Apply suggestions from code review

saritai · lecoursen · web-flow · commit 347fda968d5f · 2021-10-12T14:14:56.000-04:00
Co-authored-by: Laura Coursen &lt;lecoursen@github.com&gt;
diff --git a/content/organizations/managing-peoples-access-to-your-organization-with-roles/managing-the-security-manager-role-in-your-organization.md b/content/organizations/managing-peoples-access-to-your-organization-with-roles/managing-the-security-manager-role-in-your-organization.md
@@ -1,6 +1,6 @@
 ---
 title: Managing the security manager role in your organization
-intro: 'Organization owners can assign the security manager role to the organization''s security teams to give them the level of access they need.'
+intro: 'You can give your security team the least access they need to your organization by assigning a team to the security manager role.'
 versions:
   fpt: '*'
   ghes: '>=3.3'
@@ -9,6 +9,7 @@ topics:
   - Organizations
   - Teams
 shortTitle: Security manager role
+permissions: Organization owners can assign the security manager role.
 ---
 
 {% note %}
@@ -17,17 +18,17 @@ shortTitle: Security manager role
 
 {% endnote %}
 
-Members of your organization's Owners team can grant a team the permissions to manage security alerts and settings across your organization, as well as read permissions on all organization repositories, by assigning the security manager role.
+Organization owners can grant a team the permissions they need to manage security alerts and settings across your organization, as well as read access on all organization repositories, by assigning the security manager role.
 
 ## Permissions for the security manager role
 
-Members of a team with the security manager role assigned have the following permissions:
+Members of a team with the security manager role have only the permissions required to effectively manage security for the organization.
 
-- Read permission on all repositories in the organization
-- Write permission on all security alerts in the organization
-- Access to **Security Overview** in the organization's **Security** tab
-- Write permission on security settings at the organization level, including the ability to enable or disable {% data variables.product.prodname_GH_advanced_security %}
-- Write permission on security settings at the repository level, including the ability to enable or disable {% data variables.product.prodname_GH_advanced_security %}
+- Read access on all repositories in the organization, in addition to any existing repository access 
+- Write access on all security alerts in the organization
+- Access to the organization's security overview
+- The ability to configure security settings at the organization level, including the ability to enable or disable {% data variables.product.prodname_GH_advanced_security %}
+- The ability to configure security settings at the repository level, including the ability to enable or disable {% data variables.product.prodname_GH_advanced_security %}
 
 While a team will be granted read permission on all organization repositories upon being added as security managers, any existing repository permissions that the team had will stay the same. If a team has the security manager role, only organization owners will be able to change team access to repositories in the **Repositories** tab. 
 
@@ -39,14 +40,19 @@ Repository owners will be able to see if a security manager team has access to t
 {% data reusables.profile.access_org %}
 {% data reusables.profile.org_settings %}
 {% data reusables.organizations.security-and-analysis %}
-1. Under **Security managers**, search and select the team to which you want to assign the role. Once selected, the team will appear in a list below the search bar. 
+1. Under **Security managers**, search for and select the team to give the role. Each team you select will appear in a list below the search bar. 
   ![Add security manager](/assets/images/help/organizations/add-security-managers.png)
 ## Removing the security manager role from a team in your organization
 
-Note that while removing the security manager role will remove the ability to manage security alerts and settings across the organization, it will not remove the read permissions on repositories that were granted when the role was assigned. You will need to remove any unwanted read permissions manually in the team's **Repositories** tab. 
+
+{% warning %}
+
+**Warning:** Removing the security manager role from a team will remove the team's ability to manage security alerts and settings across the organization, but the team will retain read access to repositories that was granted when the role was assigned. You must remove any unwanted read access manually. For more information, see "[Managing team access to an organization repository](/organizations/managing-access-to-your-organizations-repositories/managing-team-access-to-an-organization-repository#removing-a-teams-access-to-a-repository)."
+
+{% end warning %}
 
 {% data reusables.profile.access_org %}
 {% data reusables.profile.org_settings %}
 {% data reusables.organizations.security-and-analysis %}
-1. Under **Security managers**, click the **X** icon to the right of the team from which you want to remove the security manager role.
+1. Under **Security managers**, to the right of the team you want to remove as security managers, click {% octicon "x" aria-label="The X icon" %}.
   ![Remove security managers](/assets/images/help/organizations/remove-security-managers.png)
diff --git a/content/organizations/managing-peoples-access-to-your-organization-with-roles/roles-in-an-organization.md b/content/organizations/managing-peoples-access-to-your-organization-with-roles/roles-in-an-organization.md
@@ -20,7 +20,7 @@ shortTitle: Roles in an organization
 
 You can give organization members, outside collaborators and teams of people varying levels of access to repositories by assigning repository roles. For more information, see "[Repository roles for an organization](/organizations/managing-access-to-your-organizations-repositories/repository-roles-for-an-organization)."
 
-Team-level roles are roles that give permissions specific to a team. You can give any individual member of a team the *team maintainer* role, which gives them a number of administrative permissions over a team. For more information, see "[Giving "team maintainer" permissions to an organization member](/organizations/managing-peoples-access-to-your-organization-with-roles/giving-team-maintainer-permissions-to-an-organization-member)."
+Team-level roles are roles that give permissions to manage a team. You can give any individual member of a team the team maintainer role, which gives the member a number of administrative permissions over a team. For more information, see "[Giving "team maintainer" permissions to an organization member](/organizations/managing-peoples-access-to-your-organization-with-roles/giving-team-maintainer-permissions-to-an-organization-member)."
 
 Organization-level roles are different sets of permissions that can be assigned to individuals or teams to manage an organization and the repositories, teams and settings within it. For more information on each organization-level role, see [Roles for an organization](#roles-for-an-organization).
 
@@ -47,7 +47,7 @@ Billing managers are users who can manage the billing settings for your organiza
 
 Security manager is an organization-level role that can be assigned to any team in an organization. When applied, it gives every member of the team permissions to manage security alerts and settings across your organization, as well as read permissions for all repositories in the organization.
 
-This role is useful for organizations with security teams, as it gives members of the team the permissions they need to do their job without any extra permissions they do not require. For more information, see "[Managing the security manager role in your organization](/organizations/managing-peoples-access-to-your-organization-with-roles/managing-the-security-manager-role-in-your-organization)."
+If your organization has a security team, you can use the security manager role to give members of that team the permissions they need to do their job without any extra permissions they do not require. For more information, see "[Managing the security manager role in your organization](/organizations/managing-peoples-access-to-your-organization-with-roles/managing-the-security-manager-role-in-your-organization)."
 {% endif %}
 ### {% data variables.product.prodname_github_app %} managers
 By default, only organization owners can manage the settings of {% data variables.product.prodname_github_apps %} owned by an organization. To allow additional users to manage {% data variables.product.prodname_github_apps %} owned by an organization, an owner can grant them {% data variables.product.prodname_github_app %} manager permissions.
@@ -217,5 +217,4 @@ Some of the features listed below are limited to organizations using {% data var
 ## Further reading
 
 - "[Repository roles for an organization](/organizations/managing-access-to-your-organizations-repositories/repository-roles-for-an-organization)"
-- "[About teams](/organizations/organizing-members-into-teams/about-teams)"
 - "[Project board permissions for an organization](/organizations/managing-access-to-your-organizations-project-boards/project-board-permissions-for-an-organization)"
