The Security Analyst can add up to 20 customized roles in this screen. In addition, the predefined SOC roles (such as Tier 1, Collaborator, etc.)  can be modified here as well.
New roles can be created for various purposes including routing tasks to specific SOC teams, managing their daily workload, controlling view permissions and managing cases access permissions.

To create a new role:

  1. Navigate to Settings > Organizations > Roles.
  2. Click the plus icon on the top right of the screen.
  3. In the Add Role dialog box, enter a name for the new Role, and select which additional roles they should have access to. (This will affect which cases they can see in the Chronicle SOAR platform.)
  4. Click Add. The Role is added to the table in the screen.

One of the Roles can be set as Default using the Edit button. The default role will have all new cases automatically assigned to it. Note that this default role cannot be deleted.