Sr Specialty Analyst Epic Security

Overview

The Epic Senior Security Analyst is responsible for managing user access, security policies, and role-based permissions within the Epic electronic health record (EHR) system. This role ensures compliance with HIPAA, organizational security policies, and Epic best practices while supporting security design, audits, and troubleshooting access-related issues. The analyst collaborates with IT teams, Compliance Officers, Privacy, Information Security and Epic application analysts to maintain secure, efficient, and compliant system access.

• Manage user access, templates, and security roles within Epic.
• Maintain and configure EMP records, SER security, and role-based access to align with job functions.
• Implement security best practices to protect patient data and comply with regulatory requirements.
• Conduct regular security audits and access reviews to ensure compliance with HIPAA and organizational policies.
• Work with compliance teams and auditors to address security risks and findings.
• Monitor system logs and security reports to detect and respond to unauthorized access or security breaches.
• Troubleshoot access issues, security permissions, and authentication problems within Epic.
• Provide user support, training, and documentation on security policies and access management.
• Assist in resolving user provisioning errors, break the glass access events, and role conflicts.
• Work with IT teams to integrate Active Directory, single sign-on (SSO), and identity management systems with Epic security.
• Coordinate with Epic application analysts and clinical departments to define appropriate security roles.
• Participate in Epic upgrades, security patches, and system maintenance to ensure ongoing security.
• Develop and maintain Epic security policies, procedures, and documentation.
• Identify opportunities for automation, process improvement, and enhanced security measures.
• Stay up to date with Epic security updates, best practices, and regulatory changes.

• Bachelor’s degree in computer science, Information Systems, Healthcare Informatics, or a related field is preferred.

• Epic Certification:
  Certification in Epic Security is required

• 7-10 years of IT experience desired.
• Understanding of HIPAA, HITECH, and other healthcare security regulations.
• Experience with Active Directory (AD), single sign-on (SSO), multi-factor authentication (MFA), and identity management solutions.
• Strong analytical, problem-solving, and troubleshooting skills related to Epic security and access issues.
• Excellent communication and collaboration skills to work with IT teams, compliance officers, and end users.
• Nice To Haves
• Experience with EMP, SER, and identity management is preferred.
• Experience with user provisioning, role-based access control (RBAC), and security model design is preferred.