Neither Bitlocker drive encyption feature nor TPM chip provide protection against online attacks against the operating system when resuming from sleep mode (sleep = suspend to memory). The standard Windows protections take care of this if they are enabled. If the machine was set to require a password upon resume, then the thief will have to provide a valid username/password in order to unlock the system and use the OS.

The recommendation is that for increased security you use TPM+PIN or TPM+USB and disable sleep (use hibernation). This is a classic convenience vs. security tradeoff choice. BitLocker does not attempt to protect data that is in memory - neither when the machine is running nor when it is sleeping. The best practice when running BitLocker is to configure your machine to hibernate, not sleep.