@IntuneUser Thanks for posting in our Q&A.
For this issue, we appreciate your help to check if the "create","assign", "update" is set to "Yes" under Device configurations in Endpoint Security Manager role.
Based on my check, the default settings are set to "No". When these setting are set to "Yes", please check if you can see "add" option in Settings catalog page.
If there is anything update, feel free to let us know.
If the answer is the right solution, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.