Principal Engineer, Cybersecurity

4 days ago


Santa Clarita, United States Sonova USA, Inc. Full time


Who we are

You enjoy creating and innovating. You never stop striving for better. You take responsibility and you get results. You love being part of a team. Above all, you want your work to matter: Welcome to our world At Sonova we create sense by bringing sound to life. Our innovative hearing care solutions help millions of people enjoy life's unforgettable moments.


We offer exceptional career opportunities through market-leading brands from consumer to medical, products and services that keep pushing hearing care forward, and a culture where you can quickly belong and perform at your best.


If you want the freedom to explore, opportunities to grow, and make positive change on people lives through your work, this is the place for you.


Join Sonova. Create sense.




Valencia (CA), United States



Principal Engineer, Cybersecurity

155929

Who we are


In a life without sound, our work provides meaning. As a leading provider of innovative hearing care solutions, we are not just a company that makes products: we are a team on a mission to help people enjoy the delight of hearing. To enable a life without limitations, through our core business brands - Advanced Bionics, Audiological Care, Phonak, Sennheiser (under license) and Unitron - we develop, manufacture and distribute solutions that push the limits of technology and redefine the future of our industry.



Principal Engineer, Product Cyber Security Systems (Hybrid OR Remote)



The Principal Engineer, Product Cyber Security performs complex work in research, design and development of new or existing Software products, tools and processes required for the operation, maintenance and testing of products.


Cyber Security of the Advanced Bionics products and services has been recognized as very important for our customers and for Advanced Bionics business success.



Responsibilities:


The Principal Engineer, Product Cyber Security is a highly technical position serving as the SME for product cybersecurity risk assessments (threat modeling, asset tracking, vulnerability/defect identification and management, impact assessment, risk control measure development, security test planning) for proprietary hardware, embedded software, smart device applications and PC software.



  • Collaborate with and contribute to the Sonova Global Product Cyber Security Center of Expertise (CoE).
  • Implement Advanced Bionics Product Cyber Security strategy, roadmap, and build the necessary capabilities to execute projects.
  • Continuously monitor and manage Product cyber risks to ensure confidentiality, integrity, and resilience of Sonova products and services, maintaining customer trust and regulatory compliance.
  • Report on the effectiveness of security controls.
  • Ensure the secure design, development, and maintenance of products, platforms, and services.
  • Lead and mentor Advanced Bionics product development, quality, and maintenance teams in cyber security and secure product development lifecycle practices.
  • Contribute to the development and implementation of Sonova's cross-divisional product cyber security strategy and ensure its adoption by Advanced Bionics.
  • Monitor threats and regulatory landscapes, conducting gap assessments against standards and frameworks.
  • Identify security requirements for business processes and products.
  • Define, implement, and maintain global and Advanced Bionics-specific product security policies, standards, controls, and processes.
  • Provide guidance on secure design, development, and maintenance of products, software applications, platforms, and services.
  • Conduct threat modeling and cyber risk assessments.
  • Define and execute security verification and validation tasks, such as design and code reviews, static and dynamic code analysis, vulnerability scanning, and penetration testing.
  • Perform and support vulnerability management for products and services.
  • Support the creation of security documentation and required quality management deliverables.
  • Drive and contribute to the automation of security practices (DevSecOps).
  • Measure and report on the effectiveness of security controls using meaningful KPIs.
  • Act as an ambassador for information security and cyber risk, promoting awareness and a secure culture within the organization.
  • Provide guidance on product cyber security topics and risks to relevant stakeholders.
  • Support cyber security incident management, response, and customer complaint processes. Participate in tabletop exercises.
  • Initiate periodic Product Security Health Checks/Risk Assessments and manage mitigation measures.
  • Drive continuous improvement in your area of responsibility.
  • Support security reviews, internal, and external audits.
  • Communicate and report product security risk status to senior and product management.
  • Build and maintain relationships with internal stakeholders and external partners.
  • Support communication with external stakeholders, including customers, authorities, and other third parties related to product security.
  • Stay updated on current Cyber Security trends, best practices, technologies, regulatory requirements, and risks.
  • Work with the Director of Product Cyber Security Center of Expertise to set strategic direction and planning for product security risk for Advanced Bionics and Sonova globally.
  • Other duties and responsibilities as assigned by your manager.


General R&D Tasks:



  • Adhere to Advanced Bionics standard operating procedures as per training requirements.
  • Contribute to R&D development processes, including planning, reviewing, and refining product increments.
  • Participate in interdisciplinary agile development teams and their rituals.
  • Support hiring and onboarding processes for new hires.
  • Share and learn R&D knowledge within communities.


Reporting:



  • Functionally reports to the Senior Manager of Design Assurance.
  • Other duties as assigned.


Travelling Requirement: Up to 20%



More about you:


Education


Higher level engineering degree:



  • Bachelors with 10+ Years Relevant Experience
  • Masters with 8+ Years Relevant Experience


Further Education



  • Further education and specialization in cybersecurity


Work Experience



  • 10+ years of practical experience in the following areas:
  • Software engineering
  • Software Development Life Cycle (SDLC)
  • System design / architecture
  • Project management
  • 5+ years in cyber security related rolesvarious technology methodologies that support that lifecycle


Personal Competencies



  • Pragmatic
  • Excellent written English communication skills.
  • Excellent analytical and problem-solving skills.
  • Logical thinking in high-pressure situations.
  • Meticulous attention to detail


Social Competencies



  • Communicate convincingly to all levels of staff and management, with the ability to communicate technical concepts in business terms to various audiences
  • Team player
  • Able to work in a distributed, diverse collaboration environment
  • Ability to establish and foster cooperative relationships and networking across teams
  • Ability to manage multiple simultaneous conflicting tasks and demands


Leadership Competencies



  • Expert in Leading Self
  • Expert in Leading Systems
  • Ability to Influence without authority


Professional Competencies



  • Communicate Complex Security Concepts: Ability to explain complex security topics to those without a security background.
  • Cross-Disciplinary Integration: Effectively integrate information from various disciplines, including engineering, marketing, and regulatory affairs.
  • Security Expertise: Proficient in threat modeling, security assessments, security verification, and security engineering.
  • Cybersecurity Tools and Technologies: Demonstrated experience with current cybersecurity tools, vulnerability identification, and management.
  • Understanding Attacker Methodologies: Knowledge of common attacker strategies and threat modeling tools.
  • Business and Technical Acumen: Comfortable navigating both technical and business issues, with a strong understanding of business needs.
  • Strategic Thinking: Ability to think strategically and adapt to changing circumstances.
  • Stay Informed: Continuously update knowledge on current cybersecurity trends, best practices, technologies, regulatory requirements, and risks.
  • Familiarity with Security Standards: Knowledge of OWASP Top 10 and SANS CWE-25.

Nice to Have



  • Secure SDLC Practices: Expertise in secure software development lifecycle practices.
  • CI/CD: Knowledge of continuous integration and continuous delivery processes.
  • Cryptography: Proficiency in cryptographic methods.
  • Authentication & Authorization: Familiarity with protocols such as OAuth2 and WebAuthn.
  • Application Security: Experience in securing applications.
  • Vulnerability Management: Skilled in identifying and managing vulnerabilities.
  • Security Audits: Ability to conduct security audits.
  • External Communication: Capable of communicating security-related information to external stakeholders.
  • Security & Privacy Standards: Knowledge of security and privacy frameworks and standards.
  • Regulatory Compliance: Understanding of relevant regulations such as GDPR, MDR, FDA, and HIPAA.
  • AI: Experience with artificial intelligence applications.

Practical Experience With:



  • Programming Languages: Proficient in C, C++, C#, Java, Swift, Kotlin, TypeScript, and Rust.
  • Scripting Languages: Skilled in Python, PowerShell, and bash.
  • Software Frameworks & Services: Experience with .NET Framework, .NET Core, Angular, and Azure.
  • Communication Protocols: Knowledge of Bluetooth (Classic, LE), WLAN, and TLS, with an understanding of their security protocols.
  • Process/Project Management: Strong capabilities in managing processes and projects.
  • Software Development: Hands-on experience with smart device, PC, and embedded software code.
  • Wireless Protocol Vulnerabilities: Familiarity with common wireless protocol vulnerabilities, including RF, Bluetooth, and Wi-Fi.
  • Penetration & Fuzz Testing: Experience with penetration and fuzz testing.


Language(s)/ Level



  • English/ Fluent

Nice to Have



  • German


IT Skills



  • Good working knowledge of Windows, MS Office, Linux, Mac OS, iOS and Android.

Nice to Have



  • Confluence, MS Teams, Polarion, Jira


A minimum of 200Mb/sec download and 10Mb/sec upload speed internet connectivity is required to support any remote/hybrid employee functionality at Sonova


Don't meet all the criteria? If you're willing to go allin and learn we'd love to hear from you



What we offer:



  • Medical, dental and vision coverage*
  • Health Savings, Health Reimbursement, Flexible Spending/Dependent Care Accounts
  • TeleHealth options
  • 401k plan with company match*
  • Company paid life/ad&d insurance

    • Additional supplemental life/ad&d coverage available


  • Company paid Short/Long-Term Disability coverage (STD/LTD)

    • STD LTD Buy-ups available


  • Accident/Hospital Indemnity coverage
  • Legal/ID Theft Assistance
  • PTO (or sick and vacation time), floating Diversity Day, & paid holidays*
  • Paid parental bonding leave
  • Employee Assistance Program (24/7 mental health support hotline, 5 company paid counseling sessions and more)
  • Robust Internal Career Growth opportunities
  • Tuition reimbursement
  • Hearing aid discount for employees and family
  • Internal social recognition platform
  • D&I focused: D&I council and employee resource groups

*Plan rules/offerings dependent upon group Company/location.


This role's pay range is between: $120,000/yr - $180,000/yr (based on location). This role is also bonus eligible.



How we work:


At Sonova, we prioritize the well-being of our employees and foster an inclusive environment that promotes engagement and collaboration. Our team-customized hybrid work model empowers teams to balance individual needs with business goals, offering flexibility and individualized time management. We recognize the importance of life outside of work and strive to create a supportive and motivating workplace where innovation thrives.



Sonova is an equal opportunity employer

We team up. We grow talent. We collaborate with people of diverse backgrounds to win with the best team in the market place. We guarantee every person equal treatment in regard to employment and opportunity for employment, regardless of a candidate's ethnic or national origin, religion, sexual orientation or marital status, gender, genetic identity, age, disability or any other legally protected status.



#J-18808-Ljbffr

  • Santa Clarita, United States Sonova Group Full time

    Select how often (in days) to receive an alert:You enjoy creating and innovating. You never stop striving for better. You take responsibility and you get results. You love being part of a team. Above all, you want your work to matter: Welcome to our world! At Sonova we create sense by bringing sound to life. Our innovative hearing care solutions help...


  • Santa Clarita, CA, United States Sonova Group Full time

    Select how often (in days) to receive an alert: You enjoy creating and innovating. You never stop striving for better. You take responsibility and you get results. You love being part of a team. Above all, you want your work to matter: Welcome to our world! At Sonova we create sense by bringing sound to life. Our innovative hearing care solutions help...


  • Santa Clarita, United States huMannity Medtec Full time

    At HuMannity Medtec, we pioneer life-enhancing medical technologies for under met healthcare needs. Come join our team of engineers, scientists and medical device experts who are inspired to develop innovative solutions for tomorrow's challenges. If you'd like to join a high-reward, truly inspiring environment with an experienced, diverse team working at...


  • Santa Clarita, United States huMannity Medtec Full time

    At HuMannity Medtec, we pioneer life-enhancing medical technologies for under met healthcare needs. Come join our team of engineers, scientists and medical device experts who are inspired to develop innovative solutions for tomorrow’s challenges. If you’d like to join a high-reward, truly inspiring environment with an experienced, diverse team working at...


  • Santa Clarita, United States huMannity Medtec Full time

    At HuMannity Medtec, we pioneer life-enhancing medical technologies for under met healthcare needs. Come join our team of engineers, scientists and medical device experts who are inspired to develop innovative solutions for tomorrow’s challenges. If you’d like to join a high-reward, truly inspiring environment with an experienced, diverse team working at...


  • santa clarita, United States huMannity Medtec Full time

    At HuMannity Medtec, we pioneer life-enhancing medical technologies for under met healthcare needs. Come join our team of engineers, scientists and medical device experts who are inspired to develop innovative solutions for tomorrow’s challenges. If you’d like to join a high-reward, truly inspiring environment with an experienced, diverse team working at...


  • Santa Clarita, United States huMannity Medtec Full time

    At HuMannity Medtec, we pioneer life-enhancing medical technologies for under met healthcare needs. Come join our team of engineers, scientists and medical device experts who are inspired to develop innovative solutions for tomorrow’s challenges. If you’d like to join a high-reward, truly inspiring environment with an experienced, diverse team working at...


  • Santa Clarita, United States huMannity Medtec Full time

    At HuMannity Medtec, we pioneer life-enhancing medical technologies for under met healthcare needs. Come join our team of engineers, scientists and medical device experts who are inspired to develop innovative solutions for tomorrow’s challenges. If you’d like to join a high-reward, truly inspiring environment with an experienced, diverse team working at...


  • santa clarita, United States huMannity Medtec Full time

    At HuMannity Medtec, we pioneer life-enhancing medical technologies for under met healthcare needs. Come join our team of engineers, scientists and medical device experts who are inspired to develop innovative solutions for tomorrow’s challenges. If you’d like to join a high-reward, truly inspiring environment with an experienced, diverse team working at...


  • Santa Clarita, United States Ausenco Full time

    Ausenco is a fast-growing company with big ideas. We redefine what’s possible in some of the world’s most complex projects and toughest environments. Delivering innovative, value-add consulting, project delivery, asset operations and maintenance solutions is what we do. From 26 offices in 15 countries, with projects in over 80 locations worldwide, we...


  • santa clarita, United States CyberCoders Full time

    Principal Engineering DesignerAward winning, multi-discipline planning, design and engineering firm with over 65 years of serving clients in both the public and private sectors. We maintain divisions that focus on civil engineering, urban design & planning, community planning, landscape architecture, transportation & traffic engineering, surveying, mapping,...


  • santa clarita, United States CyberCoders Full time

    Principal Engineering DesignerAward winning, multi-discipline planning, design and engineering firm with over 65 years of serving clients in both the public and private sectors. We maintain divisions that focus on civil engineering, urban design & planning, community planning, landscape architecture, transportation & traffic engineering, surveying, mapping,...


  • Santa Clarita, United States CyberCoders Full time

    Principal Engineering DesignerAward winning, multi-discipline planning, design and engineering firm with over 65 years of serving clients in both the public and private sectors. We maintain divisions that focus on civil engineering, urban design & planning, community planning, landscape architecture, transportation & traffic engineering, surveying, mapping,...


  • santa clarita, United States huMannity Medtec Full time

    At HuMannity Medtec, we pioneer life-enhancing medical technologies for under met healthcare needs. Come join our team of engineers, scientists and medical device experts who are inspired to develop innovative solutions for tomorrow’s challenges. If you’d like to join a high-reward, truly inspiring environment with an experienced, diverse team working at...


  • santa clarita, United States huMannity Medtec Full time

    At HuMannity Medtec, we pioneer life-enhancing medical technologies for under met healthcare needs. Come join our team of engineers, scientists and medical device experts who are inspired to develop innovative solutions for tomorrow’s challenges. If you’d like to join a high-reward, truly inspiring environment with an experienced, diverse team working at...


  • Santa Clarita, United States CV Library Full time

    Position: Platform Systems EngineerWork Location: Onsite, Santa Clarita, CaliforniaDaily schedule: 40 hours per week, standard business hoursExpected Pay Rate: $52/hr to $62/hr, negotiableStart: ASAPNotes: No C2C, must be US or Green Card holder.Overview: We are searching for an experienced and innovative Cyber-Savvy Platform Systems Engineer to join our...


  • Santa Clarita, United States Disability Solutions Full time

    Honda Racing Corporation USA formerly known as Honda Performance Development, Inc., a leader in motorsports racing, is seeking a highly organized and detailed oriented Manager/Principal Engineer II- Electrical to join its Racing Program in Santa Clarita, California.Work Style: HybridManager/Principal Engineer II- Electrical:Responsibilities include:Provide...


  • Santa Clara, United States Palo Alto Networks Full time

    Sr Principal UI Engineer Software (NetSec) Palo Alto Networks At Palo Alto Networks, everything starts and ends with our mission: Being the cybersecurity partner of choice, protecting our digital way of life. Our vision is a world where each day is safer and more secure than the one before. We are a company built on the foundation of challenging and...


  • Santa Clarita, United States RICK Full time

    Job DescriptionJob DescriptionIf you are looking for a place to grow your career and make a difference – RICK is the place for you!As a Principal Civil Engineer Designer in Santa Clarita, CA, you will have an opportunity to work with a multi-disciplinary team on meaningful, landmark projects in the Los Angeles and Ventura County region. As a RICK team...


  • Santa Clarita, United States RICK Full time

    Job DescriptionJob DescriptionIf you are looking for a place to grow your career and make a difference – RICK is the place for you!Learn more about the general tasks related to this opportunity below, as well as required skills.As a Principal Civil Engineer Designer in Santa Clarita, CA, you will have an opportunity to work with a multi-disciplinary team...