Senior IT Risk Analyst at Bristol Myers Squibb - ScoutJobs - The AI-curated global job board
Skip to content
Bristol Myers Squibb
Posted 6 days ago

Senior IT Risk Analyst

Bristol Myers Squibb

Requirements

5–10 years IT risk management experience, Knowledge of NIST Cyber Risk Management Framework, Knowledge of NIST 800-53, Experience with GDPR, EU AI Act, or CCPA, Advanced experience with GRC platforms, Experience with AI/ML or emerging technology risk

Skills

risk managementCybersecurityNISTGDPRServiceNowAI

About the role

Responsibilities

  • Serve as the senior analytical authority for complex, high-tier risk cases, including Cyber Risk, AI risk, and cross-jurisdictional privacy complexity.
  • Provide strategic risk advisory support to IT leadership, Legal/Privacy, and business stakeholders, translating complex landscapes into actionable guidance.
  • Own the integrity of risk determination records for high-profile programs and provide independent reviews for ambiguous risk signals.
  • Monitor patterns across risk assessments to identify systematic accuracy issues, framework gaps, or emerging risk themes.
  • Support the evolution of the integrated risk framework and contribute to continuous monitoring initiatives.
  • Lead engagement with senior project sponsors, IT architects, and Compliance teams on high-complexity assessments.
  • Ensure audit-ready documentation standards and validate complex GRC records for accuracy and defensibility.
  • Mentor and guide junior analysts, serving as a calibration resource and quality anchor for the team.

Requirements

  • 5–10 years of progressive experience in IT risk management, cybersecurity risk, IT audit, or privacy compliance.
  • Deep knowledge of NIST Cyber Risk Management Framework and NIST 800-53 controls library.
  • Proficiency with at least one major privacy regulatory framework, such as GDPR, EU AI Act, or CCPA.
  • Advanced experience working with GRC platforms (e.g., ServiceNow GRC or equivalent).
  • Proven experience with AI/ML, automation, or emerging technology risk programs.
  • Strong executive communication skills with experience presenting findings to senior leadership or audit audiences.

Preferred Qualifications

  • Experience in digital transformation and data privacy risk governance.
  • Ability to drive alignment across Legal, Privacy, IT, and Business functions without formal authority.
  • Strategic mindset with the ability to interpret system-generated risk signals in an automation-enabled environment.

About the Company

Bristol Myers Squibb is a global biopharmaceutical company with a mission to discover, develop, and deliver innovative medicines that help patients prevail against serious diseases. We offer a supportive culture that promotes global participation and shared values of passion, innovation, and integrity.

ScoutJobs Agent

Get matches like this delivered daily

Sign up free — we'll pull jobs that fit your CV from across the web and rank them for you.

Get started — it's free

Senior IT Risk Analyst

Bristol Myers Squibb · Hyderabad

Sign up to apply