• FISMA Specialist

    Job Locations US-CO-Denver
    Job ID
    # of Openings
    Cyber Services
    Clearance Level
    DOI Background Clearance
  • Company Description

    Spry is a certified Small Business (SB) headquartered in McLean, VA. Spry provides Enterprise, C4IT, Management, and Cyber Solutions to the federal government and commercial entities. Founded in 2001, Spry Methods was built on the foundation of combining industry knowledge with unmatched responsiveness to produce results for our customers. Our goal is to build a business dedicated to the maximization of value for all stakeholders starting with our employees, our customers, and our community. We recognize that talented and dedicated employees are our most valued assets and the foundation of our success. Guided by these principles, we have established an impressive track record of proven past performance serving our customers within the Commercial, Federal Civilian, DoD, and Intelligence Communities. A CMMI Level 3 certified and ISO 9001:2008 registered company, Spry is committed to quality and continuous improvement.


    Spry Methods is seeking a FISMA Specialist to support a contract in Denver, CO. The United States Bureau of Reclamation (USBR) Risk Management Services Group (RMSG) is responsible for implementing and maintaining compliance with Federal cybersecurity and related privacy requirements. The RMSG leads the USBR FISMA Compliance Program which manages all activities associated with the National Institutes of Science and Technology (NIST) Risk Management Framework (RMF).

    Job Responsibilities and/or Success Factors

    • Work with part of team to implement and maintain compliance with Federal Information Security Management Act (FISMA) requirements.
    • FISMA-related activities to include system security plans, contingency plans, incident response plans, configuration management plans, security control requirements and assessments, Plan of Action and Milestones (POA&M), and training requirements.
    • Implementing requirements and guidance as indicated in the documents identified in Section 3.0 References.
    • Writing policies, procedures, guidance, standards and instructional materials
    • Working with inter-agency teams to design, develop and implement FISMA compliant solutions that meet current and future business requirements and enhance and optimize the existing security architecture.
    • Knowledge of and experience with Federal Privacy requirements to include Privacy Impact Assessments PIA and personally identifiable information (PII).

    Required skills and experience include

    • Bachelor’s degree or experience in lieu of degree
    • A minimum of five years’ experience in Applying NIST SP 800-37 Risk Management principles, interpreting requirements, and developing implementation guidance
    • Ability to travel either occasionally or continuously (the predominant service area includes the seventeen western United States, but may include other locations as required for client needs)
    • U.S. Citizenship

    Preferred skills

    • Working knowledge of ICS/SCADA

    EEO Statement

    At Spry, we believe talented and dedicated employees are our most valued assets and the foundation of our success. We are committed to crafting a diverse and inclusive workplace that endorses engagement, creativity, quality and innovation.


    We are proud to be an Affirmative Action and Equal Opportunity Employer and as such, we evaluate qualified candidates in full consideration without regard to race, color, religion, sex, sexual orientation, gender identity, marital status, national origin, age, disability status, protected veteran status, and any other protected status.


    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed