Compliance & Regulatory Attorney

About The Position

Requirements

• Juris Doctor (J.D.) degree from an accredited law school.
• Must have an active membership and in good standing with a State Bar (e.g., licensed to practice law).
• Significant experience practicing law, focusing on regulatory compliance, specifically within the U.S. government contracting or defense sector.
• A working defense background or prior experience within the Defense Industrial Base (DIB).
• Specialized certification in compliance, information security, or export control (e.g., CCEP, CISSP, or equivalent).
• Deep understanding of the Federal Acquisition Regulation (FAR) and Defense Federal Acquisition Regulation Supplement (DFARS).
• Expert knowledge of the International Traffic in Arms Regulations (ITAR) and, where applicable, the Export Administration Regulations (EAR).
• Experience with USML/CCL classification and managing a Technology Control Plan (TCP).
• Working knowledge and experience with the CMMC 2.0 framework (targeting Level 2 readiness) and NIST SP 800-171.
• Experience maintaining a System Security Plan (SSP) and associated POA&Ms.
• Familiarity with AS9100 quality standards and MIL-SPEC requirements.
• Proven ability to interpret, translate, and implement complex federal regulations into actionable internal policies and procedures.
• Exceptional analytical skills for detailed contract review (proposals, contracts, and subcontracts).
• Strong legal research, writing, and advisory skills to serve as the internal Subject Matter Expert (SME).
• Demonstrated ability to develop, implement, and maintain comprehensive compliance programs and strategies.
• Excellent communication and interpersonal skills for interacting with all levels of the organization and external government/contracting entities.
• Ability to manage complex projects (e.g., CMMC readiness) and maintain compliance documentation (SSP, POA&Ms).

Responsibilities

• Compliance Strategy & Oversight : Develop, implement, and maintain comprehensive compliance programs, policies, and practices related to government contracting, export controls, and information security.
• Regulatory Guidance : Serve as the central point of contact for interpreting and translating new regulatory requirements (e.g., FAR, DFARS, ITAR, CMMC) into actionable internal practices and provide legal support and advice to the organization regarding the laws, regulations, and industry standards that affect business operations, ensuring the organization operates ethically and legally.
• Government Contract Review (FAR/DFARS): Perform detailed review of proposals, contracts, and subcontracts to ensure flow-down compliance with all relevant FAR and DFARS clauses. Review terms related to data rights, government property, IP, and cybersecurity (e.g., DFARS 252.204-7012, 7019, 7020, 7021).
• Cybersecurity Compliance (CMMC 2.0): Manage efforts for continuous compliance with the CMMC 2.0 framework (targeting Level 2 readiness). Maintain the System Security Plan (SSP) and POA&Ms based on NIST SP 800-171.
• Export Control (ITAR): Manage the company's comprehensive compliance program with ITAR and, where applicable, EAR. Ensure proper classification of products (USML/CCL) and oversee the Technology Control Plan (TCP).
• Quality Assurance (AS9100): Conduct quality assurance activities in compliance with AS9100 standards and MIL-SPEC requirements.

Benefits

• Medical, dental, and vision insurance for you and your family
• Competitive salary
• Bonus programs
• 401K retirement plan
• Training opportunities
• Tuition reimbursement
• Paid vacation, PTO, and holidays
• Gym reimbursements, and more!