Program Manager- Marketplace security and privacy support
United States
Full Time
2 hours ago
No H1B
Key skills
IT governancecybersecurityprogram managementAgile methodologiesrisk managementstakeholder managementKPI reportingcommunication skillsteam leadershipproblem-solvingAgileScrumLeadershipProject ManagementStakeholder Management
About this role
Precise Software Solutions, Inc. is a mission-focused technology services company delivering secure digital platforms, infrastructure, and operational IT services to government organizations. The Program Manager will lead Marketplace security and privacy support contract outcomes, ensuring delivery coordination and governance of scope, cost, and schedule across multiple teams.
Responsibilities:
- Leads and is accountable for Marketplace security and privacy support contract outcomes across the full task portfolio, serving as the primary interface to the CMS COR and ensuring delivery coordination, PI/OE integration, and executive reporting
- Overall accountability, governance of scope/cost/schedule, cross-team prioritization, executive reporting, and alignment of all workstreams to Marketplace and Open Enrollment milestones
- Maintains a governance and execution cadence that integrates security work into Marketplace planning cycles (PI planning / OE readiness), consistent with the staffing intent that leadership functions as a “release train” enabling cross-team flow
- Ensures operational rhythm for high meeting volume and action tracking (the operational model includes 10–15 internal CMS meetings per month with agendas/minutes/action tracking)
- Oversees on-time delivery of contract-wide reporting and metrics (monthly/quarterly as applicable), leveraging dashboards and standardized templates
- Owns scope, cost, and schedule governance, cross-team prioritization, risk/issue management, and stakeholder management across states, ADOs, and CMS program offices
- Establishes and maintains quality management practices, including a Quality Management Plan and surveillance methods/acceptable quality levels, and uses stakeholder reviews to drive continuous improvement
- Ensures delivery aligns with CMS security governance (IS2P2/ARS) and related CMS lifecycle expectations (TLC “Begin Security Authorization” early, maintain required documentation)
- Ensures that Marketplace security work remains within guardrails (does not duplicate enterprise SOC/monitoring; consumes enterprise services; coordinates ADO ISSOs instead of replacing them)
Requirements:
- Bachelor's degree (or higher) in IT, cybersecurity, engineering, public administration, or a related field or equivalent experience (OPM standards generally allow qualification through education/experience combinations depending on series/grade)
- 10+ years leading complex IT/cyber programs; 5+ years in federal/public-sector IT governance environments with formal lifecycle controls (e.g., HHS EPLC / CMS TLC-style governance)
- Program management competency aligned to federal PD templates and guidance (OPM provides standardized project management PD templates and skills-based hiring guidance that can be adapted)
- Ability to run multi-team delivery governance in a regulated environment, including integrated master scheduling and KPI-based reporting
- Working knowledge of CMS security governance concepts: ARS control baseline as minimum required controls; IS2P2 applicability to contractors; coordination across Business Owners and security/privacy officer roles
- Ability to translate policy into executable backlog, ensure audit-ready documentation, and sustain readiness through OE cycles
- Recommended minimum: one recognized program/project/Agile credential (e.g., PMP, PMI-ACP, SAFe, Scrum) as evidence of structured delivery governance; OPM guidance supports skills-based evaluation and emphasizes structured PD content for project manager roles
- Suitability: Must be able to complete CMS fitness/suitability requirements, including background investigation prior to receiving access, consistent with CMS personnel security processes
- Public Trust: Must be able to obtain
- Demonstrated experience managing cross-organization security delivery in high-visibility operational windows (e.g., OE-like surge periods) and integrating risk work into Agile portfolios
- Experience with federal compliance and audit interfaces (e.g., supporting evidence production, audit readiness governance, oversight of POA&Ms at scale) consistent with RMF continuous monitoring practices
- Familiarity with Marketplace federated partners and multi-entity support models (tiered support, ticketing transparency)