Roles in Google Security Operations let administrators streamline workflows by creating custom access levels and automating task assignments. This document explains how to create roles to control permissions and manage SOC team workloads effectively.
Role permissions and customization
You can customize roles to fit the needs of your SOC. This lets you control permissions, manage team workloads, and route tasks more effectively, with these details in mind:
An administrator can add up to 20 customized roles.
Predefined SOC roles (such as Tier 1 or Collaborator) can also
be modified.
New roles can be created for various purposes, such as to:
Route tasks to specific SOC teams
Manage SOC teams' daily workloads
Control view permissions
Manage cases access permissions
Create a new role
To create a new role, follow these steps:
Go to Settings>Organization>Roles.
On the Roles page, click addAdd.
In the Add Role dialog, enter a name for the new role, and select
which additional roles it should have access to. Doing this affects which
cases users can see in the Google SecOps platform.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-09-07 UTC."],[[["\u003cp\u003eGoogle SecOps allows Security Analysts to create up to 20 custom roles, as well as modify predefined SOC roles.\u003c/p\u003e\n"],["\u003cp\u003eNew roles can be designed to route tasks, manage workload, control view permissions, and manage case access permissions within the platform.\u003c/p\u003e\n"],["\u003cp\u003eTo create a new role, navigate to Settings > Organizations > Roles and use the Add Role dialog to define the role's name and access.\u003c/p\u003e\n"],["\u003cp\u003eOne role can be designated as the default role, which will have all new cases automatically assigned to it, and cannot be deleted while set as the default.\u003c/p\u003e\n"]]],[],null,["Manage roles and workloads \nSupported in: \nGoogle secops [SOAR](/chronicle/docs/secops/google-secops-soar-toc) \nRoles in Google Security Operations let administrators streamline workflows by creating custom access levels and automating task assignments. This document explains how to create roles to control permissions and manage SOC team workloads effectively.\n\nRole permissions and customization\n\nYou can customize roles to fit the needs of your SOC. This lets you control permissions, manage team workloads, and route tasks more effectively, with these details in mind:\n\n- An administrator can add up to 20 customized roles.\n- Predefined SOC roles (such as `Tier 1` or `Collaborator`) can also be modified.\n- New roles can be created for various purposes, such as to:\n - Route tasks to specific SOC teams\n - Manage SOC teams' daily workloads\n - Control view permissions\n - Manage cases access permissions\n\nCreate a new role\n\nTo create a new role, follow these steps:\n\n1. Go to **Settings** \\\u003e **Organization** \\\u003e **Roles**.\n2. On the **Roles** page, click add**Add**.\n3. In the **Add Role** dialog, enter a name for the new role, and select which additional roles it should have access to. Doing this affects which cases users can see in the Google SecOps platform. \n4. Click **Add**. The role is added to the table.\n\n| **Note:** Click **Edit** to set oa role as the default. All new cases are automatically assigned to the default role, and it can't be deleted while it's a default role.\n\nFor more information on roles, see [Learn how to control access to the platform](/chronicle/docs/soar/admin-tasks/\nadvanced/control-access-to-platform).\n\n**Need more help?** [Get answers from Community members and Google SecOps professionals.](https://security.googlecloudcommunity.com/google-security-operations-2)"]]