Job was saved successfully.
Job was removed from Saved Jobs.

Job Details

Bristol Myers Squibb

Cloud Compliance and Security Analyst


Cyber Security Analyst


Princeton, New Jersey, United States

Working with Us
Challenging. Meaningful. Life-changing. Those aren’t words that are usually associated with a job. But working at Bristol Myers Squibb is anything but usual. Here, uniquely interesting work happens every day, in every department. From optimizing a production line to the latest breakthroughs in cell therapy, this is work that transforms the lives of patients, and the careers of those who do it. You’ll get the chance to grow and thrive through opportunities uncommon in scale and scope, alongside high-achieving teams rich in diversity. Take your career farther than you thought possible.

Bristol Myers Squibb recognizes the importance of balance and flexibility in our work environment. We offer a wide variety of competitive benefits, services and programs that provide our employees with the resources to pursue their goals, both at work and in their personal lives. Read more:


The Cloud Computing group is part of the Global Information Technology Core Services organization providing innovative technical solutions across the enterprise. This position reports to the Director, Cloud FinOps and Compliance and will be responsible for cloud compliance and security.

As part of the cloud engineering team, you will help to support cloud infrastructure, explore cloud native and hybrid solutions, and provide those solutions to the various communities utilizing cloud based services. The successful candidate will partner closely with development teams, managed service providers, business partners, technical functions, and Cyber Security.


  • Ensure frictionless access to our cloud services while maintaining security and data protection
  • Enable DevOps teams, COTS vendors, and power users to utilize the services we provide
  • Provide specialized and differentiated services to organizations as needed
  • Provide support needed for development communities and other teams to realize full benefits of cloud services
  • Help teams secure their data and applications through compliance to cloud security controls
  • Instill amongst our consumers a sense of ownership and responsibility for the services they create/consume
  • Further the adoption of cloud compliance and security best practices through ownership of training, education, and awareness campaigns
  • Collaborate and partner with internal stakeholders on compliance to required controls and monitor effectiveness against the controls
  • Act as Internal/External Audit Liaison
  • Support teams in achieving security compliance across infrastructure resources in all cloud platforms
  • Maintain and update as needed, the cloud controls framework and ensure key controls align with company policies
  • Develop compliance reports that identify compliance controls and gaps
  • Develop and utilize metrics and KPIs to assure compliance program success and progress
  • Provide day to day support for the governance, management, and coordination of activities related to the cloud compliance and security

Skills/Knowledge Required:

  • Demonstrated knowledge of infrastructure components (e.g. cloud platform - AWS, GCP, Azure, containerization, compute, storage, and compliance controls)
  • Scripting skills, i.e., Python, Bash, Ruby, Perl, PowerShell, etc.
  • Exposure to /experience with security compliance framework (NIST; CIS), cyber security, firewalls, encryption controls, elevated privilege models and key management
  • Hands-on technical practitioner
  • Automation experience
  • Compliance focused and results driven
  • Works with a high level of independence and ability to make decisions
  • Good organizational, analytical, and planning skills
  • Strong verbal and written communication skills, with the ability to work effectively across internal and external organizations

Qualifications and Skills:

  • Preferred: Bachelor of Science technical degree - Computer Science or Engineering, or commensurate experience
  • Preferred: certifications (CISA; CISSP; CISM), or training relative to position and future career goals

If you come across a role that intrigues you but doesn’t perfectly line up with your resume, we encourage you to apply anyway. You could be one step away from work that will transform your life and career.

Uniquely Interesting Work, Life-changing Careers
With a single vision as inspiring as “Transforming patients’ lives through science™ ”, every BMS employee plays an integral role in work that goes far beyond ordinary. Each of us is empowered to apply our individual talents and unique perspectives in an inclusive culture, promoting diversity in clinical trials, while our shared values of passion, innovation, urgency, accountability, inclusion and integrity bring out the highest potential of each of our colleagues.

On-site Protocol
Physical presence at the BMS worksite or physical presence in the field is a necessary job function of this role, which the Company deems critical to collaboration, innovation, productivity, employee well-being and engagement, and it enhances the Company culture.

BMS is dedicated to ensuring that people with disabilities can excel through a transparent recruitment process, reasonable workplace accommodations/adjustments and ongoing support in their roles. Applicants can request a reasonable workplace accommodation/adjustment prior to accepting a job offer. If you require reasonable accommodations/adjustments in completing this application, or in any part of the recruitment process, direct your inquiries to Visit to access our complete Equal Employment Opportunity statement.

BMS cares about your well-being and the well-being of our staff, customers, patients, and communities. As a result, the Company strongly recommends that all employees be fully vaccinated for Covid-19 and keep up to date with Covid-19 boosters.

BMS will consider for employment qualified applicants with arrest and conviction records, pursuant to applicable laws in your area.

Any data processed in connection with role applications will be treated in accordance with applicable data privacy policies and regulations.