Epic Security Architect - FT - Days - IS Technical Services @ MV

El Camino Health is committed to hiring, retaining and growing the best and brightest professionals who will carry our mission and vision forward.  We are proud of our reputation in the community: One built on compassion, innovation, collaboration and delivering high-quality care.  Come join the team that makes this happen. Applicants MUST apply for position(s) by submitting a separate application for each individual job posting number they are interested in being considered for. FTE 1 Scheduled Bi-Weekly Hours 80 Work Shift Day: 8 hours Job Description Job Profile Summary The Epic Security Architect acts as a subject-matter expert in Epic security design, build, and maintenance. This role ensures proper access, compliance, and operational efficiency across Epic applications and integrated systems. Demonstrates sustained application of specialized Epic security expertise, leading RBAC design and security build; implementing and monitoring audit controls and driving remediation; partnering with Identity/IAM; and supporting BCP and change related security activities, across modules and processes. Regularly collaborates with clinical, business, and IT stakeholders to manage user access provisioning, maintain security policies, conduct audits, and support enterprise security initiatives and trains/mentors junior analysts. Serves as escalation for Epic security; and determines methods and procedures on new assignments where analysis of data requires in‑depth evaluation. Job Description Access Requirements & Security Analysis Design, configure, test, and maintain Epic security components (user templates, provider records/blueprints, roles, profiles). Partner with application/operational teams to translate access requirements into least‑privilege, Minimum Necessary, role‑based designs. Own the user access lifecycle (create, provision, update, inactivate), including request intake, approvals, onboarding/offboarding, and timely access removals. Design and maintain RBAC (security classes/templates, provider blueprints, profiles), and perform periodic role/access attestations. Develop security implementation plans from operational needs and act as SME/escalation for complex access scenarios. Evaluate new Epic features/settings and identity/MFA/SSO implications for security impact and alignment. Apply in‑depth evaluation to determine methods and procedures on new assignments (e.g., novel access models, cross‑module role harmonization). Security Configuration, Testing & Implementation Lead the build/configuration of Epic security components, including login behavior and working‑environment settings. Plan and execute functional, integration, and regression testing for security changes, Updates/Special Updates, and new module implementations. Lead change/security readiness for go lives and upgrades (including multi module implementations), coordinating cutover tasks and validating access controls through the change control process. Follow Epic/vendor best practices and maintain certifications aligned to Epic Honor Roll requirements. Documentation, Compliance & Process Controls Create and maintain process documentation, build guides, runbooks, and technical configuration records for internal use and cross‑team handoffs. Ensure evidence of authorization is captured and archived; enforce policies to ensure only authorized access (Minimum Necessary). Perform audits and risk assessments (internal/external); drive audit remediation and sustain controls (including dormant account reviews and access cleanup). Maintain and test business continuity processes for access/security; standardize provisioning/deprovisioning work Operations Support, Incident Response & Mentoring Troubleshoot security/workflow issues; serve as escalation point; collaborate with IS, Information Security/Identity, and Epic for proactive support. Monitor security/access performance metrics, remediate issues, and respond after‑hours/emergencies as needed. Train and mentor junior analysts/operational staff; promote consistent application of security practices. Communication, Collaboration & Reporting Regularly partners with Information Security/Identity, project teams, operational leaders, and clinical/business IT; drives security testing/controls across modules; and provides cross‑team influence and guidance. Communicate security designs, changes, and impacts clearly to technical and non‑technical stakeholders. Produce Reporting Workbench and ad‑hoc reports to support access reviews, incident analysis, and security KPIs/dashboards. Continuously improve provisioning, RBAC, auditing, and reporting workflows; complete daily standard work and communications to maintain secure operations. Collaborate across clinical, business, and IT teams to ensure alignment and consistent application of security practices. Qualifications Bachelor’s Degree preferred 4 years of direct Epic security experience with progressive experience is required Minimum of 5 years of experience in information technology required Excellent analytical, troubleshooting, and problem-solving skills Key competencies: Ability to analyze data and information with a detailed understanding of regulatory requirements that impact the healthcare industry, as well as security frameworks and methodologies. Meticulous attention to detail Good problem-solving skills Ability to work comfortably under pressure and deliver on tight deadlines Ability to maintain the highest standards of confidentiality, integrity, and personal accountability when working with sensitive and restricted data, including protected health information (PHI) Knowledge of Epic User Security, Schedulable Epic Resource settings, and other Epic functionality as needed Ability to practice a high level of integrity and honesty in maintaining confidentiality Working knowledge of: Demonstrated success using Epic, other electronic health record management.