Compliance Manager

Air Methods • Full-time • Englewood, CO, US • 2d ago

Overview

Job Summary

The Compliance Manager oversees United Rotorcraft’s (UR) defense and regulatory compliance initiatives, ensuring adherence to federal standards such as CMMC, DFARS, NIST 800-171, ITAR, and EAR. This role is responsible for safeguarding Controlled Unclassified Information (CUI), managing defense contract obligations, and maintaining export control compliance. The Compliance Manager will foster a culture of accountability and compliance throughout the organization and collaborates with Technology, Operations, Facilities, and Corporate teams to ensure UR remains audit-ready, continuously monitored, and aligned with Department of Defense and other regulatory requirements.

Essential Functions and Responsibilities include the following:

Lead UR’s compliance strategy and program development (CMMC, DFARS, NIST 800-171, ITAR/EAR, CUI handling), including policies, procedures, and controls
Manage audit readiness and external assessments, ensuring documentation, evidence, and control implementation meet regulatory requirements
Ensure supplier and subcontractor compliance by supporting the flow down of contractual, cybersecurity, and export control requirements in coordination with the Contract Admin & CX Services Manager
Partner with Technology, Operations, Facilities, and other functions to ensure security, access, and incident reporting controls are effectively implemented
Monitor regulatory updates (DoD, NARA, BIS, DDTC) and adjust UR compliance programs accordingly
Lead incident reporting and response coordination, ensuring DFARS 252.204-7012 and ITAR/EAR requirements are met
Develop and deliver compliance training and awareness programs for employees and contractors handling CUI or export-controlled data
Maintain compliance metrics and risk tracking, reporting status and findings to UR leadership
Serve as primary liaison with regulatory agencies, including DCAA, DCMA, BIS, and DDTC, and coordinate responses to audits and inquiries
Continuously evaluate and enhance compliance programs, incorporating industry best practices and benchmarking against peers
Oversee third-party risk management, including compliance due diligence and monitoring of vendors and subcontractors
Ensure data privacy and protection compliance, collaborating with IT and legal teams to safeguard sensitive information
Promote ethics and integrity across the organization, investigating and resolving compliance-related concerns
Lead policy governance, including development, review, and lifecycle management of compliance-related policies
Advise senior leadership on strategic compliance risks, mitigation plans, and integration with business objectives
Coordinate crisis and incident response efforts, including breach investigations and remediation planning
Champion a proactive compliance culture, using communication, engagement, and feedback mechanisms
Evaluate and implement compliance technologies, including automation tools for monitoring and reporting
Other duties as assigned

Additional Job Requirements

Regular scheduled attendance
Indicate the percentage of time spent traveling: 10%

Subject to applicable laws and Air Method’s policies, regular attendance is an essential function of the position. All employees must follow Air Methods’ employment practices and policies.

Supervisory Responsibilities

This position may supervise over teammates in the department. Carries out supervisory responsibilities in accordance with the organization’s policies and applicable laws. Responsibilities include interviewing, selecting, hiring, and training employees; planning, assigning, and directing work; appraising performance; rewarding and disciplining employees; and addressing complaints and resolving problems. For exempt managers: managers that carry out these responsibilities for two or more employees will have significant input in hiring and termination decisions.

Qualifications

To perform this job successfully, an individual must be able to perform each essential function satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. In accordance with applicable laws, Air Methods will provide reasonable accommodations that do not create an undue burden so disabled employees may perform the essential functions of the position.

Education & Experience

Bachelor’s degree (BS/BA) in a Cybersecurity, Information Systems, Business, or related field from a four-year college or university; and seven (7) or more years related experience and/or training; or equivalent combination of education and experience
Master’s degree preferred
7+ years of experience in compliance, information security, or defense contracting
Experience with DFARS, CMMC, ITAR, EAR, and related frameworks
Familiarity with NIST standards (SP 800-171, SP 800-53) and incident reporting under DFARS
Background in aerospace/defense or regulated industries strongly preferred

Skills

Defense & Export Compliance Expertise: Strong understanding of CMMC, DFARS, NIST 800-171, ITAR, and EAR requirements
Supplier Compliance & Risk Management: Ability to ensure compliance flow downs to suppliers/subcontractors, monitor adherence, and manage supply chain risk in alignment with DoD regulations
Audit & Assessment Readiness: Experience preparing organizations for DoD audits, CMMC assessments, and government security reviews
Incident Management: Ability to coordinate DFARS-compliant incident reporting, including DoD/DC3 submissions
Policy & Program Development: Skilled in creating compliance policies, security procedures, and evidence repositories
Risk & Continuous Monitoring: Proficient in compliance risk management, monitoring controls, and implementing remediation plans
Cross-Functional Collaboration: Ability to partner with Contract Administration and key business functions to align compliance programs with contractual, customer, and organizational requirements
Training & Communication: Strong skills in educating non-technical staff and building compliance culture
Strategic Leadership: Able to translate regulatory requirements into practical business processes and long-term compliance roadmaps

Computer Skills

Proficient with Microsoft Office Suite, including PowerPoint, Visio, Word, Excel, Project, and SharePoint

Certificates, Licenses, Registrations

Relevant certifications in compliance and security (e.g., CMMC Professional/Assessor, CISSP, CISM, CISA, CCSK, ITAR/EAR export control training) preferred

Note: This job description is not intended to be an exhaustive list of all duties, responsibilities, or qualifications associated with the position.

Air Methods is an EEO/AA employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status.

Minimum pay

USD $102,742.00/Yr.

Maximum Pay

USD $125,000.00/Yr.

Related Jobs

Apply