Project Manager III/Program Manager - HHS STIM

• Lead enterprise application teams using SCRUM and Kanban development methodologies, including oversight of the Enterprise GRC platform and application development, testing, documentation, and stakeholder engagement.
• Manage enterprise GRC platform support across multiple HHS Operating Divisions (OpDivs), ensuring timely delivery of updates, enhancements, and fixes aligned with the System Development Life Cycle (SDLC).
• Oversee scheduling, prioritization, and resource alignment across developers, QA, lab administrators, and business analysts.
• Facilitate planning meetings, Agile sprint reviews, retrospectives, and executive briefings to track progress, identify risks, and support continuous improvement.
• Maintain and manage project plans aligning milestones with Information System Security Manager (ISSM) activities, including Authority to Operate (ATO) deliverables, system enhancements, and compliance-driven requirements.
• Coordinate Change Control Board (CCB) reviews for new functionality and updates, ensuring security and privacy controls are addressed.
• Track and report risk status, Plan of Action and Milestones (POA&M) progress, and compliance activities using dashboards and briefing materials aligned with FISMA and Zero Trust strategy.
• Produce and deliver weekly status reports, metrics, and change request adjudication updates.
• Utilize ServiceNow, Remedy, and Microsoft Project (MS Project) to manage tasks, incidents, and delivery timelines.
• Serve as the primary point of contact with stakeholders, collaborating with security, policy, privacy, system owners, and infrastructure support teams to ensure operational readiness.
• Support program-wide performance measurement and contractor performance assessments.
• Ensure all documentation for project decisions, scope changes, milestones, and onboarding efforts are properly maintained.
• Integrate Open Security Controls Assessment Language (OSCAL)-based documentation for ATO planning, risk tracking, and FISMA audits.
• Ensure adherence to the HHS Enterprise Performance Lifecycle (EPLC) and defined SDLC policies.

• At least 10 years of project and program management experience leading enterprise application teams, including direct oversight of GRC platforms.
• Bachelor’s degree (or higher) in Information Technology, Business, or a related field.
• Preferred certifications: PMP, Certified Scrum Master, Certified Scrum Product Owner, Archer Certified Associate, or equivalent.
• Demonstrated experience managing federal IT projects, compliance documentation, and SDLC processes.
• Strong leadership, organizational, and communication skills with the ability to manage multi-functional initiatives and diverse stakeholder groups.
• Experience with Agile methodologies, risk management, compliance tracking, and performance reporting.
• Working knowledge of HHS security, policy, and privacy governance and compliance documentation processes.

cFocus Software Incorporated