Job Title: Compliance Specialist 

Job Type: Full-Time 

Location: Remote 

Return-to-Office Disclaimer: Work location arrangements (remote, hybrid, or onsite) are subject to change based on business needs and client or government requirements. There is no guarantee that a fully remote or hybrid schedule will remain in place indefinitely.    

Compensation/Salary: $75,000 - $85,000 

Authorization Status: Must be Authorized to Work in the U.S.   

Clearance Requirements: N/A-Internal Background Check Required 

About Aleto 

Aleto specializes in federal property management, space planning, and facility management. Aleto primarily supports federal government agencies to create realty solutions, provide facility and space planning support services, and enhance strategic communications.  

We are looking to hire motivated people who are excited to grow with us. You'll have the potential to help improve processes and help identify solutions for our government, supporting the organizations that serve American citizens across the country. We offer the opportunity to work directly with clients to have a real impact on the day-to-day operations of federal agencies. 

We are a growing company that stands firm on our core values: Accountability, Ingenuity, Reliability, Service, and Stewardship. This is what sets us apart from our competitors.  

Our Mission, Vision, and Purpose: 

• Aleto aspires to be the trusted advisor to senior executives for federal leasing and facilities operations decision-making. 

• Aleto is committed to helping federal agencies improve their workspace. 

• Our purpose is to enhance workplaces with our innovations, while maintaining trust with dependable, responsible, and high-quality service.  

We work hand-in-hand with our partners, from start to finish, to ensure we're identifying and delivering the best solutions based on their business needs. 

We offer paid vacation, sick time, paid federal holidays, parental leave, full medical/dental/vision, and a 401(k).  

Aleto is an Equal Opportunity Employer, and all qualified applicants will receive consideration for employment without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, or any other characteristic protected by federal, state or local laws.  

What we are looking for  

Aleto Inc. is seeking to hire a Compliance Manager to provide governance, coordination, and assurance for the organization’s compliance obligations related to government contracting, information security, quality management, organizational governance, and applicable regulatory frameworks. The role oversees the maintenance and continual improvement of the organization’s Integrated Management System (IMS), within leadership approved scope, and coordinates cross‑functional compliance activities, including those affecting human capital and employment related regulatory obligations. 

The Compliance Manager establishes and maintains required compliance documentation; monitors conformance through internal audits, assessments, and risk activities; and coordinates external audits and assessments. The role ensures objective evidence is available to support certification, contractual, and regulatory requirements. 

This position does not implement or operate technical, administrative, or physical controls. Responsibility for control implementation remains with designated system and process owners. The Compliance Manager verifies conformance, tracks corrective actions, and supports risk based decision-making by leadership. 

The Compliance Manager serves as a central point of coordination for compliance related communication with auditors, assessors, customers, and government entities, and promotes organizational awareness of compliance responsibilities and accountability. 

 Interview Process 

If you are selected for an interview, Aleto will contact you by email to arrange an interview via an online platform, such as MS Teams, Zoom, or by telephone. The entire interview process can average around 3 weeks from the time you are initially contacted to interview. After all candidates are interviewed, Aleto will notify you of your application status.  

If an offer is extended, the start date is determined based on factors such as availability and the amount of time it takes for the government's background clearance process (depending on the client).  

Visit our website at www.aletosolutions.com to learn more about Aleto, Inc.  
 

Compliance Manager -Essential Job Duties   

Duties include the following.  Other duties may be assigned. 

Compliance Governance & Management Systems 

• Provide governance and oversight of the organization’s Integrated Management System (IMS), including ISO/IEC 27001 (ISMS) and ISO 9001 (QMS), within leadership approved scope. 

• Monitor conformance of information security and quality management processes to applicable ISO requirements supporting government contracting deliverables and audits. 

• Maintain management system documentation, including policies, procedures, Statements of Applicability, risk registers, and governance records. 

Audits, Assessments, and Assurance 

• Plan, coordinate, and conduct internal ISO and compliance audits, ensuring objectivity and appropriate segregation of duties. 

• Maintain certification and assessment documentation and coordinate external audits, surveillance activities, and assessments. 

• Monitor compliance performance through audits, assessments, and reviews, and report results to leadership. 

• Track and verify completion of corrective actions arising from audits, assessments, incidents, or identified nonconformities. 

CMMC & Federal Cybersecurity Compliance 

• Coordinate and maintain a CMMC 2.0 compliance program, aligned with organizational cybersecurity strategy and applicable NIST requirements. 

• Prepare, maintain, and manage CMMC‑related documentation, including SSPs, POA&Ms, risk assessments, assessment artifacts, and SPRS score submissions. 

• Serve as a primary liaison with C3PAOs, external assessors, and auditors to support readiness reviews and assessments. 

• Monitor CMMC rule updates and advise leadership on emerging requirements, compliance risks, and improvement opportunities. 

Risk Management & Regulatory Alignment 

• Coordinate recurring risk assessments related to information systems and business processes and support risk treatment and mitigation planning with system and process owners. 

• Analyze organizational processes and systems to identify gaps relative to regulatory, contractual, and ethical requirements. 

• Support compliance with applicable FAR, DFARS, ITAR, FCPA, and other federal contracting requirements by monitoring obligations and coordinating evidence. 

• Support adherence to U.S. Government security frameworks, including NIST RMF and DCSA DAAPM, where contractually applicable. 

Training, Awareness, and Culture 

• Develop and deliver compliance and security awareness training covering ISO processes, CMMC requirements, government contracting obligations, and cybersecurity best practices. 

• Promote a culture of compliance accountability, ethical conduct, and risk based decision‑making across the organization. 

External Interface & Contractual Support 

• Serve as a central point of coordination for compliance related communications with government agencies, customers, auditors, and assessors. 

• Review contractual compliance requirements related to cybersecurity, data protection, and regulatory obligations, coordinating with legal and business stakeholders as appropriate. 

• Support administration of compliance related contract activities, including NDAs, contract modifications, COIs, and GWAC‑specific obligations (e.g., GSA STARS III), in coordination with appropriate functional owners. 

• Support organizational governance and regulatory posting requirements influenced by federal, state, and industry obligations, in coordination with HR and leadership. 

Organizational Governance & Human Capital Compliance (Coordinated) 

• Oversee and coordinate compliance activities influenced by organizational governance, industry standards, and employment related regulatory obligations, in collaboration with Human Capital, Legal, and leadership. 

• Monitor and document requirements for federal and state mandated employment postings and notices, ensuring accurate identification and timely coordination with Human Capital for implementation. 

• Maintain evidence demonstrating awareness, tracking, and coordination of employment related compliance obligations for audit, contractual, or regulatory review. 

• Support updates to governance and compliance documentation impacted by changes in employment laws or workforce related regulatory requirements, as directed by leadership. 

Finance and Administration  

• Support the maintenance of compliance with federal registration and reporting requirements, including System for Award Management (SAM) and Commercial and Government Entity (CAGE)/CAF records, ensuring accuracy, timeliness, and proper renewal of all organizational registrations. 

• Track Transactional Data Reporting (TDR) obligations, including data collection, validation, and submission in accordance with applicable regulatory requirements. 

• Support organizational risk management initiatives, including the planning and execution of corporate insurance renewals, ensuring accurate disclosures and alignment with business operations. 

• Coordinate cross-functional efforts to complete insurance and compliance attestations, including documentation that validates adherence to required internal controls. 

• Partner with IT and Security teams to ensure that cybersecurity insurance requirements are in place, including verification of controls such as multi-factor authentication (MFA), employee security awareness training, automated escalation protocols, and other protective measures. 

• Maintain documentation and audit-ready records supporting compliance with financial, administrative, and risk management obligations. 

Continuous Improvement 

• Utilize established internal controls, audit mechanisms, and monitoring processes to identify, document, and address noncompliance. 

• Support updates to compliance processes and documentation resulting from regulatory changes, audit results, or leadership direction. 

Aleto’s Employee Expectations/Responsibilities  

• Compliance with all Aleto processes, standards, and guidelines including the utilization of the employee and intranet platforms to stay up to date on company news and events, submitting expense reports, providing monthly progress reports, etc. 

• Participate in recurring 1:1 and performance development meetings with your Aleto team lead to discuss current job tasks, promote open dialog/feedback, recognize and celebrate wins, and review positive and purposeful approaches for meeting work-related and professional development goals. 

• Attend team meetings, tri-annual company All-Hands Meetings, and other company-sponsored team-building events to foster and support Aleto's core values, vision, and culture. 

Qualifications/Capabilities/Software Knowledge 

To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required.  

Required Qualifications/Education/Experience: 

• Bachelor’s degree in Cybersecurity, HR, Information Technology, Business, Law, or equivalent experience.  

• 2–5+ years of experience in compliance, cybersecurity, and/or government contracting. 

• Experience with CMMC, NIST SP 800‑171, and ISO 27001 compliance programs. 

• Ability to interpret complex regulations and translate them into actionable internal processes. 

Desired Qualifications/Education/Experience: 

• Professional certifications: CMMC Registered Practitioner/Assessor, CCEP, CISSP, CISA, ISO 27001 Lead Implementer/Auditor. 

• Strong understanding of FAR/DFARS, ITAR, and government contracting requirements. 

• Experience managing audits for CMMC, ISO, or NIST frameworks. 

• Experience preparing government systems for RMF/DAAPM compliance. 

Technological Skills: 

• Microsoft 365 (Word, Excel, SharePoint, OneDrive, Teams) 

• Excel (advanced functions, pivot tables, VLOOKUP/XLOOKUP) 

• Learning Management Systems  

• Preferred systems experience:  

• Confluence / Jira (for documentation + project tracking) 

• Power BI or Tableau 

• SQL basics   

Required Knowledge and Skills: 

• Demonstrates a high degree of independence and sound judgment in daily responsibilities. 

• Exhibits the ability to stay focused on objectives and make timely decisions. 

• Able to independently research, analyze, and resolve complex issues with minimal supervision. 

• Strong analytical and problem‑solving abilities 

• Excellent written and verbal communication skills 

• Ability to manage cross‑functional projects and multi‑framework compliance efforts 

• Attention to detail and high ethical standards 

• Familiarity with compliance management tools and documentation systems 

Other: 

• Highest level of integrity managing confidential information 

What We Offer: Benefits and Perks 

At Aleto, we recognize that our employees are our most valuable assets. We are proud to offer the following employee programs and benefits to enhance our employee’s well-being and total rewards package while practicing our core value of Stewardship.  

Pay Cycle  

Paydays are on the 10th and the 24th of each month.  
 

• Medical Insurance 

Full-time employees are eligible to enroll in Aleto’s Aetna-sponsored health insurance plans. Aleto contributes $400 per month toward employee medical premiums, equal to 75% of the Employee Only premium for the HSA 3300 Base Plan. Employees may select from two HSA-eligible plans or a POS plan. 

• Dental Insurance   

Aleto provides dental insurance coverage through the Aetna PPO 2000 plan. Aleto contributes 75% of the employee’s premium. 

• Vision Insurance  

Aleto provides vision benefits coverage through the Aetna Preferred Vision.  Aleto contributes 75% of the employee’s premium.  

• Pre-Tax Savings Accounts 

The option to enroll in an HSA or FSA depending on elected medical insurance coverage.  

• Disability Insurance:  

Company-paid short-term and long-term disability insurance. 

• Life Insurance: 

Company-paid life insurance coverage.  

• Paid Time Off: 

Paid time off includes eleven federal holidays. Full-time employees accrue PTO at the rate of 5 hours per pay period for a total of three weeks per year. In addition, employees are provided with a separate bank of 40 hours of paid sick leave per year.  

• Retirement Plan: 

Aleto offers full-time employees a 401(k) qualified retirement plan.  

• Professional Development 

Professional Development is identified as job-related training which enables an employee to improve their performance, their development as a professional within the organization, and/or as a means of retaining and developing key skills and competencies related to the demands of the job.  

Environment and Physical Conditions  

While performing the duties of this job, the employee is required to have ambulatory skills sufficient to visit other locations; and the ability to remain in a stationary position at least 50% of the time, move inside and around an office, position themself to access items located in high or low areas, and transport items weighing up to 20 pounds across the office. Requires the constant operation of a computer and other office productivity machinery and the ability to observe details at a close range typically within a few feet of the observer.  The employee interacts frequently with other workers, vendors, and clients and will communicate information and ideas so others will understand and must be able to exchange accurate information in these situations. The position consistently requires work to be completed in an office environment with artificial light and air. 

To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed above are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions of the position. 

If you have questions or need additional assistance, please contact us at [email protected]