What ITAR Taught Me About Recruiting in National Security

Cleared Recruiting job openings recruiting

Cleared recruiting is about more than finding people. It’s about understanding the environment—mission, compliance, risk, and how your actions intersect with national security. As talent professionals in the defense space, we operate in a system where regulations aren’t just suggestions. They’re guardrails.

And sometimes, those guardrails show up in unexpected ways.

A Gas Mask, a Package, and a Lesson in Compliance

Several years ago, I was leading talent acquisition for a large defense contractor. We did a lot of work OCONUS, and one day, a standard UPS package showed up at our stateside office. It was addressed to one of our program managers. No one on the team—logistics, security, or even the PM—knew it was coming.

He opened it. Inside was a gas mask.

The recruiting team hovered around with curiosity—“Cool,” someone said. But the PM looked puzzled. Then security got involved.

Our Facility Security Officer (FSO)—who, for the record, was absolutely by the book—took one look and said, “This is an ITAR violation.”

The package had no export documents, no end-user declaration, and no indication it was part of an authorized shipment. Just a gas mask in a brown box, sent through UPS.

That moment was a turning point. Most of the team, including myself, didn’t know much about the International Traffic in Arms Regulations. Our FSO explained: ITAR governs the export of defense articles and services. That includes hardware, technical data, and in some cases, even job functions.

It was a stark reminder that in this industry, compliance isn’t about what you meant to do. It’s about what the law says you did.

Scopes of Work Are Not Just Admin Documents

I didn’t think much more about ITAR until years later, when I came across an internal compliance briefing that stated: certain scopes of work and labor categories could be considered ITAR-controlled.

That brought everything full circle.

Here’s why that matters: most recruiting teams work from job descriptions, labor categories, and scopes of work pulled directly from contract documents. These documents often include detailed responsibilities and references to systems or platforms that may be ITAR-restricted, even if they don’t seem sensitive on the surface.

For example, a labor category supporting missile defense or satellite communications might include references to export-controlled functions or technologies. If that information is shared with someone overseas, even for sourcing or recruiting purposes, it could be considered an unauthorized export of technical data.

The challenge is that not every company has its security team reviewing job descriptions before they go external. And while many recruiters take great care with candidate data, the same level of scrutiny isn’t always applied to the intake documents themselves.

Enforcement Isn’t Always Binary

Our FSO in that original scenario was strict. And honestly, that’s what you want in an FSO. But let’s be real, there’s a pendulum when it comes to how companies interpret and enforce ITAR compliance.

Some lean hard on zero-tolerance. Others apply risk-based judgment. But whether you’re operating in a tight shop or a flexible one, one thing is clear: ITAR violations don’t require malicious intent. They can happen through routine, well-meaning work.

A More Nuanced View on Offshore Recruiting

There’s been growing interest in outsourcing portions of the talent acquisition process. And in many industries, that’s an understandable move. But in the cleared space, it comes with unique compliance risks.

This isn’t about bashing offshore recruiting. There are skilled professionals worldwide who can add value. But when you’re handling roles that may fall under export control, you need to ask: What are we sharing, and where is it going and most importantly… Is it worth the risk.

If job descriptions or scopes of work include references to ITAR-covered technologies or systems, sending those materials outside the U.S. could expose your organization to regulatory scrutiny.

The safer approach is to assume that any recruiting content derived from classified or defense work should be vetted before being sent externally…whether that’s to an agency, a sourcing partner, or an offshore team.

Final Takeaway: Recruiting Is Part of Security

In cleared recruiting, every step—every resume, every job description, every handoff—intersects with compliance. You’re not just building teams. You’re helping to protect the programs those teams support.

ITAR taught me that.

Key Questions to Ask in Your Process

  • Are your job descriptions ever pulled directly from performance work statements?
  • Who reviews your intake documents before they’re shared externally?
  • Does your team understand how ITAR could apply to recruiting?
  • Do you know what data your offshore partners are receiving?

Understanding these questions isn’t just a recruiting best practice. It’s a national security imperative.

Related News

Tom Weinert is a DOD/Intel Talent Acquisition advisor and Founder of Mount Indie, a firm based in San Diego focused on helping small to large DOD contractors reinvent their TA strategy to compete in today’s market. With over a decade of experience in DOD program management and recruiting, Tom brings fresh ideas to the space focusing on out of the box sourcing, process improvement and strategic guidance in the cleared market.