The person who makes decisions such as which vendor to choose, which product to use, which architecture should be employed, that person needs to have an in-depth technical understanding of those things.
If the CISO wants to appoint someone who has the knowledge to make those decisions then that is fine. The problem I see everyday though is that "suits" make buying decisions based on pretty graphs and then the technical people who implement and use the security controls are stuck with products and solutions that don't work.
What I see is that not even "junior" or operations managers have the security and technical knowledge necessary to make effective decisions. That might be OK if those managers are just making staffing, financing, administrative decisions. But if they are making security and operational decisions then it is a disaster.