More jobs:
Job Description & How to Apply Below
You will work at the intersection of R&D, product management, quality, and regulatory, driving cybersecurity governance, lifecycle execution, and post‑market vigilance. This is a high‑impact role for someone who thrives in complex technical environments, communicates confidently across levels, and enjoys enabling teams to build secure, innovative products that improve lives.
Responsibilities
Lead Product Cybersecurity Governance — Execute the global cybersecurity strategy, embed standards and controls across R&D, and ensure consistent adoption of secure‑by‑design practices.
Drive Secure Product Development — Integrate cybersecurity into the full lifecycle using frameworks such as SPDF, IEC 62304, ISO 14971, and IEC 81001‑5‑1; define and validate security and privacy requirements.
Facilitate Threat Modeling & Risk Assessments — Lead global teams through structured analysis, mitigation planning, and traceability to controls; elevate material risks when needed.
Oversee Vulnerability & Post‑Market Security Operations — Monitor signals, coordinate triage, ensure timely remediation, and support incident response readiness.
Coordinate Cybersecurity Evidence & Compliance — Prepare audit‑ready documentation, support regulatory submissions, and ensure alignment with global cybersecurity and privacy regulations.
Manage Security Testing & Supplier Assurance — Plan internal/external testing, analyze findings, drive remediation, and assess third‑party and open‑source cybersecurity risks.
Enable Dev Sec Ops & Secure Tooling — Support integration of automated security checks, SAST/DAST, and other tooling into CI/CD pipelines.
Build Cybersecurity Capability Across Teams — Coach R&D and product teams, strengthen security awareness, and cultivate a network of security champions.
Provide Cross‑Functional Leadership — Advise on risk‑based decisions, influence stakeholders, and contribute to agile development processes and team rituals.
Support R&D Excellence — Participate in planning and refinement, contribute to onboarding, and share knowledge across communities of practice.
More About You
Bachelor’s or Master’s degree in engineering or equivalent experience.
5+ years of hands‑on experience in software engineering, secure SDLC, system/software architecture, Dev Sec Ops , or technical project management, with at least 3+ years dedicated to cybersecurity in product or platform experience in regulated industries (medical devices preferred).
Strong communication skills; able to translate complex security topics for diverse audiences.
Hands‑on experience with threat modeling, security testing, vulnerability management, and secure coding.
Familiarity with Bluetooth/WLAN/TLS, scripting/programming languages, and modern development workflows.
Knowledge of security frameworks (NIST CSF, ISO 27001, MITRE), privacy regulations (GDPR, HIPAA), and medical device regulations (MDR, FDA).
Proficiency with Windows, Linux, macOS, and collaboration tools such as Confluence, Jira, Polarion, and MS Teams.
Basic understanding of AI technologies and associated risks; experience with agentic AI systems is a plus.
Certifications (ISC2, GIAC) are advantageous.
English fluency required;
German basics a plus.
Don't meet all the criteria? If you’re willing to go all in and learn, we'd love to hear from you!
What We Offer
Exciting and challenging work environment
Collaborative culture
Opportunities for continuous self‑improvement
Opportunities for flexible hybrid model work environment
A company that values diversity and inclusion
Rich benefits plan including wellness benefit, paramedical (massage therapist, naturopath), and competitive compensation including variable component and employer match on pension contributions
Mentorship program and career development plans
This role's pay range is $91,000 – $114,000. This role is also bonus eligible.
Sonova Canada is now a certified Great Place to Work (May 2024 - May 2025).
How We Work
At Sonova, we prioritize the well‑being of our employees and foster an inclusive environment that promotes engagement and collaboration. Our team‑customized hybrid work model empowers teams to balance individual needs with business goals, offering flexibility and individualized time management. We recognize the importance of life outside of work and strive to create a supportive and motivating workplace where innovation thrives.
#J-18808-Ljbffr
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
Search for further Jobs Here:
×