Executive Director - Operational Risk Assessment & Oversight

Working with Us
Challenging. Meaningful. Life-changing. Those aren’t words that are usually associated with a job. But working at Bristol Myers Squibb is anything but usual. Here, uniquely interesting work happens every day, in every department. From optimizing a production line to the latest breakthroughs in cell therapy, this is work that transforms the lives of patients, and the careers of those who do it. You’ll get the chance to grow and thrive through opportunities uncommon in scale and scope, alongside high-achieving teams. Take your career farther than you thought possible.

Bristol Myers Squibb recognizes the importance of balance and flexibility in our work environment. We offer a wide variety of competitive benefits, services and programs that provide our employees with the resources to pursue their goals, both at work and in their personal lives. Read more: careers.bms.com/working-with-us.

Position Summary

The Executive Director, Operational Risk Assessment & Oversight is a senior risk leader within Strategic Risk Management (SRM), accountable for independent, second-line assessment quality, oversight, and escalation of operational risks arising from third-party relationships and ESG-related risk, including human rights.

Operational risk in this context refers to risks originating from internal operations, supply chain sourcing, suppliers, contractors, and other third-party relationships that may have enterprise-level impact if unmanaged.

This role ensures that designated operational risk domains are assessed consistently, calibrated against risk appetite, supported by aligned metrics and KPIs, and escalated appropriately into the enterprise risk portfolio owned by Strategic Risk Portfolio & Intelligence.

The role is intentionally designed to reinforce oversight, risk monitoring enablement, and escalation. 

Key Responsibilities

• Enterprise Operational Risk Assessment & Oversight

• Ensure consistent calibration of inherent, residual, and out-of-tolerance risk.

• Maintain risk metrics and KPIs aligned to the strategic risk framework, enabling ongoing risk monitoring across the organization.

• Apply SRM risk appetite to determine when risks require elevation into enterprise risk forums.

• Support risk domains with tracking and mitigation of enterprise level third party and human rights related inherent and residual risk

Risk Triangulation Across Domains

• Triangulate third party and ESG related risk signals across domains (i.e. procurement, supply chain, cyber, quality, compliance, legal, ESG, and resilience).

• Identify systemic, concentration, and compounding operational risk not visible within single domains.

• Synthesize inputs into a clear, decision-ready operational risk view.

Third-Party & ESG-Related Risk Oversight (Including Human Rights)

• Comprehensive, enterprise oversight of third-party and ESG-related operational risk assessments across risk domains.

• Ensure human rights risk is assessed using risk-based, enterprise-consistent criteria, not programmatic indicators.

• Monitor regulatory, geopolitical, and stakeholder developments that may shift risk posture.

Escalation, Insight & Reporting

• Serve as the SRM escalation point for material third-party and ESG-related operational risks.

• Provide Senior Leader-ready and Audit Committee-ready insight grounded in metrics, trends, and forward-looking indicators.

• Partner with Strategic Risk Portfolio & Intelligence to ensure escalated risks are decision-ready.

Leadership & Influence

• Lead a focused SRM team delivering assessment rigor, monitoring enablement, and advisory support.

• Influence across functions without direct authority, reinforcing first-line accountability.

• Strategize and lead executive and audit committee reporting on third-party risk oversite. 

• Model disciplined escalation and enterprise-level thinking.

Key Stakeholders

• Enterprise Risk Committee & Audit Committee

• Procurement & Supplier Management (execution owner)

• Sustainability and Social Impact

• Risk Domains (Cyber, Quality, Compliance, Legal, Resilience)

• Internal Audit

Qualifications

• B.S./B.A.

• 12–15 years of experience in operational risk, third-party risk, ESG/human rights, supply chain, or related disciplines

• Significant experience in highly regulated industries (pharma preferred)

• Strong executive presence, judgment, and ability to operate at senior leader and Audit Committee levels

• Experience leveraging analytics and metrics to enable risk monitoring and insight

Preferred Qualifications:

• M.S./M.B.A.

• Professional certifications (e.g., CPM, CPIM, Six Sigma).

#li-hybrid

If you come across a role that intrigues you but doesn’t perfectly line up with your resume, we encourage you to apply anyway. You could be one step away from work that will transform your life and career.

$276,170 - $334,647

The starting compensation range(s) for this role are listed above for a full-time employee (FTE) basis. Additional incentive cash and stock opportunities (based on eligibility) may be available. The starting pay rate takes into account characteristics of the job, such as required skills, where the job is performed, the employee’s work schedule, job-related knowledge, and experience. Final, individual compensation will be decided based on demonstrated experience. 

Eligibility for specific benefits listed on our careers site may vary based on the job and location. For more on benefits, please visit https://careers.bms.com/life-at-bms/.
 

Benefit offerings are subject to the terms and conditions of the applicable plans in effect at the time and may require enrollment. Our benefits include:

• Health Coverage: Medical, pharmacy, dental, and vision care.

• Wellbeing Support: Programs such as BMS Well-Being Account, BMS Living Life Better, and Employee Assistance Programs (EAP).

• Financial Well-being and Protection: 401(k) plan, short- and long-term disability, life insurance, accident insurance, supplemental health insurance, business travel protection, personal liability protection, identity theft benefit, legal support, and survivor support.

​Work-life benefits include:

Paid Time Off

• US Exempt Employees: flexible time off (unlimited, with manager approval, 11 paid national holidays (not applicable to employees in Phoenix, AZ, Puerto Rico or Rayzebio employees)

• Phoenix, AZ, Puerto Rico and Rayzebio Exempt, Non-Exempt, Hourly Employees: 160 hours annual paid vacation for new hires with manager approval, 11 national holidays, and 3 optional holidays

Based on eligibility*, additional time off for employees may include unlimited paid sick time, up to 2 paid volunteer days per year, summer hours flexibility, leaves of absence for medical, personal, parental, caregiver, bereavement, and military needs and an annual Global Shutdown between Christmas and New Years Day.

All global employees full and part-time who are actively employed at and paid directly by BMS at the end of the calendar year are eligible to take advantage of the Global Shutdown. 

*Eligibility Disclosure: The summer hours program is for United States (U.S.) office-based employees due to the unique nature of their work. Summer hours are generally not available for field sales and manufacturing operations and may also be limited for the capability centers. Employees in remote-by-design or lab-based roles may be eligible for summer hours, depending on the nature of their work, and should discuss eligibility with their manager. Employees covered under a collective bargaining agreement should consult that document to determine if they are eligible. Contractors, leased workers and other service providers are not eligible to participate in the program.

Uniquely Interesting Work, Life-changing Careers
With a single vision as inspiring as “Transforming patients’ lives through science™ ”, every BMS employee plays an integral role in work that goes far beyond ordinary. Each of us is empowered to apply our individual talents and unique perspectives in a supportive culture, promoting global participation in clinical trials, while our shared values of passion, innovation, urgency, accountability, inclusion and integrity bring out the highest potential of each of our colleagues.

On-site Protocol

BMS has an occupancy structure that determines where an employee is required to conduct their work. This structure includes site-essential, site-by-design, field-based and remote-by-design jobs. The occupancy type that you are assigned is determined by the nature and responsibilities of your role:

Site-essential roles require 100% of shifts onsite at your assigned facility. Site-by-design roles may be eligible for a hybrid work model with at least 50% onsite at your assigned facility. For these roles, onsite presence is considered an essential job function and is critical to collaboration, innovation, productivity, and a positive Company culture. For field-based and remote-by-design roles the ability to physically travel to visit customers, patients or business partners and to attend meetings on behalf of BMS as directed is an essential job function.

Supporting People with Disabilities

BMS is dedicated to ensuring that people with disabilities can excel through a transparent recruitment process, reasonable workplace accommodations/adjustments and ongoing support in their roles. Applicants can request a reasonable workplace accommodation/adjustment prior to accepting a job offer. If you require reasonable accommodations/adjustments in completing this application, or in any part of the recruitment process, direct your inquiries to adastaffingsupport@bms.com. Visit careers.bms.com/eeo-accessibility to access our complete Equal Employment Opportunity statement.

Candidate Rights

BMS will consider for employment qualified applicants with arrest and conviction records, pursuant to applicable laws in your area.

If you live in or expect to work from Los Angeles County if hired for this position, please visit this page for important additional information: https://careers.bms.com/california-residents/

Data Protection

We will never request payments, financial information, or social security numbers during our application or recruitment process. Learn more about protecting yourself at https://careers.bms.com/fraud-protection.

Any data processed in connection with role applications will be treated in accordance with applicable data privacy policies and regulations.

If you believe that the job posting is missing information required by local law or incorrect in any way, please contact BMS at TAEnablement@bms.com. Please provide the Job Title and Requisition number so we can review. Communications related to your application should not be sent to this email and you will not receive a response. Inquiries related to the status of your application should be directed to Chat with Ripley.

R1599456 : Executive Director - Operational Risk Assessment & Oversight