BristolMyers Squibb

Senior Manager, Emerging Technology Risk

BristolMyers Squibb$143K — $173K *
Pharmaceuticals & Biotech
8 - 10 years of experience
Job Overview by Ladders

Qualifications

  • Bachelor's degree in Information Security, Computer Science, Risk Management, Data Science, or related field required.
  • 8+ years of experience in GRC, information security, or technology risk, with 2–3 years focused on AI or emerging technologies.
  • Successful track record designing and implementing GRC frameworks for AI or advanced technology in large enterprises.
  • Hands-on experience with AI governance frameworks like NIST AI RMF and EU AI Act compliance.
  • Strong grasp of cloud-based AI deployment architectures, including data residency implications.

Responsibilities

  • Lead the design and improvement of BMS’s AI governance framework with control models for risk management.
  • Evaluate emerging AI technologies against BMS’s risk appetite and regulatory compliance before approval.
  • Conduct assessments aligned with AI regulations and classify high-risk use cases across various domains.
  • Analyze GenAI tools and LLM deployments for privacy and data issues, navigating legal constraints.
  • Collaborate with stakeholders to define controls for AI technologies based on identified risks.
  • Execute control testing programs for AI, documenting results and tracking remediation plans.
  • Work with engineering teams to integrate GRC controls into AI systems and ensure compliance.

Benefits

  • Health coverage including medical, pharmacy, dental, and vision care.
  • Wellbeing support programs such as employee assistance and wellness accounts.
  • Financial well-being options including a 401(k) plan and life insurance.
  • Unlimited flexible paid time off, with national holidays and additional leave options.
  • Global shutdown between Christmas and New Year for all employees.
Full Job Description

Position Summary:

Bristol Myers Squibb is seeking a Senior Manager, Emerging Technology Risk to join our Security & IT Risk organization. This leader will own the governance, risk, and compliance (GRC) strategy for emerging and disruptive technologies with a primary emphasis on Artificial Intelligence (AI), Generative AI (GenAI), and Large Language Models (LLMs).

As AI rapidly embeds itself into BMS's clinical, commercial, and operational functions, this role is critical to ensuring that AI deployments are safe, compliant, and operationally resilient. The Senior Manager will lead BMS's Secure AI GRC program, partnering closely with business technology leaders, Legal, Privacy, Enterprise Architecture, and external advisors to operationalize AI risk frameworks, archetype-based control models, and regulatory compliance programs across a global, highly regulated pharmaceutical environment.

This is a high-visibility, cross-functional leadership role that requires both deep technical GRC expertise and the executive presence to influence senior stakeholders and translate complex risk topics into clear, actionable guidance.

Key Responsibilities:

  • Lead the design, implementation, and continuous improvement of BMS’s AI governance framework, including archetype-based control models covering risk classification, control objectives, implementation patterns, and acceptable evidence standards.

  • Conduct structured reviews of emerging AI technologies and tools being considered for enterprise adoption, evaluating each against BMS’s risk appetite, security standards, and regulatory obligations before deployment approval.

  • Lead AI risk and conformity assessments aligned to the EU AI Act, NIST AI RMF, ISO/IEC 42001, and applicable global privacy regulations (GDPR, EDPB, state-level AI laws), including risk classification for high-risk use cases across Clinical, Commercial, and R&D domains.

  • Assess GenAI tools and LLM deployments including Claude (via AWS Bedrock), ChatGPT, and other third-party services for data privacy, contractual, and data residency implications; navigate legal and licensing constraints including third-party data ingestion restrictions and BMS-controlled vs. SaaS deployment considerations.

  • Partner with business, technology, Legal, and Privacy stakeholders to define and implement controls for approved AI technologies, ensuring controls are practical, embedded in workflows, and aligned to identified risks.

  • Design and execute control testing programs for AI-specific controls, including pre-deployment validation, post-deployment effectiveness testing, and periodic re-assessment as AI capabilities and risk profiles evolve; document results, gaps, and remediation plans and track findings through to closure.

  • Collaborate with Cloud and security engineering to embed foundational GRC controls at the AI gateway and control plane levels prior to production deployment, incorporating model traceability, privacy-by-design, and audit trail requirements.

  • Serve as GRC subject matter expert on BMS’s Secure AI, translating complex risk assessments and control testing outcomes into executive-ready presentations, actionable guidance, and governance reporting for senior leadership.

  • Provide practical guidance to business units on compliant AI tool usage, risk-appetite alignment, and governance requirements; serve as a trusted advisor to product and technology teams navigating the AI review and approval process.

  • Monitor and assess risks from next-generation AI capabilities including agentic AI, multi-modal GenAI, synthetic data pipelines, and quantum-accelerated inference

Qualifications & Requirements:

Education:

  • Bachelor's degree required in Information Security, Computer Science, Risk Management, Data Science, or a related field.

Experience — Required:

  • 8+ years of progressive experience in GRC, information security, or technology risk, with at least 2–3 years directly focused on AI, emerging technology, or data governance.

  • Demonstrated success designing and operationalizing GRC control frameworks for AI or advanced technology platforms in a large, complex enterprise.

  • Hands-on experience with AI governance frameworks: NIST AI RMF, EU AI Act compliance, and/or ISO/IEC 42001 or 23894.

  • Experience assessing LLM/GenAI tools for enterprise deployment risk including prompt injection, hallucination risk, IP leakage, and training data privacy.

  • Strong understanding of cloud-based AI deployment architectures and the data residency/privacy implications of BMS-controlled vs. third-party SaaS environments.

  • Proven ability to influence and communicate with senior executives and external advisors

Experience — Preferred:

  • Experience in Life Sciences, Pharma, or a highly regulated industry (FDA oversight, GxP, clinical data governance).

  • Experience with AI gateway architecture, API security controls, and control plane governance.

  • Exposure to agentic AI systems, model cards, data lineage frameworks, and model lifecycle governance.

Key Competencies & Skills:

Technical GRC Skills:

  • AI/ML risk assessment & model governance

  • EU AI Act, NIST AI RMF, ISO 42001

  • GenAI & LLM risk (hallucination, prompt injection, IP)

  • Cloud architecture & AI gateway controls (AWS/Azure)

  • Data lineage, model traceability, audit readiness

  • GRC platform tooling (ServiceNow, OneTrust)

Leadership & Business Skills:

  • Executive presence & risk communication

  • Cross-functional stakeholder influence

  • Program management & workstream coordination

  • Vendor & consultant management

  • Training & change management

Certifications — Highly Valued:

  • GARP RAI (Responsible AI) Certificate

  • CISSP or CISA (for broader security context)

If you come across a role that intrigues you but doesn’t perfectly line up with your resume, we encourage you to apply anyway. You could be one step away from work that will transform your life and career.

Compensation Overview:

Princeton - NJ - US: $143,230 - $173,555

The starting compensation range(s) for this role are listed above for a full-time employee (FTE) basis. Additional incentive cash and stock opportunities (based on eligibility) may be available. The starting pay rate takes into account characteristics of the job, such as required skills, where the job is performed, the employee’s work schedule, job-related knowledge, and experience. Final, individual compensation will be decided based on demonstrated experience.

Eligibility for specific benefits listed on our careers site may vary based on the job and location. For more on benefits, please visit

Benefit offerings are subject to the terms and conditions of the applicable plans in effect at the time and may require enrollment. Our benefits include:

  • Health Coverage: Medical, pharmacy, dental, and vision care.

  • Wellbeing Support: Programs such as BMS Well-Being Account, BMS Living Life Better, and Employee Assistance Programs (EAP).

  • Financial Well-being and Protection: 401(k) plan, short- and long-term disability, life insurance, accident insurance, supplemental health insurance, business travel protection, personal liability protection, identity theft benefit, legal support, and survivor support.

0Work-life benefits include:

Paid Time Off

  • US Exempt Employees: flexible time off (unlimited, with manager approval, 11 paid national holidays (not applicable to employees in Phoenix, AZ, Puerto Rico or Rayzebio employees)

  • Phoenix, AZ, Puerto Rico and Rayzebio Exempt, Non-Exempt, Hourly Employees: 160 hours annual paid vacation for new hires with manager approval, 11 national holidays, and 3 optional holidays

Based on eligibility*, additional time off for employees may include unlimited paid sick time, up to 2 paid volunteer days per year, summer hours flexibility, leaves of absence for medical, personal, parental, caregiver, bereavement, and military needs and an annual Global Shutdown between Christmas and New Years Day.

All global employees full and part-time who are actively employed at and paid directly by BMS at the end of the calendar year are eligible to take advantage of the Global Shutdown.

*Eligibility Disclosure: The summer hours program is for United States (U.S.) office-based employees due to the unique nature of their work. Summer hours are generally not available for field sales and manufacturing operations and may also be limited for the capability centers. Employees in remote-by-design or lab-based roles may be eligible for summer hours, depending on the nature of their work, and should discuss eligibility with their manager. Employees covered under a collective bargaining agreement should consult that document to determine if they are eligible. Contractors, leased workers and other service providers are not eligible to participate in the program.

About BristolMyers Squibb

BristolMyers Squibb Careers

Join the vibrant team at BristolMyers Squibb, a leader in global biopharmaceutical innovation, where your career growth is as important as the life-changing solutions we develop. At BristolMyers Squibb, we are committed to fostering a diverse and inclusive workplace that encourages professional growth and development. Work You’ll Do Embark on a career with BristolMyers Squibb and be part of a company that’s dedicated to discovering, developing, and delivering innovative medicines that help patients prevail over serious diseases. With us, you’ll contribute to a culture that embraces scientific innovation, responsible leadership, and community outreach. Explore job opportunities in various fields from research to marketing, and join a team that values leadership and diversity. Our commitment to career growth means we support your journey with extensive training programs, leadership development opportunities, and a global, diverse network of professionals. Innovative Work At BristolMyers Squibb, innovation is at the core of everything we do. From pioneering research in oncology to breakthroughs in immunology, our professionals have the opportunity to make significant contributions to the field and impact lives globally. Our collaborative environment encourages team members to challenge the status quo and bring forward ideas that pave the way for groundbreaking solutions. Be Part of a Great Team Working at BristolMyers Squibb means being part of a team that supports your aspirations and shares your values. Our culture thrives on teamwork, respect, and diversity, creating a workplace where everyone can achieve their potential. Enjoy the benefits of being part of a company that values work-life balance, provides competitive benefits, and fosters an environment where skills and leadership are developed through hands-on experience and comprehensive mentorship programs. Future-Proof Your Career With a multitude of job opportunities ranging from internships to full-time positions, BristolMyers Squibb is not just hiring; we’re building futures. We equip our employees with the tools needed for success, including advanced training in diverse skill sets, leadership programs, and opportunities for professional networking and growth. Stay Connected Join Our Team Search open positions that match your skills and interests. We are looking for passionate, curious, and innovative team players who are ready to make a difference. Explore our career portal for all current job listings and be sure to submit your resume. Keep Up to Date Stay informed with the latest company news, career tips, and industry insights from BristolMyers Squibb. Our careers blog is a resource for potential and current employees looking to maximize their career potential. Job Alert Emails Customize your subscription to receive job alerts and insider information tailored to your preferences. Discover the exciting and rewarding career opportunities that await at BristolMyers Squibb. At BristolMyers Squibb, your career is just the beginning – it’s a pathway to personal and professional fulfillment. Join us and make a global impact.
Learn more about BristolMyers Squibb
Size
32,200 employees
Market Cap
$156.3 billion
Industry
Net Income
-$9 billion
Founded
1887
5 Year Trend
+19%
Revenue
$42.5 billion
NASDAQ

Similar Jobs

More Jobs at BristolMyers Squibb

More Pharmaceuticals & Biotech Jobs

Find similar Senior Manager, Emerging Technology Risk jobs: