintain product security policies, requirements, standards, and processes to mitigate risks and ensure confidentiality, integrity, and availability.
- Perform security verification activities, including design/code reviews, vulnerability scanning, and penetration testing, and manage vulnerability remediation.
- Contribute to DevSecOps automation and maintain security documentation, KPIs, and quality deliverables.
- Support incident response, investigations, and security awareness initiatives across the organization.
- Collaborate with internal teams, external partners, and customers on product security matters.
- Participate in R&D activities, agile planning, and interdisciplinary team collaboration; support knowledge sharing, hiring, and onboarding.
- Other duties as assigned.
Travelling Requirement: Travel to other Sonova group-companies may be needed up to twice per year. More about you: Education
- Bachelor's degree in engineering or equivalent work experience
Nice to Have
- Master's degree in engineering
Further Education
- Further education and specialization in cybersecurity
Nice to Have
- Professional security certifications
Work Experience
- At least 5 years of practical experience in the following areas:
- Software engineering
- Software Development Life
- Cycle (SDLC)
- System design / architecture
- Project management
- With a minimum of 3 years in cyber security related roles
Nice to Have
- Data privacy
- CI/CD, DevSecOps
- Experience in regulated industry, preferably medical devices
- Class II/II+/III medical device experience
- Data privacy experience
Professional Competencies
- Ability to explain complex
- security topics to people without security background
- Ability to effectively integrate
- information from varied disciplines including multiple engineering disciplines, marketing and regulatory affairs
- Threat modelling, security
- assessments, security verification, security engineering
- Demonstrated competencies in
- current cybersecurity tools and technologies
- Experience with vulnerability identification and management
- Demonstrated knowledge of
- common attacker methodologies and/or threat modelling tools
- Comfort with technical and business issues/requirements,
- sound business understanding.
- Strategic ability and aptitude.
- Stay up-to-date on the current
- Cyber Security trends, best practices, technologies, regulatory requirements and risks
- Knowledge of OWASP-10 and
- SANS CWE-25
Nice to Have
- Secure SDLC practices
- CI/CD
- Cryptography
- Authentication and
- authorization protocols and methods such as OAuth2 and WebAuthn
- application security
- Vulnerability management
- Security audit
- Security-relevant
- communication to external stakeholders
- Security and privacy frameworks and standards
- Relevant regulations (e.g.
- GDPR, MDR, FDA, HIPAA,..)
- AI
- Practical experience with
- Programming languages
- such as C, C++, C#, Java, Swift, Kotlin, TypeScript, Rust
- Scripting languages such as:
- Python, PowerShell, bash
- Software frameworks and
- services such as .NET Fwk, .Net Core, Angular, Azure
- Communication protocols
- and security protocols such
- as Bluetooth (Classic, LE), WLAN, TLS
- Strong process/project management capabilities. -
- Practical experience with smart device, PC and embedded software code.
- Familiarity with
- vulnerabilities of common
- wireless protocols such as RF, Bluetooth and Wi-Fi.
- Experience with penetration and fuzz testing
Language(s)/ Level
Nice to Have
IT Skills:
- Good working knowledge of Windows, MS Office, Linux, Mac OS
Nice to Have
- Confluence, MS Teams, Polarion, Jira
A minimum of 200Mb/sec download and 10Mb/sec upload speed internet connectivity is required to support any remote/hybrid employee functionality at Sonova Don't meet all the criteria? If you're willing to go allin and learn we'd love to hear from you! What we offer:
- Medical, dental and vision coverage*
- Health Savings, Health Reimbursement, Flexible Spending/Dependent Care Accounts
- TeleHealth options
- 401k plan with company match*
- Company paid life/ad&d insurance
- Additional supplemental life/ad&d coverage available
- Company paid Short/Long-Term Disability coverage (STD/LTD)
- STD LTD Buy-ups available
- Accident/Hospital Indemnity coverage
- Legal/ID Theft Assistance
- PTO (or sick and vacation time), floating Diversity Day, & paid holidays*
- Paid parental bonding leave
- Employee Assistance Program (24/7 mental health support hotline, 5 company paid counseling sessions and more)
- Robust Internal Career Growth opportunities
- Tuition reimbursement
- Hearing aid discount for employees and family
- Internal social recognition platform
- D&I focused: D&I council and employee resource groups
*Plan rules/offerings dependent upon group Company/location. This role's pay range is between $82,400/yr - $123,600/yr (may vary based on location). This role is also eligible for bonus. How we work: At Sonova, we prioritize the well-being of our employees and foster an inclusive environment that promotes engagement and collaboration. Our team-customized hybrid work model empowers teams to balance individual needs with business goals, offering flexibility and individualized time management. We recognize the importance of life outside of work and strive to create a supportive and motivating workplace where innovation thrives.
Sonova is an equal opportunity employer
We team up. We grow talent. We collaborate with people of diverse backgrounds to win with the best team in the market place. We guarantee every person equal treatment in regard to employment and opportunity for employment, regardless of a candidate's ethnic or national origin, religion, sexual orientation or marital status, gender, genetic identity, age, disability or any other legally protected status.
|