Epic Security Analyst II

The Epic Security Analyst II is responsible for managing user access security policies and role-based permissions within the Epic electronic health record (EHR) system. This role ensures compliance with HIPAA organizational security policies and Epic best practices while supporting security design audits and troubleshooting access-related issues. The analyst collaborates with IT teams Compliance Officers Privacy Information Security and Epic application analysts to maintain secure efficient and compliant system access.

Please note this is a hybrid position with a set scheduled 3 days (Tues - Thurs) per month onsite in Springfield IL. Travel expenses are covered per our company guidelines for non-local employees.

We are happy to offer the flexibility of a hybrid position with some remote/ at home flexibility.

Please note you must reside on one of our approved states in order to be considered: Illinois Indiana Kansas Kentucky Michigan Missouri Ohio and Wisconsin are the approved states.

Minimum Qualifications:
Educational Background: Bachelors degree in computer science Information Systems Healthcare Informatics or a related field is preferred.
Epic Certification: Certification in Epic Security is required within 1 year of hire date.

Three plus years of IT experience desired.
Experience with EMP SER and identity management is preferred.
Experience with user provisioning role-based access control (RBAC) and security model design is preferred.
Understanding of HIPAA HITECH and other healthcare security regulations.
Experience with Active Directory (AD) single sign-on (SSO) multi-factor authentication (MFA) and identity management solutions.
Strong analytical problem-solving and troubleshooting skills related to Epic security and access issues.
Excellent communication and collaboration skills to work with IT teams compliance officers and end users.

Principle Duties & Responsibilities:
1. Manage user access templates and security roles within Epic.
2. Maintain and configure EMP records SER security and role-based access to align with job functions.
3. Implement security best practices to protect patient data and comply with regulatory requirements.
4. Conduct regular security audits and access reviews to ensure compliance with HIPAA and organizational policies.
5. Work with compliance teams and auditors to address security risks and findings.
6. Monitor system logs and security reports to detect and respond to unauthorized access or security breaches.
7. Troubleshoot access issues security permissions and authentication problems within Epic.
8. Provide user support training and documentation on security policies and access management.
9. Assist in resolving user provisioning errors break the glass access events and role conflicts.
10. Work with IT teams to integrate Active Directory single sign-on (SSO) and identity management systems with Epic security.
11. Coordinate with Epic application analysts and clinical departments to define appropriate security roles.
12. Participate in Epic upgrades security patches and system maintenance to ensure ongoing security.
13. Develop and maintain Epic security policies procedures and documentation.
14. Identify opportunities for automation process improvement and enhanced security measures.
15. Stay up to date with Epic security updates best practices and regulatory changes.

The intent of this job description is to provide a representative summary of the major duties and responsibilities performed by incumbents of this job. Incumbents may be requested to perform tasks other than those specifically presented in this description.