Epic Security Analyst II

This position is listed on behalf of a partner company, who manages all applications and next steps. Our partner is looking for a Epic Security Analyst II based in the United States.

This role plays a critical part in managing and securing Epic application access within a high-volume healthcare environment, ensuring that the right users have the right access at the right time. You will support day-to-day identity and access operations while also contributing to the design of scalable, automated access models that enable efficient joiner/mover/leaver processes. The position sits at the intersection of cybersecurity, clinical operations, and identity governance, directly impacting patient care workflows through secure and reliable system access. You will act as a key escalation point for complex access issues and help shape enterprise-wide access control standards. The environment is fast-paced, highly regulated, and focused on precision, auditability, and continuous improvement. This is a hands-on, high-impact role supporting both operational execution and long-term IAM/IGA modernization initiatives.

• Manage and execute high-volume Epic access requests through ServiceNow, supporting joiner/mover/leaver workflows, troubleshooting access issues, and ensuring timely resolution within defined SLAs.
• Prioritize and triage access requests based on urgency, risk level, patient-care impact, and operational requirements, escalating complex cases when necessary.
• Troubleshoot end-to-end Epic access issues, including user attributes, role mapping, provisioning outcomes, and authorization logic, ensuring accurate and auditable documentation.
• Support the design and refinement of Epic security models, including role-based and attribute-based access controls aligned with least-privilege principles.
• Maintain and enhance the Epic access catalog, including roles, entitlements, approval workflows, and risk classifications.
• Participate in access reviews, attestations, and remediation efforts to ensure compliance with security policies and regulatory requirements.
• Support investigations into inappropriate access or privacy concerns and contribute to corrective action plans and control improvements.

---

Requirements

• Associate’s degree required; Bachelor’s degree in Computer Science, Information Systems, Cybersecurity, or related field preferred.
• 2+ years of experience in Epic security, application access governance, or healthcare IT security operations with direct Epic access responsibilities.
• Epic Security certification strongly preferred; additional Epic certifications are a plus.
• Strong understanding of identity and access management concepts, including role-based access control, segregation of duties, and least-privilege principles.
• Experience working in high-volume ticketing environments, preferably using ServiceNow or similar ITSM tools.
• Strong proficiency in Microsoft Excel and Epic import/export processes.
• Familiarity with IAM/IGA platforms (e.g., Okta LCM, SailPoint) is highly desirable.
• Excellent communication skills with the ability to collaborate across technical, clinical, and operational teams.
• Strong attention to detail with the ability to produce accurate, audit-ready documentation under pressure.

---

Benefits

• Competitive compensation ranging from $71,500 to $104,000, depending on experience, skills, and location
• Comprehensive medical, dental, vision, and pharmacy coverage
• Paid time off and flexible leave policies
• Annual discretionary bonuses and merit-based salary increases
• 403(b) retirement savings plan with employer match
• Flexible Spending Accounts (FSA) and additional tax-advantaged benefits
• Career development and internal advancement opportunities
• Wellness and employee support programs for individuals and families
• Exposure to large-scale healthcare cybersecurity and IAM/IGA modernization initiatives