The role focuses on designing and building automated evidence collection and continuous control monitoring pipelines to ensure audit readiness. It also involves managing security risk assessments for the organization and third-party vendors while maintaining compliance with ISO 27001 and SOC 2 standards.