Jessica Hoffman

Managing Consultant

Relevant Experience:

Jessica Hoffman has over 15 years of information technology experience within the state and federal government sectors, as well as private industry. Eight of those years were served at the Department of Health and Human Services (DHHS), and the Centers for Medicare and Medicaid Services (CMS) in various Information Technology related roles.

While working at LBMC as a IT Audit Manager, Jessica became the Federal Contracts Security Controls Assessment (SCA) program owner. She continues to improve the SCA process through risk based and layered security specific recommendations, the test once, reuse many concept, and by implementing and understanding real world security and privacy concerns.

Over the years, Jessica has provided an array of IT audit and compliance services, to both public and private sectors with a focus on the safety and privacy of Personally Identifiable Information (PII), Protected Healthcare Information (PHI), and Federal Tax Information (FTI). Additionally, she continues to lead and support audit and consulting efforts including CMS ARS, Security Control Assessments, NIST 800-53 / 800-171 / CSF, SOC, and FedRAMP.

Professional Experience:

While at CMS, Jessica worked for the Office of the Chief Information Security Officer (OCISO) and was the program lead for the $200M Security Controls Assessment (SCA) contract. This contract examined information technology systems for vulnerabilities that could compromise the confidentiality, integrity, and availability of America’s healthcare and financial data.

Two of her many career accomplishments include leading the Federally Facilitated Marketplace (FFM) security efforts for the first three consecutive open enrollment periods, and also serving as the project manager at the inception of the Affordable Healthcare Act (ACA) . These high-profile roles demanded extensive reporting, oversight, and communications with CMS, DHHS, and White House officials. Earlier in her career, Jessica was a ASP.NET programmer for the Pennsylvania State Department of Health, Bureau of Information Technology.

Professional Involvement:

Jessica participates in various cybersecurity groups such as the Howard Tech Council (HTC), ISACA, and HIMSS. She presents regularly on topics related to secure cloud computing, risk management, OWASP Top 10 and industry standards, and various NIST topics and publications.


Jessica currently holds her CISSP certification.


Jessica received her Bachelor of Science degree in Computer Information Systems and Master of Sciene in Instructional Technology from Bloomsburg University, Bloomsburg, Pennsylvania. Her master’s thesis focused on Section 508, IT Accessibility from a Web Developers Perspective.

Contact Information


Provincia Government Solutions is a Nashville TN based Authorized CMMC Third-Party Assessor Organization (C3PAO) and SBA Certified small business specializing in Cybersecurity Assurance Services for government agencies, contractors, and commercial organizations affiliated with government entities.