Back to jobs
New

Director of Compliance

Sterling, Virginia

Title: Director of Compliance
Company: Heven AeroTech
Location:
FLSA: Exempt
Reports To: Chief of Staff

About Our Company:

At Heven AeroTech (Heven), we don’t just believe in the power of people—we build our success on it. As a recognized leader in hydrogen-powered drones, we’ve earned recognition for creating a workplace where innovation thrives, collaboration is second nature, and every employee feels valued. Our culture is anchored in trust and a shared commitment to excellence.

We believe great teams are built on individuals who are humble, hungry, and smart—those who put team success first, take initiative to continuously improve, and demonstrate strong interpersonal awareness. At Heven, your voice matters, your ideas are heard, and your contributions make a tangible impact as you grow through hands-on experience and collaboration across the team.

Role Summary:
The Director of Compliance leads Heven AeroTech’s enterprise-wide compliance program, ensuring adherence to federal export control laws (ITAR/EAR), industrial security requirements (NISPOM), cybersecurity mandates (CMMC/NIST 800-171), ethics obligations, occupational safety regulations, and employee benefits laws. Operating at the intersection of legal obligation and operational execution, this role directly supervises the Safety Manager and IT Administrator, advises executive leadership on regulatory risk, and fosters a culture of compliance and ethical conduct throughout the defense industrial base.

Essential Responsibilities:

Export Controls — ITAR / EAR Compliance Oversight

  • Provide strategic oversight of Heven AeroTech’s export compliance obligations under the International Traffic in Arms Regulations (ITAR) and Export Administration Regulations (EAR), whether administered through a qualified internal Empowered Official (EO) or a contracted external compliance resource.
  • Ensure the designation, performance management, and accountability of the Empowered Official function; serve directly as EO or manage the engagement of an external ITAR/EAR compliance consultant or law firm as operationally appropriate.
  • Oversee the development, maintenance, and continuous improvement of the Technology Control Plan (TCP) and Export Management and Compliance Program (EMCP).
  • Provide executive-level review and approval authority over export license applications, Technical Assistance Agreements (TAAs), Manufacturing License Agreements (MLAs), and commodity classifications (USML/CCL).
  • Ensure execution of export control audits, restricted party screening, and voluntary disclosure management to DDTC and BIS; maintain accountability for timely and accurate reporting.
  • Ensure export control training programs meet regulatory requirements under 22 C.F.R. Part 122 and 15 C.F.R. Part 762, whether delivered internally or through an external provider.

Facility Security Officer (FSO) / Industrial Security

  • Serve as or directly supervise the Facility Security Officer (FSO), ensuring compliance with the National Industrial Security Program Operating Manual (NISPOM) / 32 C.F.R. Part 117.
  • Manage personnel security clearance processes including investigations, visit authorizations, and incident reporting through DISS and related government systems.
  • Maintain and administer the facility’s Standard Practice and Procedure (SPP) and ensure full Insider Threat Program compliance.
  • Interface with the Defense Counterintelligence and Security Agency (DCSA) for facility inspections, program reviews, and adverse information reporting.
  • Oversee classified storage, document control, secure communication requirements, and SCI/SAP access where applicable.

Information Security (InfoSec) / Cybersecurity Compliance

  • Lead compliance with Cybersecurity Maturity Model Certification (CMMC), NIST SP 800-171, and DFARS 252.204-7012 for the protection of Controlled Unclassified Information (CUI).
  • Oversee the development and maintenance of the System Security Plan (SSP), Plans of Action & Milestones (POA&Ms), and incident response procedures.
  • Directly supervise the IT Administrator; provide strategic direction and oversight of IT operations to ensure information systems, networks, and cloud environments meet CMMC, NIST SP 800-171, and applicable cybersecurity compliance requirements.
  • Manage cybersecurity incident reporting obligations to the DoD and relevant program offices within required timelines.
  • Support CMMC third-party assessment organization (C3PAO) assessments and maintain certification documentation.

Ethics & Business Conduct

  • Administer Heven AeroTech’s Code of Business Ethics and Conduct and ensure compliance with FAR 52.203-13 (Contractor Code of Business Ethics and Conduct).
  • Manage the ethics hotline and reporting system; investigate potential violations and coordinate with HR, Legal, and management on corrective actions and disciplinary outcomes.
  • Design and deliver ethics training programs and awareness campaigns across all employee levels.
  • Prepare and submit timely disclosures to the Government for violations of federal criminal law and the False Claims Act as required.
  • Chair or support the company’s Ethics & Compliance Committee; report to the Board Audit Committee or designated executive officer as required.

Environmental, Health & Safety (EHS) Compliance

  • Provide compliance oversight for occupational health and safety obligations under OSHA 29 C.F.R. Part 1910 and applicable state regulations within an aerospace manufacturing environment.
  • Ensure regulatory compliance related to hazardous materials handling, chemical hygiene plans, and process safety requirements where applicable.
  • Oversee OSHA recordkeeping and reporting (300/301 logs), incident investigation processes, and interface with OSHA inspectors and regulatory authorities.
  • Directly supervise the Safety Manager; provide leadership, performance oversight, and development guidance while ensuring EHS program activities align with company compliance objectives and regulatory requirements.
  • Monitor EPA and environmental compliance obligations related to manufacturing operations, including waste disposal, air emissions, and stormwater management.

HIPAA & Benefits Compliance

  • Ensure the company’s health plan and benefits administration practices comply with HIPAA Privacy and Security Rules, including Business Associate Agreement (BAA) oversight.
  • Oversee ERISA compliance for welfare benefit plans and coordinate with benefits counsel and third-party administrators on regulatory filings (Form 5500, SPDs, SARs).
  • Monitor ACA employer compliance obligations, including applicable large employer (ALE) reporting (Forms 1094-C/1095-C) and affordability determinations.
  • Manage HIPAA incident response and breach notification obligations; conduct workforce training on PHI handling and minimum necessary standards.
  • Collaborate with HR and Finance on benefits regulatory updates from DOL, IRS, and HHS that affect plan design and administration.

General Compliance Program Leadership

  • Develop, maintain, and continuously improve the enterprise compliance program, including risk assessments, policies, procedures, internal controls, and monitoring activities.
  • Report regularly to executive leadership and the Board on compliance risk, program effectiveness, and emerging regulatory developments.
  • Build and manage a high-performing compliance function; provide direct supervision of the Safety Manager and IT Administrator, and establish clear roles, responsibilities, and development plans for all direct reports and external compliance partners.
  • Manage external legal counsel, compliance consultants, and related vendors; oversee compliance program budgets and resource allocation.
  • Lead internal compliance investigations, root cause analyses, and corrective action plan implementation.
  • Maintain the compliance regulatory calendar and ensure timely submission of all mandatory filings and certifications.

Qualifications & Experience:

Required:

  • Bachelor’s degree in Law, Business Administration, Political Science, Engineering, or a related field; J.D. or advanced degree strongly preferred.
  • Minimum 10 years of progressive compliance or regulatory experience, with at least 5 years in a leadership role within a defense or aerospace environment.
  • Secret (TS/SCI Preferred)
  • Demonstrated expertise in ITAR/EAR export controls, NISPOM/industrial security, and CMMC/NIST 800-171 cybersecurity frameworks.
  • Active DoD security clearance (Secret minimum); TS/SCI eligibility preferred.
  • Proven experience managing ethics programs, hotline operations, and internal compliance investigations.
  • Working knowledge of HIPAA, ERISA, ACA, and employee benefits compliance requirements.
  • Strong understanding of FAR/DFARS, government contracting requirements, and False Claims Act exposure.
  • Exceptional written and oral communication skills with the ability to present complex regulatory topics to executive leadership and non-technical audiences.

Preferred:

  • Certified Compliance & Ethics Professional (CCEP) or Certified Export Compliance Officer (CECO) designation.
  • FSO certification through DCSA or equivalent industrial security training credential.
  • Experience registered as an Empowered Official with DDTC, or demonstrated ability to oversee and manage an EO function through an external resource.
  • CMMC Registered Practitioner (RP) or Certified Professional (CP) designation.
  • Experience operating within a DCAA-audited environment with familiarity with Cost Accounting Standards (CAS).
  • Prior experience with AS9100 quality management system compliance in an aerospace context.
  • MBA or advanced degree.

Physical Requirements:

  • Prolonged periods of sitting at a desk and working on a computer.
  • Frequent use of hands and fingers for typing, writing, and operating office equipment.
  • Ability to communicate verbally and in writing with internal and external stakeholders.
  • Regular standing and walking, including within manufacturing, warehouse, and production floor environments.
  • Ability to move throughout production facilities to observe operations, conduct compliance reviews, and engage with cross-functional teams.
  • Occasional bending, reaching, and stooping.
  • Ability to lift and carry up to 20 pounds occasionally (e.g., documents, binders, equipment).
  • Ability to wear required personal protective equipment (PPE) when entering manufacturing or regulated production areas.
  • Visual acuity sufficient to review detailed reports, regulatory documents, contracts, and operational metrics.
  • Ability to travel domestically (and internationally, if applicable) for government agency visits, audit support, site reviews, and industry conferences.

Benefits Overview: 
Heven AeroTech offers a competitive benefits package designed to support the health, financial security, and overall well-being of our employees and their families. Benefits include medical, dental, and vision coverage, retirement plans, paid time off/sick, and additional protections such as critical illness, hospital indemnity, accident coverage, and short- and long-term disability.

Equal Employment Opportunity Statement: 
Heven AeroTech is an Equal Opportunity Employer and considers all qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, or any other protected characteristic under applicable law.

Salary Range:

$100,000 - $165,000 USD

Create a Job Alert

Interested in building your career at Heven AeroTech? Get future opportunities sent straight to your email.

Apply for this job

*

indicates a required field

Phone
Resume/CV*

Accepted file types: pdf, doc, docx, txt, rtf

Cover Letter

Accepted file types: pdf, doc, docx, txt, rtf


Education

Select...
Select...
Select...
Select...
Select...

Select...

Voluntary Self-Identification

For government reporting purposes, we ask candidates to respond to the below self-identification survey. Completion of the form is entirely voluntary. Whatever your decision, it will not be considered in the hiring process or thereafter. Any information that you do provide will be recorded and maintained in a confidential file.

As set forth in Heven AeroTech’s Equal Employment Opportunity policy, we do not discriminate on the basis of any protected group status under any applicable law.

Select...
Select...
Race & Ethnicity Definitions

If you believe you belong to any of the categories of protected veterans listed below, please indicate by making the appropriate selection. As a government contractor subject to the Vietnam Era Veterans Readjustment Assistance Act (VEVRAA), we request this information in order to measure the effectiveness of the outreach and positive recruitment efforts we undertake pursuant to VEVRAA. Classification of protected categories is as follows:

A "disabled veteran" is one of the following: a veteran of the U.S. military, ground, naval or air service who is entitled to compensation (or who but for the receipt of military retired pay would be entitled to compensation) under laws administered by the Secretary of Veterans Affairs; or a person who was discharged or released from active duty because of a service-connected disability.

A "recently separated veteran" means any veteran during the three-year period beginning on the date of such veteran's discharge or release from active duty in the U.S. military, ground, naval, or air service.

An "active duty wartime or campaign badge veteran" means a veteran who served on active duty in the U.S. military, ground, naval or air service during a war, or in a campaign or expedition for which a campaign badge has been authorized under the laws administered by the Department of Defense.

An "Armed forces service medal veteran" means a veteran who, while serving on active duty in the U.S. military, ground, naval or air service, participated in a United States military operation for which an Armed Forces service medal was awarded pursuant to Executive Order 12985.

Select...

Voluntary Self-Identification of Disability

Form CC-305
Page 1 of 1
OMB Control Number 1250-0005
Expires 04/30/2026

Why are you being asked to complete this form?

We are a federal contractor or subcontractor. The law requires us to provide equal employment opportunity to qualified people with disabilities. We have a goal of having at least 7% of our workers as people with disabilities. The law says we must measure our progress towards this goal. To do this, we must ask applicants and employees if they have a disability or have ever had one. People can become disabled, so we need to ask this question at least every five years.

Completing this form is voluntary, and we hope that you will choose to do so. Your answer is confidential. No one who makes hiring decisions will see it. Your decision to complete the form and your answer will not harm you in any way. If you want to learn more about the law or this form, visit the U.S. Department of Labor’s Office of Federal Contract Compliance Programs (OFCCP) website at www.dol.gov/ofccp.

How do you know if you have a disability?

A disability is a condition that substantially limits one or more of your “major life activities.” If you have or have ever had such a condition, you are a person with a disability. Disabilities include, but are not limited to:

  • Alcohol or other substance use disorder (not currently using drugs illegally)
  • Autoimmune disorder, for example, lupus, fibromyalgia, rheumatoid arthritis, HIV/AIDS
  • Blind or low vision
  • Cancer (past or present)
  • Cardiovascular or heart disease
  • Celiac disease
  • Cerebral palsy
  • Deaf or serious difficulty hearing
  • Diabetes
  • Disfigurement, for example, disfigurement caused by burns, wounds, accidents, or congenital disorders
  • Epilepsy or other seizure disorder
  • Gastrointestinal disorders, for example, Crohn's Disease, irritable bowel syndrome
  • Intellectual or developmental disability
  • Mental health conditions, for example, depression, bipolar disorder, anxiety disorder, schizophrenia, PTSD
  • Missing limbs or partially missing limbs
  • Mobility impairment, benefiting from the use of a wheelchair, scooter, walker, leg brace(s) and/or other supports
  • Nervous system condition, for example, migraine headaches, Parkinson’s disease, multiple sclerosis (MS)
  • Neurodivergence, for example, attention-deficit/hyperactivity disorder (ADHD), autism spectrum disorder, dyslexia, dyspraxia, other learning disabilities
  • Partial or complete paralysis (any cause)
  • Pulmonary or respiratory conditions, for example, tuberculosis, asthma, emphysema
  • Short stature (dwarfism)
  • Traumatic brain injury
Select...

PUBLIC BURDEN STATEMENT: According to the Paperwork Reduction Act of 1995 no persons are required to respond to a collection of information unless such collection displays a valid OMB control number. This survey should take about 5 minutes to complete.