Who we are

At Sonova, we envision a world where everyone can enjoy the delight of hearing. This vision inspires us and fuels our commitment to developing innovative solutions that improve hearing health and human connection - from personal audio devices and wireless communication systems to hearing aids and cochlear implants. We're dedicated to providing outstanding customer experiences through our global audiological care services, ensuring that everyone has the opportunity to engage fully with the world around them.

Guided by a culture of continuous improvement that fosters resilience and self-motivation, our team is united by a shared commitment to excellence and a deep sense of pride in our work, each of us playing a vital role in creating meaningful change,

Here you’ll find a diverse range of opportunities that span both consumer and medical solutions and the freedom to shape your career while making an impact on the lives of others. Join us in our mission to create a more connected world, where every voice is heard and every story matters.

Kitchener (ON), Canada

Product Cybersecurity Manager

Sonova is seeking a Product Cybersecurity Manager to strengthen the security, resilience, and trustworthiness of our connected medical devices including hearing instruments, cochlear implants, embedded platforms, mobile apps, and cloud services. In this role, you will champion secure‑by‑design practices across the full product lifecycle and ensure our products remain safe, compliant, and protected against evolving cyber threats.
You will work at the intersection of R&D, product management, quality, and regulatory, driving cybersecurity governance, lifecycle execution, and post‑market vigilance. This is a high‑impact role for someone who thrives in complex technical environments, communicates confidently across levels, and enjoys enabling teams to build secure, innovative products that improve lives.

Responsibilities:

• Lead Product Cybersecurity Governance — Execute the global cybersecurity strategy, embed standards and controls across R&D, and ensure consistent adoption of secure‑by‑design practices.
• Drive Secure Product Development — Integrate cybersecurity into the full lifecycle using frameworks such as SPDF, IEC 62304, ISO 14971, and IEC 81001‑5‑1; define and validate security and privacy requirements.
• Facilitate Threat Modeling & Risk Assessments — Lead global teams through structured analysis, mitigation planning, and traceability to controls; escalate material risks when needed.
• Oversee Vulnerability & Post‑Market Security Operations — Monitor signals, coordinate triage, ensure timely remediation, and support incident response readiness.
• Coordinate Cybersecurity Evidence & Compliance — Prepare audit ready documentation, support regulatory submissions, and ensure alignment with global cybersecurity and privacy regulations.
• Manage Security Testing & Supplier Assurance — Plan internal/external testing, analyze findings, drive remediation, and assess third‑party and open‑source cybersecurity risks.
• Enable DevSecOps & Secure Tooling — Support integration of automated security checks, SAST/DAST, and other tooling into CI/CD pipelines.
• Build Cybersecurity Capability Across Teams — Coach R&D and product teams, strengthen security awareness, and cultivate a network of security champions.
• Provide Cross‑Functional Leadership — Advise on risk
• based decisions, influence stakeholders, and contribute to agile development processes and team rituals.
• Support R&D Excellence — Participate in planning and refinement, contribute to onboarding, and share knowledge across communities of practice.

More about you:

• Bachelor’s or Master’s degree in engineering or equivalent experience

• 5+ years of hands‑on experience in software engineering, secure SDLC, system/software architecture, DevSecOps, or technical project management, with at least 3+ years dedicated to cybersecurity in product or platform contexts.Experience in regulated industries (medical devices preferred)

• Strong communication skills; able to translate complex security topics for diverse audiences

• Hands‑on experience with threat modeling, security testing, vulnerability management, and secure coding

• Familiarity with Bluetooth/WLAN/TLS, scripting/programming languages, and modern development workflows

• Knowledge of security frameworks (NIST CSF, ISO 27001, MITRE), privacy regulations (GDPR, HIPAA), and medical device regulations (MDR, FDA)

• Proficiency with Windows, Linux, macOS, and collaboration tools such as Confluence, Jira, Polarion, and MS Teams.

• Basic understanding of AI technologies and associated risks; experience with agentic AI systems is a plus

• Certifications (ISC2, GIAC) are advantageous

• English fluency required; German basics a plus

Don't meet all the criteria? If you’re willing to go all in and learn we'd love to hear from you!

We are looking forward to receiving your application via our online job application platform. For this position only direct applications will be considered. Sonova does not recruit via app, telegram, carrier pigeon or any other format that does not include speaking with an actual human. If you are offered a job without speaking with someone please contact mailto:wholesale.HR@sonova.com

What we offer:

• Exciting and challenging work environment

• Collaborative culture

• Opportunities for continuous self-improvement

• Opportunities for flexible hybrid model work environment

• A company that values diversity and inclusion

• Rich benefits plan including wellness benefit, paramedical (massage therapist, naturopath, etc.) and competitive compensation including variable component and employer match on pension contributions

• Mentorship program and career development plans

This role's pay range is between: $91,000 - $114,000. This role is also bonus eligible.

Sonova Canada is now a certified Great Place to Work® May 2024- May 2025

How we work:
At Sonova, we prioritize the well-being of our employees and foster an inclusive environment that promotes engagement and collaboration. Our team-customized hybrid work model empowers teams to balance individual needs with business goals, offering flexibility and individualized time management. We recognize the importance of life outside of work and strive to create a supportive and motivating workplace where innovation thrives.

Sonova is an equal opportunity employer.

We team up. We grow talent. We collaborate with people of diverse backgrounds to win with the best team in the market place. We guarantee every person equal treatment in regard to employment and opportunity for employment, regardless of a candidate’s ethnic or national origin, religion, sexual orientation or marital status, gender, genetic identity, age, disability or any other legally protected status.

163482