• You will own the category narrative, market credibility, and go-to-market execution for the Edge Platform. • Define and evolve the positioning and messaging for Gcore’s Edge Platform (Security & Delivery), including CDN, DDoS protection (L3/L4), application-layer security (WAF/WAAP), and edge compute (FastEdge) • Develop a clear category narrative that unifies performance, protection, and compute at the edge • Identify ICPs, personas, and key use cases across security, platform, and infrastructure buyers • Articulate competitive differentiation vs legacy vendors and hyperscalers • Ensure consistency of messaging across all customer-facing materials • Build and manage analyst relations (briefings, inquiries, preparation, ongoing engagement) • Lead participation in key industry reports and evaluations • Own the awards and recognition program (planning, submissions, amplification) • Establish and scale a customer proof program (case studies, references, peer reviews) • Build and maintain a structured evidence base (metrics, use cases, customer outcomes) • Lead end-to-end GTM for product launches in collaboration with Product, Sales, SE, and Marketing teams • Define launch strategy, packaging, and positioning inputs • Drive field readiness: sales enablement materials (decks, one-pagers, battlecards) and training • Support strategic deals with positioning, competitive insights, and tailored messaging • Ensure consistent execution across all go-to-market channels • Secure presence in industry media through articles, commentary, and contributed content • Collaborate with internal SMEs (Product, Security, Engineering) to create high-quality technical and thought leadership content • Build and manage an influencer/creator program (including technical reviewers and YouTube) • Drive distribution and amplification of key narratives, launches, and proof points • Success is defined by your ability to establish a credible market position, build scalable go-to-market execution, and contribute to measurable growth of the Edge Platform. • Contribute to building a 7-figure € pipeline by 2027 • Demonstrate clear growth and market traction in 2026 • Establish a structured GTM plan for H2 2026 • Define and validate clear positioning and category narrative • Build a scalable analyst relations, awards, and customer proof program for 2027 • Identify high-potential segments and repeatable use cases for scaling

• Establish a comprehensive mature security posture and hygiene strategy for AI and machine learning technologies • Assemble and manage a team dedicated to implementing, assessing, and maturing the CIS Top 18 critical controls • Develop and execute strategies for continuous monitoring and improvement of security controls and configurations • Ensure hygiene of security configurations by establishing and enforcing policies, procedures, and standards • Collaborate with IT, network, and other relevant departments to align security measures with organizational goals and compliance requirements • Develop and maintain comprehensive documentation on security controls, assessments, incidents, and improvements • Conduct regular assessments to determine the maturity of each security control • Foster strong partnerships with technology and domain stakeholders • Stay abreast of the latest cybersecurity trends, threats, and technologies • Lead initiatives to educate and train team members and the wider organization on cybersecurity good practices • Oversee daily operations, including targeted assessments, risk management, and response strategies

Title: Manager Security Compliance Locations: Woodbury, NY; South Jordan, UT; Horsham, PA; Pittsburgh, PA; Orlando, FL. Work Type: Hybrid, Full Time Job ID: JR100965 Job Description: What We Do At CardWorks, we aim to help people connect with possibility and opportunity using our financial servicing expertise. Building meaningful, long-term relationships with consumers, our employees, and our clients is what matters most. Who We Are CardWorks, Inc. is a diversified consumer finance service provider and parent company of CardWorks Servicing, LLC, Merrick Bank and Carson Smithfield, LLC. CardWorks Servicing, LLC provides end-to end operational servicing functions for credit cards, secured cards, and installment loans.  We service consumer and small business loans across the credit spectrum and offers backup servicing and due diligence services to capital providers and trustees. Merrick Bank is an FDIC-insured Utah Industrial Loan Bank. Merrick operates three main business lines: credit cards, recreational lending, and merchant services. Caron Smithfield, LLC provides a variety of post-charge-off debt recovery services, including digital self-service, IVR, live agent, and external agency management. Position Summary: The Security Compliance Manager is an individual contributor responsible for operationalizing, executing, and maturing the enterprise security compliance program. This role reports to the Director of Security Risk & Compliance and ensures that the organization’s security compliance strategy is translated into effective operational processes, assessments, and workflows. Core responsibilities include managing compliance operations, executing assessments, reviewing controls, supporting audit readiness, coordinating documentation and evidence, and ensuring accuracy and consistency across compliance systems and reporting. Essential Functions: Compliance Program Execution - Execute and continuously improve enterprise security compliance processes and assessments, supporting the strategic direction established by the Manager. - Operate and maintain the security compliance technology platform, ensuring assessments, evidence collection, and issue tracking are completed accurately and on schedule. - Coordinate compliance assessment activities and ensure required documentation is complete and aligned with standards. - Create, manage, and maintain standardized templates, procedures, workflows, and reporting to support consistent compliance operations. Security Exception Management - Execute detailed assessments of security exception requests, documenting risks, mitigating controls, approvals, and expiration tracking, in accordance with governance defined by the Director. - Track exception approvals, expirations, and remediation requirements, ensuring timely reminders, escalations, and accuracy of exception data. Security Issue Escalation & Tracking - Manage execution of the Security Compliance Finding and Issue Escalation process, ensuring control gaps and audit findings are documented, monitored, and remediated on schedule. - Maintain and operationalize workflow steps aligned to governance requirements defined by the Director, ensuring appropriate escalation of overdue or high‑risk issues. - Align information security issue tracking with Enterprise Risk Management processes and escalate high‑risk issues through established governance forums. Documentation Governance - Oversee the Information Security documentation governance program, ensuring policies, standards, procedures, and guidelines are accurate, current, and aligned with regulatory, customer, and internal control requirements. - Implement and maintain the documentation lifecycle processes, including drafting, review, approval, publication, version control, retention, and retirement. - Coordinate updates to documentation to ensure alignment with applicable frameworks such as CRI, NIST CSF, PCI DSS, and CIS 18, reflecting changes in technology, controls, and risk posture. - Track documentation quality, exceptions, gaps, and remediation activities; prepare reports and metrics to support leadership visibility and compliance oversight. - Partner with security, risk, IT, and compliance stakeholders to ensure documentation supports audits, assessments, and ongoing control operation. Education and Experience - 8+ years of experience in information security, risk management, compliance, or related disciplines. - Bachelor’s degree in IT or related field preferred or equivalent work experience in lieu of degree. - Working knowledge of security frameworks such as Cyber Risk Institute, NIST CSF, CIS Controls, and PCI DSS along with experience applying these and other industry-specific regulations to projects and infrastructure. - Experience in collaborating across diverse teams, including IT, business units, and external stakeholders, to address security requirements and align with project objectives. - Strong understanding of security risk assessment methodologies, controls implementation, and process optimization, with a track record of successfully mitigating risks and enhancing security practices. Summary of Qualifications: - Strong working knowledge of major security frameworks and regulatory requirements, including CRI, NIST CSF, PCI DSS, and CIS Controls, with experience aligning compliance platforms to support assessments and evidence management. - Skilled in optimizing compliance workflows, dashboards, templates, and reporting to enhance operational efficiency and audit readiness. - Proficient with core security technologies such as vulnerability management, encryption, and identity and access management. - Strong analytical and communication skills, able to identify trends, explain complex technical and regulatory concepts, and support cross‑functional collaboration. - Highly organized, detail‑oriented, and capable of managing multiple priorities while improving processes, automation, and program scalability. Ideally, the qualified candidate will work at the following location(s): South Jordan, UT; Woodbury, NY; Horsham, PA; Pittsburgh, PA; Orlando, FL. A hybrid work model or fully remote model can be considered based on hiring manager decision and priorities of the role. The salary range for this position, if located in NY Metro/NY State is $128,490 to $142,767. However, please note that the salary range will vary for other geographic areas. #INDHP Our Employee Value Proposition - Competitive Pay, including a Bonus Target or Variable Pay Incentive Program - Benefits Package -Medical, Dental, and Vision (plus much more) - 401(k) Plan with Company Match - Short- & Long-Term Disability - Wellness Programs - Group Life and AD&D Insurance - Paid Vacation, Sick Days and bank Holidays - Employee Engagement Activities including Employee Appreciation Day, DEI Employee Resource Groups, Corporate Social Responsibility, Service Recognition We offer a total rewards package comprised of a competitive base rate of pay, variable pay incentive programs based on the role, and a comprehensive benefit suite.  Offered rates of pay are determined based on job-related knowledge, relevant experience, skills, certifications, and geographic location.

• Define Product Strategy & Vision: Establish and communicate the vision, roadmap, and success metrics for security products aligned to enterprise risk posture and compliance requirements. • Set Clear Outcomes: Define what success looks like for each product, including measurable KPIs. • Plan for Scalability & Future Needs: Anticipate evolving security threats and compliance requirements. Design products that scale and adapt to future enterprise needs. • Incorporate AI for Efficiency: Identify opportunities to integrate AI into daily workflows to automate repetitive tasks, improve decision-making, and maximize efficiency. • Manage Product Development: Collaborate with engineering and security teams to design and deliver secure-by-default capabilities integrated into developer workflows (IDE, CI/CD pipelines). Maintain backlog, write and groom user stories, and drive iterative releases using Agile methodologies. • Enable Data-Driven Decisions: Define and monitor KPIs for success. Use analytics and risk reporting to validate assumptions and optimize adoption. • Stakeholder Communication: Lead product ceremonies and communicate progress, risks, and trade-offs to engineering leadership, security teams, and partners.