The security_admin role is an elevated privilege role provided with High Security Settings that lets users create and change access controls and change High Security Settings.

In the base system, only the default System Administrator (admin) user has the security_admin role. Since it requires elevating privileges, the admin user does not have this role at login. After elevating privileges, the admin user has the security_admin role for the duration of the user session. See Elevate to a privileged role for more information.

To maintain high security, the security_admin role requires elevating privileges. Limit the users and groups to which you assign this role.