Senior ERM Lead

Job ID
# of Openings
Financial Management
Clearance Level

Company Description

Spry is a certified Small Disadvantaged Business (SDB) headquartered in McLean, VA. Spry provides Enterprise, C4IT, Management, and Cyber Solutions to the federal government and commercial entities. Founded in 2001, Spry Methods was built on the foundation of combining industry knowledge with unmatched responsiveness to produce results for our customers. Our goal is to build a business dedicated to the maximization of value for all stakeholders starting with our employees, our customers, and our community. We recognize that talented and dedicated employees are our most valued assets and the foundation of our success. Guided by these principles, we have established an impressive track record of proven past performance serving our customers within the Commercial, Federal Civilian, DoD, and Intelligence Communities. A CMMI Level 3 certified and ISO 9001:2008 registered company, Spry is committed to quality and continuous improvement.

Job Responsibilities and/or Success Factors

  • Understanding of cross-domain risk management frameworks (RMF)
  • Develop and implement risk management frameworks and procedures in the areas of enterprise, cyber and information risk management to facilitate compliance with OMB Circulars A-123 and A-130, FISMA and Privacy requirements.
  • Ensure that Stakeholders understand requirements to adhere to identify and manage risk in accordance with regulatory mandates, standards and guidelines
  • Assist clients by serving as the daily risk management point of contact
  • Significant and/or expert knowledge and hands-on experience in the areas of Enterprise Risk Management, cross-functional domain risk management, FISMA, NIST 800-series standards and guidelines, FIPS, risk mitigation [e.g., Plan of Action & Milestones (POA&M) policies, procedures and solutions.
  • Understand Federal Information Assurance policies and procedures to acquire and maintain an Information System's Authority to Operate (ATO) under The Federal Information Security Modernization Act (FISMA) of 2014 following NIST 800-53 guidelines and NIST 800-53a security controls assessment practices
  • Proficient in conducting risk assessments and well-versed in determining, interpreting, communicating and developing mitigating solutions to address critical risks
  • Experience in project management and tracking, and the Microsoft suite of office products - Word, Excel, PowerPoint
  • Maintain up to date documents such as procedures, work instructions, plans and manuals

Required skills and experience include

  • Must have an understanding of risk management practices across a range of functional areas (Enterprise, Cyber, Information, Third Party)
  • 10-15 years of experience delivering and managing the delivery of cross-functional risk management solutions
  • CISM or GSEC
  • Excellent written and verbal skills

EEO Statement

At Spry, we believe talented and dedicated employees are our most valued assets and the foundation of our success. We are committed to crafting a diverse and inclusive workplace that endorses engagement, creativity, quality and innovation.
We are proud to be an Affirmative Action and Equal Opportunity Employer and as such, we evaluate qualified candidates in full consideration without regard to race, color, religion, sex, sexual orientation, gender identity, marital status, national origin, age, disability status, protected veteran status, and any other protected status. 


Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed