Sonova AG
Director Customer Support(m/w/x)
Full-timeOn-siteSenior
Stäfa
New Job?Nejo!
Your personal AI career agent
SOSonova AG
Director, Product Cybersecurity(m/w/x)
Stäfa
Full-timeOn-siteSenior
Nejo AI Summary
Defining global product cybersecurity strategy for hearing care solutions, including audits and incident response. 8+ years in product/embedded security, ideally in regulated medical devices, required. Focus on secure development lifecycle frameworks and compliance with FDA, ISO 13485, ISO 14971, IEC 62304.
Requirements
- Bachelor's or Master's degree in Computer Science, Electrical Engineering, Biomedical Engineering, or related field
- Specialization in cybersecurity preferred
- 8+ years of experience in product, embedded, or application security, ideally in medical devices or other regulated / safety-critical industries
- Strong experience in regulated environments (FDA, ISO 13485, ISO 14971, IEC 62304)
- Proven track record implementing secure development lifecycle frameworks (SDLC / SPDF)
- Deep expertise in embedded and firmware security
- Deep expertise in cryptography, authentication, and key management
- Deep expertise in secure communications, APIs, and cloud/mobile architectures
- Experience with security testing methods (SAST, DAST, penetration testing)
- Strong experience leading cross-functional, global initiatives
- Experience in hearing healthcare or implantable medical technologies
- Familiarity with SBOM, MDS2, and healthcare cybersecurity requirements
- Knowledge of frameworks (NIST CSF, ISO/IEC 27001, MITRE)
- Experience in incident response within healthcare or critical infrastructure
- Strong communication skills, translating complex topics into clear, business-relevant messaging
- Pragmatic, outcome-oriented mindset with strong risk-based decision-making
- Proven ability to influence across a matrix organization without formal authority
- Experience leading globally distributed teams
- Expertise in cybersecurity and privacy-by-design across product lifecycle
- Strong knowledge of relevant regulations and industry standards
- Ability to define governance, processes, and risk management frameworks
- Strategic mindset to integrate cybersecurity into product and technology roadmaps
- Fluent English (written and spoken)
- Additional languages (e.g., German) are a plus
- Familiarity with collaboration tools (Jira, Confluence)
Tasks
- Define and lead global product cybersecurity strategy
- Establish and enforce security principles and controls
- Act as primary cybersecurity contact for audits and regulations
- Drive cybersecurity roadmaps aligned with business needs
- Lead incident response readiness and health checks
- Embed cybersecurity into Secure Product Development Framework
- Ensure compliance with relevant standards
- Lead threat modeling and secure design practices
- Define security requirements for various systems
- Own product cybersecurity risk across R&D
- Oversee vulnerability management and coordinated disclosure
- Lead security risk reviews and report metrics
- Ensure effective post-market surveillance for cybersecurity
- Own cybersecurity deliverables for regulatory submissions
- Partner with Quality and Regulatory teams for compliance
- Define cybersecurity requirements for suppliers and partners
- Lead and develop a global product cybersecurity team
- Advise engineering and product leadership on risk-based decisions
- Drive cybersecurity awareness and capability
- Build external partnerships with industry bodies and regulators
Work Experience
- 8 years
Education
- Vocational certificationOR
- Bachelor's degreeOR
- Master's degree
Languages
- English – Native
- German – Basic
Tools & Technologies
- Jira
- Confluence
- NIST CSF
- ISO/IEC 27001
- MITRE
- SAST
- DAST
- penetration testing
- SDLC
- SPDF
- IEC 62304
- ISO 14971
- ISO 13485
Find the original job posting in its most current version here. Nejo automatically captured this job from the website of Sonova AG and processed the information on Nejo with the help of AI for you. Despite careful analysis, some information may be incomplete or inaccurate. Please always verify all details in the original posting! Content and copyrights of the original posting belong to the advertising company.
Like this job?
BetaYour Career Agent finds similar jobs for you every day.
Not a perfect match?
- HUBER+SUHNER
Global Product Compliance Manager(m/w/x)
Full-timeOn-siteSeniorHerisau, Pfäffikon SZ - NL3M Philips International BV
Patient Safety and Quality Leader DACH(m/w/x)
Full-timeOn-siteManagementHorgen - Octapharma
Scientific Director(m/w/x)
Full-timeOn-siteManagementLachen - Tecan Trading AG
Senior Embedded Software Engineer(m/w/x)
Full-timeOn-siteSeniorMännedorf
SOSonova AG
Director, Product Cybersecurity(m/w/x)
Stäfa
Full-timeOn-siteSenior
Nejo AI Summary
Defining global product cybersecurity strategy for hearing care solutions, including audits and incident response. 8+ years in product/embedded security, ideally in regulated medical devices, required. Focus on secure development lifecycle frameworks and compliance with FDA, ISO 13485, ISO 14971, IEC 62304.
Requirements
- Bachelor's or Master's degree in Computer Science, Electrical Engineering, Biomedical Engineering, or related field
- Specialization in cybersecurity preferred
- 8+ years of experience in product, embedded, or application security, ideally in medical devices or other regulated / safety-critical industries
- Strong experience in regulated environments (FDA, ISO 13485, ISO 14971, IEC 62304)
- Proven track record implementing secure development lifecycle frameworks (SDLC / SPDF)
- Deep expertise in embedded and firmware security
- Deep expertise in cryptography, authentication, and key management
- Deep expertise in secure communications, APIs, and cloud/mobile architectures
- Experience with security testing methods (SAST, DAST, penetration testing)
- Strong experience leading cross-functional, global initiatives
- Experience in hearing healthcare or implantable medical technologies
- Familiarity with SBOM, MDS2, and healthcare cybersecurity requirements
- Knowledge of frameworks (NIST CSF, ISO/IEC 27001, MITRE)
- Experience in incident response within healthcare or critical infrastructure
- Strong communication skills, translating complex topics into clear, business-relevant messaging
- Pragmatic, outcome-oriented mindset with strong risk-based decision-making
- Proven ability to influence across a matrix organization without formal authority
- Experience leading globally distributed teams
- Expertise in cybersecurity and privacy-by-design across product lifecycle
- Strong knowledge of relevant regulations and industry standards
- Ability to define governance, processes, and risk management frameworks
- Strategic mindset to integrate cybersecurity into product and technology roadmaps
- Fluent English (written and spoken)
- Additional languages (e.g., German) are a plus
- Familiarity with collaboration tools (Jira, Confluence)
Tasks
- Define and lead global product cybersecurity strategy
- Establish and enforce security principles and controls
- Act as primary cybersecurity contact for audits and regulations
- Drive cybersecurity roadmaps aligned with business needs
- Lead incident response readiness and health checks
- Embed cybersecurity into Secure Product Development Framework
- Ensure compliance with relevant standards
- Lead threat modeling and secure design practices
- Define security requirements for various systems
- Own product cybersecurity risk across R&D
- Oversee vulnerability management and coordinated disclosure
- Lead security risk reviews and report metrics
- Ensure effective post-market surveillance for cybersecurity
- Own cybersecurity deliverables for regulatory submissions
- Partner with Quality and Regulatory teams for compliance
- Define cybersecurity requirements for suppliers and partners
- Lead and develop a global product cybersecurity team
- Advise engineering and product leadership on risk-based decisions
- Drive cybersecurity awareness and capability
- Build external partnerships with industry bodies and regulators
Work Experience
- 8 years
Education
- Vocational certificationOR
- Bachelor's degreeOR
- Master's degree
Languages
- English – Native
- German – Basic
Tools & Technologies
- Jira
- Confluence
- NIST CSF
- ISO/IEC 27001
- MITRE
- SAST
- DAST
- penetration testing
- SDLC
- SPDF
- IEC 62304
- ISO 14971
- ISO 13485
Find the original job posting in its most current version here. Nejo automatically captured this job from the website of Sonova AG and processed the information on Nejo with the help of AI for you. Despite careful analysis, some information may be incomplete or inaccurate. Please always verify all details in the original posting! Content and copyrights of the original posting belong to the advertising company.
Like this job?
BetaYour Career Agent finds similar jobs for you every day.
About the Company
Sonova AG
Industry
Healthcare
Description
The company builds systems to render speech clear and free of noise using deep learning technology, empowering people with hearing loss.
Not a perfect match?
- Sonova AG
Director Customer Support(m/w/x)
Full-timeOn-siteSeniorStäfa - HUBER+SUHNER
Global Product Compliance Manager(m/w/x)
Full-timeOn-siteSeniorHerisau, Pfäffikon SZ - NL3M Philips International BV
Patient Safety and Quality Leader DACH(m/w/x)
Full-timeOn-siteManagementHorgen - Octapharma
Scientific Director(m/w/x)
Full-timeOn-siteManagementLachen - Tecan Trading AG
Senior Embedded Software Engineer(m/w/x)
Full-timeOn-siteSeniorMännedorf