Epic Security Analyst Ii

Overview

The Epic Security Analyst II is responsible for managing user access, security policies, and role‑based permissions within the Epic electronic health record (EHR) system. This role ensures compliance with HIPAA, organizational security policies, and Epic best practices while supporting security design, audits, and troubleshooting access‑related issues. The analyst collaborates with IT teams, Compliance Officers, Privacy, Information Security and Epic application analysts to maintain secure, efficient, and compliant system access.

USD $37.43/Hr. – USD $58.02/Hr.

Hybrid position: scheduled 3 days on‑site (Tues – Thurs) per month in Springfield, IL. Travel expenses are covered per company guidelines for non‑local employees.

Remote/at‑home flexibility is also available. You must reside in an approved state:
Illinois, Indiana, Kansas, Kentucky, Michigan, Missouri, Ohio, and Wisconsin.

• Education:
  
  Bachelor’s degree in computer science, Information Systems, Healthcare Informatics, or a related field (preferred).
• Epic Security Certification required within 1 year of hire date.
• Three plus years of IT experience (desired).
• Experience with EMP, SER, and identity management (preferred).
• Experience with user provisioning, role‑based access control (RBAC), and security model design (preferred).
• Understanding of HIPAA, HITECH, and other healthcare security regulations.
• Experience with Active Directory (AD), single sign‑on (SSO), multi‑factor authentication (MFA), and identity management solutions.
• Strong analytical, problem‑solving, and troubleshooting skills related to Epic security and access issues.
• Excellent communication and collaboration skills to work with IT teams, compliance officers, and end users.

• Manage user access, templates, and security roles within Epic.
• Maintain and configure EMP records, SER security, and role‑based access to align with job functions.
• Implement security best practices to protect patient data and comply with regulatory requirements.
• Conduct regular security audits and access reviews to ensure compliance with HIPAA and organizational policies.
• Work with compliance teams and auditors to address security risks and findings.
• Monitor system logs and security reports to detect and respond to unauthorized access or security breaches.
• Troubleshoot access issues, security permissions, and authentication problems within Epic.
• Provide user support, training, and documentation on security policies and access management.
• Assist in resolving user provisioning errors, break‑the‑glass access events, and role conflicts.
• Work with IT teams to integrate Active Directory, SSO, and identity management systems with Epic security.
• Coordinate with Epic application analysts and clinical departments to define appropriate security roles.
• Participate in Epic upgrades, security patches, and system maintenance to ensure ongoing security.
• Develop and maintain Epic security policies, procedures, and documentation.
• Identify opportunities for automation, process improvement, and enhanced security measures.
• Stay up to date with Epic security updates, best practices, and regulatory changes.

The intent of this job description is to provide a representative summary of the major duties and responsibilities performed by incumbents of this job. Incumbents may be requested to perform tasks other than those specifically presented in this description.

Seniority level:
Mid‑Senior level

Employment type:

Full‑time

Job function:
Information Technology

Industry: Hospitals and Health Care