EPIC SECURITY ANALYST II

Memorial Health•Springfield, IL

1d•$37 - $58•Hybrid

About The Position

The Epic Security Analyst II is responsible for managing user access, security policies, and role-based permissions within the Epic electronic health record (EHR) system. This role ensures compliance with HIPAA, organizational security policies, and Epic best practices while supporting security design, audits, and troubleshooting access-related issues. The analyst collaborates with IT teams, Compliance Officers, Privacy, Information Security and Epic application analysts to maintain secure, efficient, and compliant system access. Please note this is a hybrid position with a set scheduled 3 days (Tues - Thurs) per month onsite in Springfield, IL. Travel expenses are covered per our company guidelines for non-local employees. We are happy to offer the flexibility of a hybrid position with some remote/ at home flexibility. Please note you must reside on one of our approved states in order to be considered: Illinois, Indiana, Kansas, Kentucky, Michigan, Missouri, Ohio, and Wisconsin are the approved states.

Requirements

Educational Background: Bachelor’s degree in computer science, Information Systems, Healthcare Informatics, or a related field is preferred.
Epic Certification: Certification in Epic Security is required within 1 year of hire date.
Three plus years of IT experience desired.
Understanding of HIPAA, HITECH, and other healthcare security regulations.
Experience with Active Directory (AD), single sign-on (SSO), multi-factor authentication (MFA), and identity management solutions.
Strong analytical, problem-solving, and troubleshooting skills related to Epic security and access issues.
Excellent communication and collaboration skills to work with IT teams, compliance officers, and end users.

Nice To Haves

Experience with EMP, SER, and identity management is preferred.
Experience with user provisioning, role-based access control (RBAC), and security model design is preferred.

Responsibilities

Manage user access, templates, and security roles within Epic.
Maintain and configure EMP records, SER security, and role-based access to align with job functions.
Implement security best practices to protect patient data and comply with regulatory requirements.
Conduct regular security audits and access reviews to ensure compliance with HIPAA and organizational policies.
Work with compliance teams and auditors to address security risks and findings.
Monitor system logs and security reports to detect and respond to unauthorized access or security breaches.
Troubleshoot access issues, security permissions, and authentication problems within Epic.
Provide user support, training, and documentation on security policies and access management.
Assist in resolving user provisioning errors, break the glass access events, and role conflicts.
Work with IT teams to integrate Active Directory, single sign-on (SSO), and identity management systems with Epic security.
Coordinate with Epic application analysts and clinical departments to define appropriate security roles.
Participate in Epic upgrades, security patches, and system maintenance to ensure ongoing security.
Develop and maintain Epic security policies, procedures, and documentation.
Identify opportunities for automation, process improvement, and enhanced security measures.
Stay up to date with Epic security updates, best practices, and regulatory changes.