The Right Role for User Management

Claro is growing its data operations team and wants to hire a dedicated identity administrator — someone responsible for creating and managing all Snowflake user accounts and role assignments across the organisation. The CTO's requirement is clear: this person should not have access to billing information, account parameters, or the ability to manage security objects like network policies and masking policies.

Which system-defined role should the identity administrator be assigned?