Jobs › IT Cybersecurity Specialist (INFOSEC/Strategic Planning and Policy)
IT Cybersecurity Specialist (INFOSEC/Strategic Planning and Policy)
Role at a glance
- Category
- GRC
- Work arrangement
- On-site
- Location
- Washington, District of Columbia
- Salary range
- $143,913 to $187,093
- Posted
- Jul 14, 2026
Treasury, Departmental Offices is hiring a IT Cybersecurity Specialist (INFOSEC/Strategic Planning and Policy) in Washington, District of Columbia. This is a GRC role in the governance, risk, and compliance field, with a posted range of $143,913 to $187,093. Review the full details below and apply directly with Treasury, Departmental Offices.
This position is located at Departmental Offices, Domestic Finance - Financial Institutions. The purpose of this position is to support the Treasury Department's role as the Sector Risk Management Agency (SRMA) for Financial Services, under the FY 2021 National Defense Authorization Act, to strengthen the security and resilience of its critical infrastructure against both physical and cyber threats. Qualifications: You must meet the following requirements within 30 days of the closing date of this announcement. SPECIALIZED EXPERIENCE: For the GS-14, you must have one year of specialized experience at a level of difficulty and responsibility equivalent to the GS-13 grade level in the Federal service. Specialized Experience for this position includes: -Identifying cybersecurity threats and providing technical guidance on cybersecurity matters; as well as interpreting and making recommendations on cybersecurity policies and leading IT related projects. Examples of such experience could include: - Carrying out activities that support critical infrastructure security and resilience, promote public-private partnerships, and work to engage the independent regulatory community with executive branch agencies; OR - Working with financial sector IT, cybersecurity experts, technology developers and/or the Research & Development community to study, analyze, and describe risks for emerging technologies, recommend any appropriate mitigating security measures, or other measures to minimize risk; OR - With supervisors general direction, proposing and drafting cybersecurity policy, guidance, or regulation interpretation, with major scope and impact (e.g., federal, US national, or multinational) for the financial services sector. The experience may have been gained in either the public, private sector or volunteer service. One year of experience refers to full-time work; part-time work is considered on a prorated basis. To ensure full credit for your work experience, please indicate dates of employment by month/day/year, and indicate number of hours worked per week on your resumé. In addition to specialized experience, individuals must have IT-related experience demonstrating each of the nine competencies listed below. 1. Attention to Detail, 2. Customer Service, 3. Decision Making, 4. Information Management, 5. Interpersonal Skills, 6. Oral Communication, 7. Problem Solving, 8. Teamwork, 9. Technical Competence For the required proficiency levels and competency
Full responsibilities and requirements are on Treasury, Departmental Offices's application page.
Apply for this role →Location and market context
This role is based in Washington, District of Columbia on-site. Local candidates benefit from being close to Treasury, Departmental Offices's teams and regional hiring market. Confirm the exact in-office expectation and any relocation support with the employer.
About cybersecurity governance roles
Cybersecurity governance connects security control frameworks to business and regulatory risk, covering policy, risk assessment, and control assurance rather than hands-on operations. Roles like this one are typically evaluated against frameworks such as NIST CSF, ISO/IEC 27001, SOC 2, and security risk and control-assurance practices.
How to position yourself for this cybersecurity governance role
Strong candidates emphasize security control frameworks, risk assessment, policy and standards, and translating technical security posture into governance and board-level reporting. In your resume and outreach, tie your experience to how Treasury, Departmental Offices would apply NIST CSF, ISO/IEC 27001, SOC 2, and security risk and control-assurance practices, and lead with concrete outcomes rather than duties.
Similar GRC roles
More GRC jobs: All GRC roles · Browse by category & location