• Assist with providing compliance advisory support to Product, Marketing, Legal, Sales, and other departments throughout product and campaign lifecycles • Provide comprehensive understanding of relevant consumer finance regulations (including Reg Z, V, DD, CC, B, E, etc.), industry standards, and internal policies • Monitor and assess external industry trends and regulatory environment to help shape Marqeta's compliance strategy • Assist with regulatory responses and compliance advisory duties, as needed • Support change management reviews for new products, features, or program changes • Assist with formal review process for external customer marketing content and campaigns including advertisements, promotional content, digital media, social media and product information, to ensure compliance with legal and regulatory requirements, including UDAP/UDAAP, and FTC advertising rules • Coordinate with Legal, Marketing, and other departments to obtain necessary approvals and feedback • Assist in reviewing products and services for compliance with applicable federal and state consumer-finance laws and bank partner requirements • Maintain awareness of compliance risks associated with client-specific product constructs • Develop, maintain and update consumer compliance policies and procedures in response to changes in regulations and business needs, as needed. • Assist with other compliance advisory duties, as needed.

ClassWallet, a leading financial technology company in the United States, is seeking to hire a Director of Security and Compliance to join our team. ClassWallet is a financial technology company serving agencies delegated responsibility to manage public funds. Agencies use ClassWallet to get public funds to the right people, and ensure the funds are used for the right purpose. ClassWallet’s suite of products and services empowers agency administrators to dramatically increase efficiency of funds distribution and spend compliance, reduce programmatic costs, maximize the full potential impact of the program, and satisfy the needs and expectations of policymakers, constituents and public reporting. ClassWallet has processed over $3.5 Billion to date and serves public agencies across 33 states. The Company has developed an industry-defining digital wallet solution which has gained rapid traction among state and local agencies and school districts across America. ClassWallet ranks as the 61st fastest growing software company on the prestigious Inc. 5000 list of fastest-growing private companies and the 21st fastest growing financial technology company on the Deloitte Technology Fast 500 in 2023. While the Company delivers immense business value, the social impact of ClassWallet is a fabric that runs through its mission and corporate culture. As a result of ClassWallet’s innovation, public programs run with exponentially more efficiency and the impact and breadth of the programs for the individuals they serve is dramatically higher. This mission compliments the Company mission-based culture with focus on gratitude and work-life balance. About the Role The Director of Security and Compliance is a critical role reporting directly to the Chief Legal Counsel. This individual will be the organization's expert in government security frameworks, responsible for achieving and maintaining high-level government certifications. This role uniquely blends legal compliance, rigorous security operations, and direct partnership with the Product and Engineering teams to ensure our solutions meet the stringent FedRAMP/GovRamp requirements from inception through deployment. Responsibilities Government Compliance Leadership (FedRAMP/GovRamp Critical) - FedRAMP Ownership: Own the entire process for maintaining and managing FedRAMP/GovRamp authorizations, including control implementation, documentation (e.g., System Security Plan - SSP), continuous monitoring, and annual audits (A&A). - Audit Management: Serve as the primary point of contact for all external security and compliance audits (including SOC 2 Type II), coordinating efforts between auditors, legal counsel, and technical teams to ensure successful outcomes and high-quality evidence collection. - Compliance Program Management: Design, implement, and lead the corporate security compliance program, ensuring adherence to the specific controls required by all key frameworks. Product Security & Implementation Review - Security-by-Design Review: Collaborate closely with the Product Management and Engineering teams, reviewing product roadmaps, features, and architectures to ensure security and government compliance (especially FedRAMP/GovRamp controls) are integrated from the initial design phase (Security-by-Design). - Product Requirements Translation: Translate complex regulatory and certification controls into clear, actionable technical requirements and user stories for product development teams. - Risk Mitigation: Conduct risk assessments on product features, third-party integrations, and new technologies to proactively identify and mitigate compliance and security risks before product launch. Legal, Policy & Governance Support - Contractual Review: Support the Legal Team by critically reviewing and negotiating security and privacy clauses in customer contracts, RFPs, vendor agreements, and data processing addendums (DPAs), specifically pertaining to government and regulated clients. - Policy & Training: Develop, document, and enforce comprehensive security, privacy, and data governance policies. Conduct targeted training for teams involved in government-facing products. - Executive Reporting: Provide regular, executive-level reports to the Chief Legal Counsel on the status of compliance efforts, identified risks, and strategic security posture.

• Administer NNME agreements, subawards, and scopes of work throughout the contract lifecycle (intake through closeout) • Coordinate contract execution with NNME regional nodes and internal SEMI Foundation stakeholders • Maintain complete and accurate contract documentation and audit-ready files • Track deliverables, reporting deadlines, and contractual obligations • Conduct subrecipient monitoring activities consistent with federal requirements • Review invoices and supporting documentation for allowability and alignment with approved budgets • Track expenditures, budgets, and remaining balances • Identify compliance risks and escalate issues appropriately • Assist with contract amendments and close-out documentation • Support compliance with OT Agreement terms and federal grant requirements (including 2 CFR 200 or comparable state regulations) • Coordinate data collection from NNME regional nodes for federal reporting • Monitor reporting requirements and ensure timely submissions • Support internal and external audits • Assist in development of program compliance procedures and documentation standards • Serve as a primary administrative contact for NNME nodes regarding contracting and reporting requirements • Provide guidance to partners on documentation, invoicing, and reporting expectations • Develop templates, tracking systems, and administrative processes for NNME operations • Adapt and scale your expertise in contract drafting, subrecipient monitoring, and compliance reviews to support a variety of other Foundation grants and special projects as organizational needs evolve

• Request and monitor daily report for direct orders on hold 2 x’s per day and distribute to staff. • Request anniversary and expiration reports 120 in advance of anniversary or expiration date and distribute to staff for processing. • Monitor that the above contracts have action taken 45 days prior to anniversary or expiration date. • Monitor the SOX compliance report logs – Chargeback paid activity, Contract amending activity and Direct sales reports. • Monitor the Contract Admin mailbox consisting of rebills, price requests, customer deactivations, product adds and deletes and contract extensions. • Track and log all contracts, LOA’s and PO’s received from the sales reps and route to appropriate analyst. • Review and approve contracts entered by analyst to ensure accuracy and to comply with SOX audits. • Point person for request and retrieval of archived contracts. • Notify Compliance Analyst of device shipments. • Review Compliance statements prior to customer notification. • Respond to contract compliance inquiries from Commercial Contracting, Sales and/or other entities regarding customers. • Conduct 1:1’s with all direct reports monthly. • Conduct team meetings as needed due to staff in both LF and SC. • Manage and work with the Compliance Analyst with all failure to supply requests. • Work on special assignments as assigned