Jobs › IT CYBERSECURITY SPECIALIST (INFOSEC)
IT CYBERSECURITY SPECIALIST (INFOSEC)
Role at a glance
- Category
- GRC
- Work arrangement
- On-site
- Location
- Fort Meade, Maryland
- Salary range
- $143,913 to $187,093
- Posted
- Jul 14, 2026
Defense Information Systems Agency is hiring a IT CYBERSECURITY SPECIALIST (INFOSEC) in Fort Meade, Maryland. This is a GRC role in the governance, risk, and compliance field, with a posted range of $143,913 to $187,093. Review the full details below and apply directly with Defense Information Systems Agency.
This position is being recruited under 10 USC 1599f into the Cyber Excepted Service and does NOT convey eligibility to be converted to the Competitive Service. It has been identified as a position necessary to carry out and support the mission of the US Cyber Command. It is in the Professional Work Category at the Senior Work Level within the CES Occupational Structure. It is located in the DISA EII/RISK MANAGEMENT DIRECTORATE. Qualifications: In order to qualify for this position, you must meet the requirements described below. Basic Requirements: Attention to Detail - experience reviewing my own information technology-related work or data and have been responsible for reviewing the work of others to ensure accuracy, completeness, and consistency with standards Customer Service - developing and maintaining relationships with customers, anticipating and assessing the current and future information technology needs of customers, and developing or identifying information technology products or services that are tailored to meet customer needs Oral Communication - briefing senior-level management and IT staff on the status of information technology systems, projects, or daily operations, including the communication of complex technical information to a non-technical audience Problem Solving - identifying alternatives to address unique, highly complex, or sensitive information technology-related issues. I have anticipated information technology-related problems and have identified and evaluated potential sources of information to generate alternative solutions Qualifying Experience: To qualify at the GG-14, your resume must describe at least one year of experience that demonstrates the competencies necessary for immediate success in the position. Experience refers to any paid or unpaid experience, including volunteer work and Military service, that would be considered equivalent to work normally performed at the next lower grade level in the federal service. For this position, qualifying experience is defined as: Experience in leading and conducting comprehensive IT cybersecurity assessments, validations, and risk analyses for cloud-based systems, to include developing and implementing security policies, standards, and authorization recommendations. **Combination of education and experience is not applicable for this position.** Candidates must describe how they meet the qualifying experience and/or selective placement factor(s) within the body of their
Full responsibilities and requirements are on Defense Information Systems Agency's application page.
Apply for this role →Location and market context
This role is based in Fort Meade, Maryland on-site. Local candidates benefit from being close to Defense Information Systems Agency's teams and regional hiring market. Confirm the exact in-office expectation and any relocation support with the employer.
About cybersecurity governance roles
Cybersecurity governance connects security control frameworks to business and regulatory risk, covering policy, risk assessment, and control assurance rather than hands-on operations. Roles like this one are typically evaluated against frameworks such as NIST CSF, ISO/IEC 27001, SOC 2, and security risk and control-assurance practices.
How to position yourself for this cybersecurity governance role
Strong candidates emphasize security control frameworks, risk assessment, policy and standards, and translating technical security posture into governance and board-level reporting. In your resume and outreach, tie your experience to how Defense Information Systems Agency would apply NIST CSF, ISO/IEC 27001, SOC 2, and security risk and control-assurance practices, and lead with concrete outcomes rather than duties.
Similar GRC roles
More GRC jobs: All GRC roles · Browse by category & location