PDS Health
Description
Now is the time to join PDS Health. You will have opportunities to learn new skills from our team of experienced professionals. If you're ready to take your career to the next level and gain valuable experience, apply today!
Overview
The Sr. Analyst, Identity and Access Management serves as a subject matter expert in Epic's security infrastructure, responsible for designing, implementing, and maintaining user access for both the core enterprise and Community Connect partners.This role collaborates closely with application, clinical, and compliance teams to provide technical expertise for Epic security programs, focusing on the design and maintenance of key controls such as user roles, security classes, and profiles to safeguard Protected Health Information (PHI). As a key contributor to daily security operations, the Sr. Analyst executes the end-to-end provisioning and de-provisioning lifecycle for all internal and external affiliate users, serving as an escalation point for complex access issues, and enforcing core security principles like least privilege access and HIPAA compliance within the EHR. The Sr. Analyst is a subject matter expert in Epic's security infrastructure and plays a crucial role in designing, implementing, and maintaining user access within our Epic electronic health record (EHR) system. This senior position is responsible for ensuring that access is provisioned securely, efficiently, and in compliance with all regulatory and organizational policies. This role requires a deep understanding of how Epic security integrates with broader Identity and Access Management (IAM) frameworks to safeguard patient data and ensure system integrity
Responsibilities Design, build, provide implementation guidance and support the core Epic security infrastructure, including user roles, security classes, profiles, and provider/resource records (SER), to ensure access is granted based on the principle of least privilege for both internal and Community Connect users. Provide support to Information Security team members in managing technologies such as Active Directory, Okta (identity and access management), and VPN / two-factor authentication solutions. Support PDS Identify Governance, Administration and Automation initiatives, by helping to automate Epic related user provisioning/de-provisioning workflows. Develop, implement, and audit Role-Based Access Control (RBAC) models within the Epic ecosystem to ensure system access is appropriate for each user's job function across the enterprise and affiliate partners. Define security requirements and configure access for third-party applications and interfaces that connect to Epic, utilizing tools like Bridges and API security (FHIR) to ensure data integrity. Evaluate, propose, and leverage resources and solutions that are scalable and cost-effective, including in-house, on-premises, cloud, hybrid, and hosted. Assist in various compliance efforts, including HITRUST, HIPAA, and PCI. Research and apply the latest Epic security features and best practices released in new version upgrades to continuously improve the organization's security posture. Work collaboratively with other Epic application analysts, clinical informatics, compliance officers, and business stakeholders to translate operational needs into technical security requirements. Ensure appropriate visibility of critical business assets, including customer data (PHI / PII) and ensure appropriate security controls to enhance patient, customer, and user experiences while maintaining high level of customer satisfaction and data security. Ensure operational reliability and support of IT services delivered to our patients, customers, and users in accordance with defined SLA metrics for confidentiality, integrity, and availability from a design, architecture and integration perspective. Other duties and responsibilities as assigned. Required
Epic Certification: Must hold a current certification as an Epic Security Coordinator. A minimum of 5 years of hands-on experience building, maintaining, and troubleshooting Epic User Security for both internal enterprise users and Community Connect partners. Deep understanding of the Epic security framework, including Chronicles, user templates, user roles, security classes, and provider/resource records (SER). Proven ability to analyze complex technical problems, troubleshoot security issues, and develop effective, sustainable solutions. Excellent verbal and written communication skills, with the ability to articulate technical concepts to both technical and non-technical stakeholders Preferred
Bachelor's degree in information technology, Healthcare Informatics, Information Technology, Computer Science, or a related field. Additional Epic certifications (e.g., Bridges, Data Courier, Chronicles) are a strong plus. Hands-on experience with enterprise Identity and Access Management (IAM) systems and directory services such as Okta or Microsoft Active Directory (AD). Understanding of API, Web Services and Micros Services. Experience in protecting electronically protected health information (ePHI) and sensitive customer personally identifiable information. Experience working within a large, complex healthcare organization and its affiliates. Knowledge/Skills/Abilities
Thorough knowledge of healthcare regulations, including HIPAA and HITECH, and their direct application to EHR access controls and patient data privacy. Familiarity with IT security best practices, including Role-Based Access Control (RBAC), the principle of least privilege, and identity governance concepts. Advanced analytical and troubleshooting skills with a demonstrated ability to investigate, resolve, and document complex user access and security-related issues. Proficiency in building, testing, and maintaining all aspects of Epic User Security to meet operational and project-based requirements. Skill in translating clinical and business workflow requirements into technical security specifications and system configurations. Demonstrated experience creating strategies, roadmaps and executing plans for successfully delivering the identity and access capabilities at other organizations. Demonstrated effective interpersonal, verbal, and written communication skills for technical and non-technical audiences. Ability to plan, organize, schedule, prioritize and manage workload and resources to execute Project Management skills. Abilit to collaborate with multiple project teams simultaneously in a fast-paced environment. Interpersonal and collaboration skills to partner effectively with internal business partners, vendors, consultant resources. Ability to multi-task effectively without compromising the quality of the work. Ability to respond to common inquiries from customers, staff, regulatory agencies, vendors, and other members of the business community. Self-motivated, reliable, and work independently as well as part of a team. Benefits
Medical, dental, and vision insurance Paid time off Tuition Reimbursement 401K Paid time to volunteer in your local community
PDS Health is an Equal Opportunity Employer. We celebrate diversity and are united in our mission to create healthier and happier team members.
Salary Information
$104,000.00-$136,000.00 / Annually
Now is the time to join PDS Health. You will have opportunities to learn new skills from our team of experienced professionals. If you're ready to take your career to the next level and gain valuable experience, apply today!
Overview
The Sr. Analyst, Identity and Access Management serves as a subject matter expert in Epic's security infrastructure, responsible for designing, implementing, and maintaining user access for both the core enterprise and Community Connect partners.This role collaborates closely with application, clinical, and compliance teams to provide technical expertise for Epic security programs, focusing on the design and maintenance of key controls such as user roles, security classes, and profiles to safeguard Protected Health Information (PHI). As a key contributor to daily security operations, the Sr. Analyst executes the end-to-end provisioning and de-provisioning lifecycle for all internal and external affiliate users, serving as an escalation point for complex access issues, and enforcing core security principles like least privilege access and HIPAA compliance within the EHR. The Sr. Analyst is a subject matter expert in Epic's security infrastructure and plays a crucial role in designing, implementing, and maintaining user access within our Epic electronic health record (EHR) system. This senior position is responsible for ensuring that access is provisioned securely, efficiently, and in compliance with all regulatory and organizational policies. This role requires a deep understanding of how Epic security integrates with broader Identity and Access Management (IAM) frameworks to safeguard patient data and ensure system integrity
Responsibilities Design, build, provide implementation guidance and support the core Epic security infrastructure, including user roles, security classes, profiles, and provider/resource records (SER), to ensure access is granted based on the principle of least privilege for both internal and Community Connect users. Provide support to Information Security team members in managing technologies such as Active Directory, Okta (identity and access management), and VPN / two-factor authentication solutions. Support PDS Identify Governance, Administration and Automation initiatives, by helping to automate Epic related user provisioning/de-provisioning workflows. Develop, implement, and audit Role-Based Access Control (RBAC) models within the Epic ecosystem to ensure system access is appropriate for each user's job function across the enterprise and affiliate partners. Define security requirements and configure access for third-party applications and interfaces that connect to Epic, utilizing tools like Bridges and API security (FHIR) to ensure data integrity. Evaluate, propose, and leverage resources and solutions that are scalable and cost-effective, including in-house, on-premises, cloud, hybrid, and hosted. Assist in various compliance efforts, including HITRUST, HIPAA, and PCI. Research and apply the latest Epic security features and best practices released in new version upgrades to continuously improve the organization's security posture. Work collaboratively with other Epic application analysts, clinical informatics, compliance officers, and business stakeholders to translate operational needs into technical security requirements. Ensure appropriate visibility of critical business assets, including customer data (PHI / PII) and ensure appropriate security controls to enhance patient, customer, and user experiences while maintaining high level of customer satisfaction and data security. Ensure operational reliability and support of IT services delivered to our patients, customers, and users in accordance with defined SLA metrics for confidentiality, integrity, and availability from a design, architecture and integration perspective. Other duties and responsibilities as assigned. Required
Epic Certification: Must hold a current certification as an Epic Security Coordinator. A minimum of 5 years of hands-on experience building, maintaining, and troubleshooting Epic User Security for both internal enterprise users and Community Connect partners. Deep understanding of the Epic security framework, including Chronicles, user templates, user roles, security classes, and provider/resource records (SER). Proven ability to analyze complex technical problems, troubleshoot security issues, and develop effective, sustainable solutions. Excellent verbal and written communication skills, with the ability to articulate technical concepts to both technical and non-technical stakeholders Preferred
Bachelor's degree in information technology, Healthcare Informatics, Information Technology, Computer Science, or a related field. Additional Epic certifications (e.g., Bridges, Data Courier, Chronicles) are a strong plus. Hands-on experience with enterprise Identity and Access Management (IAM) systems and directory services such as Okta or Microsoft Active Directory (AD). Understanding of API, Web Services and Micros Services. Experience in protecting electronically protected health information (ePHI) and sensitive customer personally identifiable information. Experience working within a large, complex healthcare organization and its affiliates. Knowledge/Skills/Abilities
Thorough knowledge of healthcare regulations, including HIPAA and HITECH, and their direct application to EHR access controls and patient data privacy. Familiarity with IT security best practices, including Role-Based Access Control (RBAC), the principle of least privilege, and identity governance concepts. Advanced analytical and troubleshooting skills with a demonstrated ability to investigate, resolve, and document complex user access and security-related issues. Proficiency in building, testing, and maintaining all aspects of Epic User Security to meet operational and project-based requirements. Skill in translating clinical and business workflow requirements into technical security specifications and system configurations. Demonstrated experience creating strategies, roadmaps and executing plans for successfully delivering the identity and access capabilities at other organizations. Demonstrated effective interpersonal, verbal, and written communication skills for technical and non-technical audiences. Ability to plan, organize, schedule, prioritize and manage workload and resources to execute Project Management skills. Abilit to collaborate with multiple project teams simultaneously in a fast-paced environment. Interpersonal and collaboration skills to partner effectively with internal business partners, vendors, consultant resources. Ability to multi-task effectively without compromising the quality of the work. Ability to respond to common inquiries from customers, staff, regulatory agencies, vendors, and other members of the business community. Self-motivated, reliable, and work independently as well as part of a team. Benefits
Medical, dental, and vision insurance Paid time off Tuition Reimbursement 401K Paid time to volunteer in your local community
PDS Health is an Equal Opportunity Employer. We celebrate diversity and are united in our mission to create healthier and happier team members.
Salary Information
$104,000.00-$136,000.00 / Annually