Director Data Risk & Protection

Bristol Myers Squibb

Quick summary

Work type: On-site
Location: Princeton, NJ
Salary: $188,790–$228,763 / yr
Posted: 6 days ago
Closes: Aug 7, 2026
Nearby: 99+ roles within 25 mi

Market check

Salary context

Competitive pay

How this pay compares to similar roles

Similar $193k

This role $209k

$141k most similar roles pay here $238k

This role pays more than 62% of similar roles. Most pay $158,557–$226,601 — the shaded band above. At the midpoint, this role pays about $209k versus about $193k for comparable roles.

Based on 239 similar postings.

Employer

About Bristol Myers Squibb

Bristol Myers Squibb is a global biopharmaceutical company committed to discovering, developing and delivering innovative medicines to patients.

Bristol Myers Squibb currently has 31 open roles on FindRole.

Listed pay typically runs $137,530–$166,654 across 31 roles with salary data.

Most-posted roles

View all roles at Bristol Myers Squibb

At a glance

TL;DR · Director Data Risk & Protection

Apply Now Log in to save

As a Director of Data Risk and Protection at BMS, you will lead the development and execution of an enterprise-wide data risk and protection strategy that aligns with regulatory requirements and broader cybersecurity goals. Your responsibilities include designing and implementing an operating model for data risk management, establishing comprehensive programs for policy governance and incident response, and developing multi-year capability roadmaps. You will work closely with technical teams to operationalize insider threat monitoring and analytics capabilities, oversee the end-to-end lifecycle of insider risk cases, and ensure timely and proportionate incident responses. Additionally, you will manage BMS’s enterprise DLP program across various platforms, govern data classification policies, and collaborate with Legal, HR, Compliance, and Privacy teams to develop and maintain data protection policies. This role requires 10+ years of experience in cybersecurity and data risk management, strong technical fluency in tools like SIEM, UEBA, DLP, and cloud security platforms, and expertise in legal and privacy considerations relevant to the pharmaceutical industry.

Skills

SIEM UEBA DLP EDR XDR CASB IAM PAM Microsoft 365 Security Azure AWS Metrics Dashboards GDPR CCPA HIPAA Cloud security platforms Collaboration security tools Legal Privacy Ethical considerations Cross-border data transfers

What you'll do

Define and lead the enterprise Data Risk and Protection strategy.
Design and implement the operating model for data risk protection, including team structure and process workflows.
Establish and continuously evolve a comprehensive Data Risk & Protection program with clear KPIs.
Develop and execute a multi-year capability roadmap with measurable outcomes.
Lead the scaling of the Data Risk & Protection function, building specialist capabilities.

What we're looking for

10+ years of experience in cybersecurity and data risk management in large enterprises.
Proven track record leading complex, enterprise-scale security programs in regulated industries.
Strong technical expertise with SIEM, UEBA, DLP, IAM, PAM, and cloud security platforms.
Familiarity with legal, privacy, and ethical considerations related to employee monitoring and data protection.
Ability to build and lead a high-performing multidisciplinary team and drive measurable outcomes.
Experience in leading complex investigations involving cross-functional coordination with Legal, HR, Compliance.
Strong analytical skills using metrics and dashboards to measure program impact and identify improvements.

Similar roles

Sr. Risk Manager, Data Protection

Capital One Financial

Richmond, VA +3 41 days ago $229,900–$262,400

AWS NIST_Cybersecurity_Framework NIST_800_53 ISO_27001 CISSP CISM CRISC Encryption Tokenization Data_Labeling Cryptography Cyber_Risk_Management Data_Protection Technical_Assessments

Save

Director Application & Data Technology Risk

The Hartford

Columbus, OH +2 39 days ago $153,600–$230,400

DevOps CI/CD SDLC AI GenAI Cloud-Native Services Agile Delivery Infrastructure as Code Terraform AWS Azure Google Cloud Platform Kubernetes Docker PostgreSQL MongoDB CIS Controls NIST COBIT Python JavaScript Java CI/CD Pipelines APIs Identity and Access Management Logging and Monitoring Network Security Encryption Resiliency

Hybrid

Save

Director Cybersecurity

Abbott

Alameda, CA +2 33 days ago $172,000–$344,000

AWS Azure GCP Kubernetes Terraform Python Go Docker CI/CD Prometheus Grafana ISO 27001 ISO 27002 ISO 13485 IEC 62304 FDA cybersecurity guidance HIPAA GDPR 21 CFR Part 11 Secure SDLC Threat modeling Application security testing Dependency risk management IAM Network security Logging/monitoring Secrets management Infrastructure-as-code security Vulnerability management Incident response Penetration tests Red team exercises Security code reviews Third-party risk management SBOM/CBOM practices Vendor security reviews

Save

Director, Technology & Cyber Risk Metrics

Capital One Financial

Richmond, VA +1 17 days ago $230,400–$263,000

Python SQL Azure AWS GCP Kubernetes Docker CI/CD Prometheus Grafana PostgreSQL Snowflake GitLab Jira Confluence NIST ISO27001 SOC2 DevOps Agile

Save

Director, Information Security Officer

Capital One Financial

McLean, VA +2 34 days ago $269,100–$307,200

AWS Azure GCP DevOps CI/CD Kubernetes Docker Microservices Serverless APIs Encryption Zero Trust NIST CSF FFIEC CAT CIS RAM PCI DSS Generative AI Data Lakes Cloud Services Containers

Save

Director, Exposure Management (Cybersecurity Defense)

Cardinal Health

Remote (Us-Nationwide-Field, US) 14 days ago $135,400–$208,100

Rapid7 AWS Azure GCP CI/CD NIST CSF ISO 27001 DLP DSPM CNAPP CASB Vulnerability Management Configuration Management Firewall Monitoring Risk-Based Prioritization Endpoint Security Mobile Security Data Protection Cloud Security Network Security Security Configuration Standards Automation Kubernetes Terraform

Remote

Save