Who has the authority to assign custom roles in the security center?

The authority to assign custom roles in the security center typically rests with those in positions of greater responsibility and access, such as admins and security managers. This reflects the need for careful control over role assignments to maintain security and operational integrity. Admins possess the technical capabilities to manage user permissions and configurations, while security managers focus on the strategic aspects of security posture and role delegation. Allowing only these two roles to assign custom roles ensures that authorized individuals can define roles that align with both security policies and organizational responsibilities.

Other roles, like general users or individuals without administrative capacities, would not have the necessary authority as unmanaged role assignments could lead to security vulnerabilities. Such a measure helps to mitigate risks associated with unauthorized access and ensures that the roles created serve the security objectives effectively.