Staefa, Switzerland
Product Cybersecurity Manager
As a Product Cybersecurity Manager, you will play a key role in ensuring cybersecurity is embedded into the development of Sonova's connected hearing solutions—from embedded software and mobile applications to cloud-based services.
Working closely with software engineers, product teams, architects, quality, and regulatory experts, you'll help integrate security into every stage of the product development lifecycle. Rather than focusing on operational security, you'll enable engineering teams to build secure products by design, balancing innovation, usability, compliance, and customer trust.
If you have a strong software engineering background and have expanded your expertise into product cybersecurity, this is an opportunity to shape technologies that improve the lives of millions of people worldwide.
More about the role
- Integrate cybersecurity throughout the Secure Software Development Lifecycle (Secure SDLC) for connected medical devices, embedded software, mobile applications, and cloud services.
- Lead threat modeling activities, cybersecurity risk assessments, and mitigation planning together with global R&D teams.
- Partner with software engineering teams to embed security into development workflows, DevSecOps practices, and CI/CD pipelines.
- Coordinate product vulnerability management activities, including assessment, prioritization, remediation tracking, and post-market monitoring.
- Support regulatory submissions and quality processes by preparing cybersecurity documentation and evidence.
- Advise engineering, product management, quality, and regulatory teams on practical, risk-based cybersecurity decisions.
- Promote a security-first mindset by coaching teams, supporting security champions, and driving continuous improvement across R&D.
More about you
Essential
- Bachelor's or Master's degree in Computer Science, Software Engineering, Engineering, or a related technical discipline (or equivalent practical experience).
- 5+ years of experience in software engineering, software architecture, product development, Secure SDLC, or a comparable software development environment.
- At least 3 years of hands-on experience in product cybersecurity or application security.
- Strong understanding of Secure Software Development Lifecycle (Secure SDLC) and how cybersecurity integrates into modern software development.
- Experience working closely with software development teams throughout the product lifecycle.
- Excellent communication skills with the ability to explain complex security topics to both technical and non-technical stakeholders.
- Professional working proficiency in English.
Nice to have
- Experience developing software for medical devices or other regulated industries.
- Experience with DevSecOps and security integration into CI/CD pipelines.
- Knowledge of cybersecurity standards and regulations such as IEC 81001-5-1, IEC 62304, ISO 14971, MDR, FDA, GDPR, CRA or similar frameworks.
- Security certifications such as CISSP, CSSLP, GIAC, or equivalent.
- Experience with cloud security, cryptography, authentication technologies, or software supply chain security.
- Familiarity with Privacy by Design principles, AI agent security, and AI-supported development environments.
More about what we offer
As one of the world's leading hearing care providers headquartered in Switzerland, we're committed to building an inclusive culture where innovation, collaboration, and continuous learning thrive.
Joining Sonova means working with highly skilled international teams developing technologies that genuinely improve people's quality of life. We offer a flexible hybrid working model, extensive learning and development opportunities, and clear career paths that support both your professional and personal growth.
Here, you'll have the opportunity to shape secure, connected healthcare technologies while working in an environment where your ideas are valued and your impact is visible.