Bristol Myers Squibb logo

Senior Counsel, Data Governance, Law & Compliance

Bristol Myers Squibb
June 30, 2026
Remote friendly (Princeton, NJ)
United States
Corporate Functions
Position Summary
Senior Counsel, Data Governance, Law & Compliance provides legal and compliance leadership for enterprise data governance and responsible AI adoption in a regulated life sciences environment, partnering with BI&T and Privacy Law & Compliance.

Key Responsibilities
- Provide legal counsel on enterprise data governance across the data lifecycle (classification, access, use, sharing, retention, disposition).
- Advance data governance operating model/accountability and governance forums.
- Draft data governance policies/standards (classification, acceptable use/handling, records & retention, residency & cross-border transfers, third-party handling, privilege handling, trade secret protection, crown jewel protection).
- Collaborate on responsible AI standards and secondary use/reuse frameworks so AI pipeline data is lawful and contractually permitted.
- Partner with Privacy on personal data/privacy matters and align governance controls with the privacy program.
- Advise on non-privacy obligations across clinical/real world data, GxP data integrity, commercial/financial data (MNPI, SOX), and HR/employee data.
- Track/interpret global data & AI laws/standards and translate into policies/playbooks/training.
- Partner with external advisors; review deliverables for legal soundness.
- Work with Information Security to ensure enforceable controls and defensible evidence.
- Review/negotiage data-related contractual provisions with vendors/partners (use, residency, downstream restrictions, audit rights) with Privacy and technology contracting.
- Design/deliver data governance training; maintain documentation for audit readiness.

Qualifications
- JD (or equivalent) and active bar membership in at least one U.S. jurisdiction.
- 7–10 years legal experience (top law firm or in-house).
- 2+ years data governance or information law, building/implementing a data governance program.
- Command of data governance/records management/cross-border transfer/export control/trade secret/AI-data regulatory frameworks; familiarity with privacy law (HIPAA, GDPR, U.S. state regimes).
- Translate legal requirements into operational/technical controls with info security/privacy/data platform teams.
- Strong drafting, analytical, and stakeholder management; independent in fast-moving environments.
- Sound judgment/discretion.

Preferred Skills
- CIPP (US/E), CIPM, IAPP AIGP, and/or CIPT.
- Life sciences/pharma/biotech/healthcare experience; GxP data integrity; FDA/EMA/PMDA inspection support.
- AI governance experience (provenance, secondary use, model lifecycle controls); SOC 2/ISO 27001/27701/42001; vendor data risk review/contracting.

Compensation & Benefits (if applicable)
- Princeton, NJ, US: $221,340–$268,212.
- Benefits include medical/pharmacy/dental/vision; wellbeing support; 401(k); short/long-term disability; life and accident insurance; legal support; survivor support.
- Paid time off (flexible time off for US exempt employees; annual vacation/holidays for certain Phoenix/Puerto Rico/Rayzebio roles).