Cloud Compliance and Security Analyst
Working with Us
Challenging. Meaningful. Life-changing. Those aren’t words that are usually associated with a job. But working at Bristol Myers Squibb is anything but usual. Here, uniquely interesting work happens every day, in every department. From optimizing a production line to the latest breakthroughs in cell therapy, this is work that transforms the lives of patients, and the careers of those who do it. You’ll get the chance to grow and thrive through opportunities uncommon in scale and scope, alongside high-achieving teams rich in diversity. Take your career farther than you thought possible.
Bristol Myers Squibb recognizes the importance of balance and flexibility in our work environment. We offer a wide variety of competitive benefits, services and programs that provide our employees with the resources to pursue their goals, both at work and in their personal lives. Read more: careers.bms.com/working-with-us
The Cloud Computing group is part of the Global Information Technology Core Services organization providing innovative technical solutions across the enterprise. This position reports to the Director, Cloud FinOps and Compliance and will be responsible for cloud compliance and security.
As part of the cloud engineering team, you will help to support cloud infrastructure, explore cloud native and hybrid solutions, and provide those solutions to the various communities utilizing cloud based services. The successful candidate will partner closely with development teams, managed service providers, business partners, technical functions, and Cyber Security.
- Ensure frictionless access to our cloud services while maintaining security and data protection
- Enable DevOps teams, COTS vendors, and power users to utilize the services we provide
- Provide specialized and differentiated services to organizations as needed
- Provide support needed for development communities and other teams to realize full benefits of cloud services
- Help teams secure their data and applications through compliance to cloud security controls
- Instill amongst our consumers a sense of ownership and responsibility for the services they create/consume
- Further the adoption of cloud compliance and security best practices through ownership of training, education, and awareness campaigns
- Collaborate and partner with internal stakeholders on compliance to required controls and monitor effectiveness against the controls
- Act as Internal/External Audit Liaison
- Support teams in achieving security compliance across infrastructure resources in all cloud platforms
- Maintain and update as needed, the cloud controls framework and ensure key controls align with company policies
- Develop compliance reports that identify compliance controls and gaps
- Develop and utilize metrics and KPIs to assure compliance program success and progress
- Provide day to day support for the governance, management, and coordination of activities related to the cloud compliance and security
- Demonstrated knowledge of infrastructure components (e.g. cloud platform - AWS, GCP, Azure, containerization, compute, storage, and compliance controls)
- Scripting skills, i.e., Python, Bash, Ruby, Perl, PowerShell, etc.
- Exposure to /experience with security compliance framework (NIST; CIS), cyber security, firewalls, encryption controls, elevated privilege models and key management
- Hands-on technical practitioner
- Automation experience
- Compliance focused and results driven
- Works with a high level of independence and ability to make decisions
- Good organizational, analytical, and planning skills
- Strong verbal and written communication skills, with the ability to work effectively across internal and external organizations
Qualifications and Skills:
- Preferred: Bachelor of Science technical degree - Computer Science or Engineering, or commensurate experience
- Preferred: certifications (CISA; CISSP; CISM), or training relative to position and future career goals
If you come across a role that intrigues you but doesn’t perfectly line up with your resume, we encourage you to apply anyway. You could be one step away from work that will transform your life and career.
Uniquely Interesting Work, Life-changing Careers
With a single vision as inspiring as “Transforming patients’ lives through science™ ”, every BMS employee plays an integral role in work that goes far beyond ordinary. Each of us is empowered to apply our individual talents and unique perspectives in an inclusive culture, promoting diversity in clinical trials, while our shared values of passion, innovation, urgency, accountability, inclusion and integrity bring out the highest potential of each of our colleagues.
Physical presence at the BMS worksite or physical presence in the field is a necessary job function of this role, which the Company deems critical to collaboration, innovation, productivity, employee well-being and engagement, and it enhances the Company culture.
To protect the safety of our workforce, customers, patients and communities, the policy of the Company requires all employees and workers in the U.S. and Puerto Rico to be fully vaccinated against COVID-19, unless they have received an exception based on an approved request for a medical or religious reasonable accommodation. Therefore, all BMS applicants seeking a role located in the U.S. and Puerto Rico must confirm that they have already received or are willing to receive the full COVID-19 vaccination by their start date as a qualification of the role and condition of employment. This requirement is subject to state and local law restrictions and may not be applicable to employees working in certain jurisdictions such as Montana. This requirement is also subject to discussions with collective bargaining representatives in the U.S.
BMS is dedicated to ensuring that people with disabilities can perform complex functions through a transparent recruitment process, reasonable workplace adjustments and ongoing support in their roles. Applicants can request an accommodation prior to accepting a job offer. If you require reasonable accommodation in completing this application, or in any part of the recruitment process, direct your inquiries to firstname.lastname@example.org. Visit careers.bms.com/eeo-accessibility to access our complete Equal Employment Opportunity statement.
BMS will consider for employment qualified applicants with arrest and conviction records, pursuant to applicable laws in your area.
Any data processed in connection with role applications will be treated in accordance with applicable data privacy policies and regulations.