SGB only has a single spam quarantine, so I don't think you can do this. I've posted an Idea to symantec that they use quarantine incident folder for spam quarantine That way you could do something like this. But that wouldn't allow user access to quarantines.
How about this. In your spam rule, add a header X-suspectspam=yes. Then write a compliance policy that checks for the headed, and puts the e-mail into a quarantine incident folder. Give your domain user access to the quarantine via Admin/administartors, uncheck most everything but the incident folder.
With the compliance policy you will be required to define "Accept" and "reject" actions. This is could as it will limit what the domain admin can do to the message.