Senior Engineer, Cybersecurity

Who we are You enjoy creating and innovating. You never stop striving for better. You take responsibility and you get results. You love being part of a team. Above all, you want your work to matter: Welcome to our world! At Sonova we create sense by bringing sound to life. Our innovative hearing care solutions help millions of people enjoy life’s unforgettable moments. We offer exceptional career opportunities through market-leading brands from consumer to medical, products and services that keep pushing hearing care forward, and a culture where you can quickly belong and perform at your best. If you want the freedom to explore, opportunities to grow, and make positive change on people lives through your work, this is the place for you. Join Sonova. Create sense. Valencia (CA), United States Senior Engineer, Cybersecurity Overview Product Cyber Security Systems Engineer The position covers cyber security for all products and end-consumer services brought to the market by Advanced Bionics as the legal manufacturer. Furthermore, it involves active participation in the development, maintenance, and operation of product cybersecurity capabilities and controls in collaboration with Sonova. This collaborative effort is orchestrated through the Sonova Product Cyber Security Center of Expertise, ensuring a unified, efficient and robust approach to product cyber security. The objective of the Product Cyber Security Systems Engineer is to ensure compliance of Advanced Bionics products and end-consumer services with the minimum standard for cyber security and to ensure that they are appropriately secured and resilient to face Cyber Security threats and protect customer data and trust What you’ll do: Perform SOUP/COTS assessments for new products Maintain cybersecurity SBOMs throughout the product lifecycle Develop and maintain new product threat models and asset and vulnerability lists Assess product cybersecurity risks and maintain security and safety risk documentation throughout the product lifecycle Assist R&D with defining security and privacy verification test plans and protocols Monitor for vulnerabilities in new and released products. Support coordinated vulnerability disclosures and security incident handling. Support product and process cybersecurity audits. Monitor changes in cybersecurity industry standards and guidance. Influence Corporate cybersecurity processes and standards to ensure Advanced Bionics needs are incorporated. Advise, mentor and train team members in security concepts. Other duties as assigned. Travelling Requirement: up to 5% What you bring to the team: Education Bachelor’s Degree in Computer Science Engineering and/or 5 years of equivalent work experience) Nice to Have Masters Degree in Computer Science Engineering Further Education At least one Cybersecurity Certification Nice to Have Multiple Cybersecurity certifications. Work Experience One or more cybersecurity certifications or evidence of training. 5 years in cybersecurity related roles 5 years in engineering / development roles environment. Nice to Have Previous Class 3 Medical device experience Experience in Cybersecurity safety risk assessment process Personal Competencies Excellent written English communication skills Excellent analytical and problem-solving skills Logical thinking in high-pressure situations Meticulous attention to detail Social Competencies Strong teamwork and collaboration skills Excellent interpersonal skills Ability to manage multiple simultaneous conflicting tasks and demands Professional Competencies Demonstrated competencies in current cybersecurity tools and technologies Experience with vulnerability identification and management Demonstrated knowledge of common attacker methodologies and/or threat modeling tools Nice to Have Experience with intrusion prevention and detection systems Security incident investigation and analysis Security policy and procedure development and deployment Able to interpret C/C++/C# or similar programming code Able to interpret common Windows, Android and iOS scripting languages Language(s)/ Level English/ Fluent IT Skills Knowledge of OWASP-10 and SANS CWE-25 Nice to Have Salesforce IT Skills Proficient in MS Office, SAP, programming questionnaire in online tools Nice to Have Practical experience with smart device, PC and embedded software code. Familiarity with vulnerabilities of common wireless protocols such as RF, Bluetooth and Wi-Fi. Experience with penetration and fuzz testing Our offer: Exciting and challenging work environment Comprehensive benefits package Training and development opportunities – we believe every employee deserves a development plan. Come, learn, and grow with us! Don't meet all the criteria? If you’re willing to go all in and learn we'd love to hear from you! We love to work with great people and strongly believe that a diverse team makes us better. We guarantee every person equal treatment in regard to employment and opportunity for employment, regardless of race, color, creed/religion, sex, sexual orientation, marital status, age, mental or physical disability. We thank all applicants in advance; however only individuals selected for an interview will be contacted. All applications will be kept confidential. Sonova is an equal opportunity employer. Applicants who require reasonable accommodation to complete the application and/or interview process should notify the Senior Manager, Human Resources. Pay Ranges: $93,600/yr - $140,400/yr Based on location Health Benefits & Perks: Medical, dental and vision coverage* Health Savings, Health Reimbursement, Flexible Spending/Dependent Care Accounts TeleHealth options 401k plan with company match* Company paid life/ad&d insurance Additional supplemental life/ad&d coverage available Short/Long-Term Disability coverage (STD/LTD) STD LTD Buy-ups available Accident/Hospital Indemnity coverage Legal/ID Theft Assistance PTO & paid holidays* Employee Assistance Program Plan rules/offerings dependent upon group Company/location. Sonova is an equal opportunity employer We team up. We grow talent. We collaborate with people of diverse backgrounds to win with the best team in the market place. We guarantee every person equal treatment in regard to employment and opportunity for employment, regardless of a candidate’s ethnic or national origin, religion, sexual orientation or marital status, gender, genetic identity, age, disability or any other legally protected status.