Job Description
El Camino Health is committed to hiring, retaining and growing the best and brightest professionals who will carry our mission and vision forward. We are proud of our reputation in the community: One built on compassion, innovation, collaboration and delivering high-quality care. Come join the team that makes this happen. Applicants MUST apply for position(s) by submitting a separate application for each individual job posting number they are interested in being considered for. FTE 1 Scheduled Bi-Weekly Hours 80
Work Shift Day:
8 hours Job Description Job Profile Summary The Epic Security Architect acts as a subject-matter expert in Epic security design, build, and maintenance. This role ensures proper access, compliance, and operational efficiency across Epic applications and integrated systems. Demonstrates sustained application of specialized Epic security expertise, leading RBAC design and security build; implementing and monitoring audit controls and driving remediation; partnering with Identity/IAM; and supporting BCP and change related security activities, across modules and processes. Regularly collaborates with clinical, business, and IT stakeholders to manage user access provisioning, maintain security policies, conduct audits, and support enterprise security initiatives and trains/mentors junior analysts. Serves as escalation for Epic security; and determines methods and procedures on new assignments where analysis of data requires in‑depth evaluation. Job Description Access Requirements & Security Analysis Design, configure, test, and maintain Epic security components (user templates, provider records/blueprints, roles, profiles). Partner with application/operational teams to translate access requirements into least‑privilege, Minimum Necessary, role‑based designs. Own the user access lifecycle (create, provision, update, inactivate), including request intake, approvals, onboarding/offboarding, and timely access removals. Design and maintain RBAC (security classes/templates, provider blueprints, profiles), and perform periodic role/access attestations. Develop security implementation plans from operational needs and act as SME/escalation for complex access scenarios. Evaluate new Epic features/settings and identity/MFA/SSO implications for security impact and alignment. Apply in‑depth evaluation to determine methods and procedures on new assignments (e.g., novel access models, cross‑module role harmonization). Security Configuration, Testing & Implementation Lead the build/configuration of Epic security components, including login behavior and working‑environment settings. Plan and execute functional, integration, and regression testing for security changes, Updates/Special Updates, and new module implementations. Lead change/security readiness for go lives and upgrades (including multi module implementations), coordinating cutover tasks and validating access controls through the change control process. Follow Epic/vendor best practices and maintain certifications aligned to Epic Honor Roll requirements. Documentation, Compliance & Process Controls Create and maintain process documentation, build guides, runbooks, and technical configuration records for internal use and cross‑team handoffs. Ensure evidence of authorization is captured and archived; enforce policies to ensure only authorized access (Minimum Necessary). Perform audits and risk assessments (internal/external); drive audit remediation and sustain controls (including dormant account reviews and access cleanup). Maintain and test business continuity processes for access/security; standardize provisioning/deprovisioning work Operations Support, Incident Response & Mentoring Troubleshoot security/workflow issues; serve as escalation point; collaborate with IS, Information Security/Identity, and Epic for proactive support. Monitor security/access performance metrics, remediate issues, and respond after‑hours/emergencies as needed. Train and mentor junior analysts/operational staff; promote consistent application of security practices. Communication, Collaboration & Reporting Regularly partners with Information Security/Identity, project teams, operational leaders, and clinical/business IT; drives security testing/controls across modules; and provides cross‑team influence and guidance. Communicate security designs, changes, and impacts clearly to technical and non‑technical stakeholders. Produce Reporting Workbench and ad‑hoc reports to support access reviews, incident analysis, and security KPIs/dashboards. Continuously improve provisioning, RBAC, auditing, and reporting workflows; complete daily standard work and communications to maintain secure operations. Collaborate across clinical, business, and IT teams to ensure alignment and consistent application of security practices. Qualifications Bachelor's Degree preferred 4 years of direct Epic security experience with progressive experience is required Minimum of 5 years of experience in information technology required Excellent analytical, troubleshooting, and problem-solving skills Key competencies: Ability to analyze data and information with a detailed understanding of regulatory requirements that impact the healthcare industry, as well as security frameworks and methodologies. Meticulous attention to detail Good problem-solving skills Ability to work comfortably under pressure and deliver on tight deadlines Ability to maintain the highest standards of confidentiality, integrity, and personal accountability when working with sensitive and restricted data, including protected health information (PHI) Knowledge of Epic User Security, Schedulable Epic Resource settings, and other Epic functionality as needed Ability to practice a high level of integrity and honesty in maintaining confidentiality Working knowledge of: Demonstrated success using Epic, other electronic health record management. Demonstrated proficiency using analytical tools and skills. Demonstrated success with the development of workflows and documentation related to Epic Security. SSL/TLS/Certificates Network protocols and functionality including TCP/IP, Active Directory, Domain Name Services, FTP/SCP, and HTTP/S License/Certification/Registration Requirements Current Epic Security certification is required One or more Third Party Certifications are preferred: CISA, CISM, CISSP
Ages of Patients Served - N/A Salary Range:
$73.68 - $110.52 USD Hour The Physical Requirements and Working Conditions of this job are available. El Camino Health will provide reasonable accommodations to qualified individuals with a disability if that will allow them to perform the essential functions of a job unless doing so creates an undue hardship for the hospital, or causes a direct threat to these individuals or others in the workplace which cannot be eliminated by reasonable accommodation. Sedentary Work - Duties performed mostly while sitting; walking and standing at times. Occasionally lift or carry up to 10 lbs. Uses hands and fingers. - (Physical Requirements-United States of America) An Equal Opportunity Employer:
El Camino Health seeks and values a diverse workforce. The organization is an equal opportunity employer and makes employment decisions on the basis of qualifications and competencies. El Camino Health prohibits discrimination in employment based on race, ancestry, national origin, color, sex, sexual orientation, gender identity, religion, disability, marital status, age, medical condition or any other status protected by law. In addition to state and federal law, El Camino Health also follows all applicable fair and equitable employment policies from the County of Santa Clara. At El Camino Health, our nationally recognized doctors and care teams are committed to providing you with high-quality, excellent care. We aim to deliver a healthcare experience that is designed around your individual needs. When you choose El Camino Health for your care, you can count on: Distinguished hospitals. Our fully accredited hospitals, Los Gatos, and Mountain View, have received numerous awards and honors for high-quality healthcare. Exceptional talent. Our reputation attracts high-caliber doctors who are approachable and friendly, a nursing culture exceptional for its highly personalized patient and family care, and leadership with a deeply personal commitment. Innovative approaches to care. We seek new treatments and techniques, and contribute to the medical community through clinical trials. Our urgent care sites powered by Carbon Health enable easy, immediate scheduling and follow up through the Carbon Health app. A focus on health. Our regional Men's Health Program offers a team approach to care and has a variety of specialists who are focused on men's health issues, including heart and vascular, urology, sleep disorders, sexual dysfunction and healthy weight. We created the South Asian Heart Center and the Chinese Health Initiative to address unique health disparities in our patient population. A healing environment. Our spaces were specially designed for tranquility and comfort.
