GRC CareersConnecting Talent and Trust. Post a Job Log in

JobsVirginiaQuanticoINFORMATION SECURITY SPECIALIST (INFO SEC/CMCC SPEC)

INFORMATION SECURITY SPECIALIST (INFO SEC/CMCC SPEC)

U.S. Marine Corps
CybersecurityOn-siteFull-timeQuantico, Virginia$46610 - $111087 Per Year

U.S. Marine Corps is hiring for the role of INFORMATION SECURITY SPECIALIST (INFO SEC/CMCC SPEC), Quantico, Virginia (On-site). This is a Cybersecurity role in the governance, risk, and compliance field, with a posted range of $46610 - $111087 Per Year. Review the full details below and apply directly with U.S. Marine Corps.

Organization: U.S. Marine CorpsLocation: Quantico, VirginiaWorkplace: On-siteFocus: CybersecuritySalary: $46610 - $111087 Per YearPosted: Jul 11, 2026
U.S. Marine Corps is hiring for this Cybersecurity role in Quantico, one of the metros GRC Careers tracks for governance, risk, and compliance hiring. See other GRC roles in Quantico →

You will serve as a INFORMATION SECURITY SPECIALIST (INFO SEC/CMCC SPEC) in the MARCORSYSCOM.

Qualifications: Your resume must demonstrate at least one year of specialized experience at or equivalent to the GS-09 grade level or NH-02 pay band in the Federal service or equivalent experience in the private or public sector. Specialized experience must demonstrate the following: - Strategic Recommendations: Proactively generates and weighs multiple alternative security solutions, making highly effective, risk-managed recommendations that successfully balance mission requirements with strict security compliance. - Stakeholder Collaboration: Proven ability to lead collaborative problem-solving efforts with cross-functional stakeholders, ensuring security decisions protect sensitive data without impeding operational workflows. - Root-Cause Analysis: Demonstrates strong capability in identifying and analyzing complex security vulnerabilities, pinpointing the root causes of policy non-compliance rather than just treating symptoms. - Regulatory Execution: Exhibits precise, hands-on expertise in applying classification, marking, and safeguarding rules to complex military, technical, or operational documents. - Lifecycle Oversight: Successfully manages the full lifecycle of classified material, including secure transportation, storage, and the execution of accurate redacting and declassification procedures. - Quality Assurance: Actively conducts quality assurance reviews of marked materials, identifying and correcting classification discrepancies to prevent accidental spills or unauthorized disclosures. - Policy Implementation: Applies thorough knowledge of national, DoD, and executive security policies to protect national security information from unauthorized disclosure. - Risk Management: Effectively conducts risk assessments and implements protective measures tailored to secure networks, physical spaces, and physical assets. - Incident Response: Demonstrates readiness or experience in detecting, reporting, and mitigating potential security infractions, compromises, or data spills swiftly. - Clear Communication: Communicates complex security data and updates clearly and securely using multiple approved methods to keep stakeholders informed of critical changes. - Data Acquisition: Efficiently gathers, evaluates, and verifies information from diverse sources, ensuring data accuracy and relevance before integrating it into security systems. - Information Security Liaison: Liaison with IT professionals in facilitating secure information sharing across multiple enclaves (e.g., NIPR, SIPR), ensuring data is safely disseminated only to authorized personnel with a need-to-know. - Technical Comprehension: Comprehends and interprets dense technical regulations, security classification guides (SCGs), and federal instructions. - Practical Application: Translates abstract, high-level policies into concrete, actionable steps for specific, everyday operational security scenarios. - Guidance & Compliance: Serves as a reliable interpreter of rules for the team, ensuring that unit-level procedures remain strictly aligned with overarching federal guidelines. Additional qualification information can be found from the following Office of Personnel Management web site: https://www.opm.gov/policy-data-oversight/classification-qualifications/general-schedule-qualification-standards/#url=List-by-Occupational-Series Experience refers to paid and unpaid experience, including volunteer work done through National Service programs (e.g., professional, philanthropic, religious, spiritual, community, student, social). Volunteer work helps build critical competencies, knowledge, and skills and can provide valuable training and experience that translates directly to paid employment.

Location and market context

This role is based in Quantico on-site. Local candidates benefit from being close to U.S. Marine Corps's teams and regional hiring market. Confirm the exact in-office expectation and any relocation support with the employer.

About cybersecurity governance roles

Cybersecurity governance connects security control frameworks to business and regulatory risk, covering policy, risk assessment, and control assurance rather than hands-on operations. Roles like this one are typically evaluated against frameworks such as NIST CSF, ISO/IEC 27001, SOC 2, and security risk and control-assurance practices.

How to position yourself for this cybersecurity governance role

Strong candidates emphasize security control frameworks, risk assessment, policy and standards, and translating technical security posture into governance and board-level reporting. In your resume and outreach, tie your experience to how U.S. Marine Corps would apply NIST CSF, ISO/IEC 27001, SOC 2, and security risk and control-assurance practices, and lead with concrete outcomes rather than duties.

Similar GRC roles

Employer, or see something wrong with this posting? Report this posting and we will review it promptly.