"Alerted.org

Epic Security Analyst

Position: Epic Security Analyst

Department: Epic

Reports to: Department Supervisor

Created: May 1, 2025

Job Summary

The Security Epic Analyst is responsible for supporting the design, implementation, and ongoing maintenance of security controls within the Epic electronic health record (EHR) system. This role ensures that security policies and procedures are effectively integrated into Epic modules, workflows, and user provisioning, and that data confidentiality, integrity, and availability are upheld. The analyst also collaborates with organizational governance bodies to ensure alignment with security and compliance strategies across clinical and administrative areas.

Essential Duties and Responsibilities

+ Manage Epic user provisioning, role assignments, and template configurations.

+ Develop and maintain security classes, roles, and subtemplates based on operational and departmental needs.

+ Review and process access requests while ensuring adherence to HIPAA and organizational policies.

+ Coordinate with application teams to implement access for new modules and upgrades.

+ Conduct regular security audits and support internal and external compliance reviews.

+ Participate in role-based access review cycles and security design workgroups.

+ Troubleshoot access issues and assist in root cause analysis of security incidents.

+ Collaborate with compliance, audit, and legal departments during investigations or audits.

+ Provide training and support to users and analysts regarding security best practices.

Qualifications

Required Qualifications:

+ Epic Security certification or equivalent Epic security experience

+ 2–4 years of Epic system experience in a healthcare environment

+ Working knowledge of HIPAA, RBAC, and security best practices

+ Strong documentation and troubleshooting skills

+ Familiarity with Active Directory and identity management systems

+ Expertise in the Microsoft Office suite of products, including Outlook, Teams, and Sharepoint

+ Expertise in Microsoft Excel, including pivot tables, look up functions, and managing large data sets

Preferred Qualifications:

+ Bachelor's degree in Information Systems, Cybersecurity, or related field

+ Experience supporting Community Connect environments or external partner access

+ 2–4 years of experience working with Epic systems in a healthcare environment.

+ Strong analytical, problem-solving, documentation and communication skills.

+ Experience with Active Directory and identity management systems.

+ Bachelor’s degree in Information Systems, Cybersecurity, Health Informatics, or related field (or equivalent experience).

Minimum Requirements

+ 2–4 years of experience working with IT systems in a healthcare environment.

+ Strong analytical, problem-solving, documentation and communication skills.

+ Experience with Active Directory and identity management systems preferred.

+ Understanding of IT security principles, including least privilege, role-based access control (RBAC), and compliance frameworks (HIPAA, NIST, etc.).

+ Attention to detail and high level of accuracy

+ Ability to work independently and as part of a cross-functional team

+ Discretion and ability to handle sensitive information

+ Time management and ability to prioritize in a fast-paced environment

Working Conditions

+ Primarily seated at a computer onsite located at South Central Regional Medical Center

+ May involve sporadic evenings or weekend work (approximately 2-4 times per year)

+ May involve occasional lifting of files or office supplies (up to 15 lbs.)

+ Frequent interaction with operational staff and providers at both South Central Regional Medical Center/Clinics and the Community Connect Partners.