Job Description

At Bristol Myers Squibb, we are inspired by a single vision – transforming patients’ lives through science. In oncology, hematology, immunology and cardiovascular disease – and one of the most diverse and promising pipelines in the industry – each of our passionate colleagues contribute to innovations that drive meaningful change. We bring a human touch to every treatment we pioneer. Join us and make a difference.

BMS is looking for a candidate owning the mission of securing a supply chain of life-saving medicines. The Ecosystem Security and Protection (ESP) program exist to understand, protect, manage, and mitigate the external risks to BMS from our supply chain, merger/acquisition strategy, geographical strategy, and data privacy regulation/compliance. The Ecosystem Security candidate is responsible for leading the execution of the Supply Chain Cyber Risk program, establishing/executing assessment and remediation plans against our vendor ecosystem, and working with other cybersecurity functions to manage supplier, partner, and vendor risk.

Primary Responsibilities of this role include:

• Leading innovation in the onboarding and monitoring third party engagements including performing/facilitating/documenting all efforts and results in the company system of record
• Manages the timely execution of projects providing innovation, efficiency, and scale to the Supply Chain Cyber Risk Program
• Active engagement with operational vendor managers, corporate control groups, and vendors (third parties) to identify and translate potential risks related to the vendor's engagement (product/service).
• Liaison between the Procurement, Business Units and within IT to identify, investigate and remediate vendor and supplier engagements
• Leading the facilitation and management of the appropriate due diligence. As well as additional investigations aimed to understand the risk presented by the engagement to BMS.
• Leading the efforts of reading/analyzing vendor engagements, including contractual terms, that present risk and liability
• Leverage third-party software to obtain vendor detail for company usage consideration
• Communicate vendor risk concepts in simplified, understandable terms to various parties
• Continued monitoring and management of third-party engagements
• Provide timely response to inquiries from business stakeholders and vital suppliers
• Establish a business partner relationship with key suppliers, partners, and vendors within the BMS ecosystem
• Manage the performance objectives, performance reviews, coaching, and all other personnel matters for the risk team
• Establish consistent reporting of supply chain risks to business stakeholders, IT leadership, global sourcing/procurement, and the vital supply chain

Desired Experience:

• Experience as a risk professional and inclusive team leader
• Ability to evaluate and manage supplier risk
• Experience defining, monitoring, and reporting Cybersecurity metrics
• Experience contributing to Cybersecurity policies and Standard Operating Procedures
• Seasoned direct and matrix management skills, with a particular emphasis on energizing and developing talent.
• Ability to influence at an executive level both internally and externally.
• Excellent written, oral and presentation skills and an ability to synthesize complex and technical information into clear recommendations on course of action.
• Excellent customer service and customer support skills.
• Detail orientation and strong analytical skills
• High level of self-motivation and initiative, and ability to operate as a team player.
• Willingness to offer thought leadership, to think creatively, and to offer new ways to approach old problems
• Flexibility and ability to think creatively and to identify new ways to approach old problems.
• Ability to identify and pursue multiple initiatives simultaneously and deliver superior results.
• Security certifications including CISSP, CSSLP, CISM, are a plus.

Around the world, we are passionate about making an impact on the lives of patients with serious diseases. Empowered to apply our individual talents and diverse perspectives in an inclusive culture, our shared values of passion, innovation, urgency, accountability, inclusion and integrity bring out the highest potential of each of our colleagues.

Bristol Myers Squibb recognizes the importance of balance and flexibility in our work environment. We offer a wide variety of competitive benefits, services and programs that provide our employees with the resources to pursue their goals, both at work and in their personal lives. 

Physical presence at the BMS worksite or physical presence in the field is an essential job function of this role which the Company deems critical to collaboration, innovation, productivity, employee well-being and engagement, and enhances the Company culture.

To protect the safety of our workforce, customers, patients and communities, the policy of the Company requires all employees and workers in the U.S. and Puerto Rico to be fully vaccinated against COVID-19, unless they have received an exception based on an approved request for a medical or religious reasonable accommodation.  Therefore, all BMS applicants seeking a role located in the U.S. and Puerto Rico must confirm that they have already received or are willing to receive the full COVID-19 vaccination by their start date as a qualification of the role and condition of employment.  This requirement is subject to state and local law restrictions and may not be applicable to employees working in certain jurisdictions such as Montana. This requirement is also subject to discussions with collective bargaining representatives in the U.S.

Our company is committed to ensuring that people with disabilities can excel through a transparent recruitment process, reasonable workplace adjustments and ongoing support in their roles. Applicants can request an approval of accommodation prior to accepting a job offer. If you require reasonable accommodation in completing this application or if you are applying to a role based in the U.S. or Puerto Rico and you believe that you are unable to receive a COVID-19 vaccine due to a medical condition or sincerely held religious belief, during or any part of the recruitment process, please direct your inquiries to adastaffingsupport@bms.com. Visit careers.bms.com/eeo-accessibility to access our complete Equal Employment Opportunity statement.

Any data processed in connection with role applications will be treated in accordance with applicable data privacy policies and regulations.