After activating a plugin which adds new roles to the system, such as the Security Incident Response plugin, the new role does not take effect, or cannot be added to other users. In the case of Security Incident Response, a new role called sn_si.admin is added as a contained role under the regular admin role. You may notice that, after activating the plugin, you are unable to use this new role (even as an admin user) and are unable to assign it to another user.
All Supported Releases
New roles and role changes do not take effect for a user until that user has logged out and logged back in again, as stated in this documentation. In the context of Security Incident Response, if you are an admin user and have activated this plugin, you will receive the new sn_si.admin role automatically, since it is contained by the regular admin role. You also must have the sn_si.admin role in order to assign it to other users. However, until you log out and log back in, this new role will not take effect, and you will not be able to use it or assign it to other users.
Log out of the instance and log back in. After performing this step, the new role will take effect and you will be able to use and assign it.