This position supports and extends the Director of Information Security by owning key security operations, governance, risk, and compliance activities while acting as a delegated decision-maker for day-to-day security program execution. This role balances hands-on operational responsibility with cross-functional leadership, ensuring security controls are effective, risks are managed, and compliance obligations—particularly PCI DSS—are met.