POSITION SUMMARY:

The Applications Security Analyst professional will participate in the day-to-day execution and continuous improvement of Epic application access provisioning and deprovisioning in a high-volume hospital environment.

This role will also be an application-side partner in our IAM/IGA automation program—helping define the Epic roles/entitlements, approvals, and access review structures that enable scalable automation for joiners/movers/leavers.

Position: Epic Security Analyst II

Department: Information Security

Schedule: Full Time

ESSENTIAL RESPONSIBILITIES / DUTIES:

ServiceNow Driven Epic Access Operations

• Own and execute work in a ServiceNow queue, consistently handling consistent high-volume tickets for joiner/mover/leaver access changes, troubleshooting, and triage.
• Prioritize and route requests using impact, urgency, patient-care considerations, risk, and defined SLAs; escalate complex/high-risk issues appropriately.
• Troubleshoot access end-to-end (request intent, user attributes, role mapping, provisioning outcomes, in-application authorization) and document decisions/outcomes clearly for auditability.

Epic Application Access & Security Leadership

• Serve as an escalation point for assigned Epic access design/build and access issues; ensure access is scalable, supportable, and aligned to policy.
• Collaborate to assist in development and maintenance standardized access patterns with Attribute Based Access Control (ABAC)/templates, privileged/elevated access controls) aligned to least privilege.
• Partner with Epic application teams, operational leaders, and source data stewards to translate workflows into durable access models and reduce one-off exceptions.

Access Governance, Audit Readiness, and Risk Controls

• Assist in maintaining an Epic access catalog (roles/entitlements, risk tiers, prerequisites, approval paths) and keep it current as workflows evolve.
• Support access reviews/attestations for high-risk roles and privileged access; drive remediation of findings and control gaps.
• Support investigations related to inappropriate access/privacy concerns and contribute to corrective action plans.

This Role Will

• Sit inside Cybersecurity under the CISO organization with meaningful influence on enterprise access strategy.
• Help shape the application authorization layer that makes IGA automation successful (Epic first; potential for broader application portfolio later).
• Have real scale: high operational volume, high-impact clinical workflows, and a multi-year IAM/IGA automation program modernizing access lifecycle controls.

JOB REQUIREMENTS

• Associate’s degree (accredited institution).
• Epic certification(s), Security strongly preferred.
• 2+ years of experience in Epic security/access, application access governance, or closely related healthcare IT security operations with substantial Epic access responsibility.
• Epic import/export, Microsoft Excel skills and experience.
• Proven ability to thrive in a high-volume ticket environment while maintaining quality, consistency, and audit-ready documentation.
• Strong cross-functional collaboration skills and clear written communication.

Preferred

• Bachelor’s degree; majors in Computer Science, Information Systems, Cybersecurity, Healthcare Informatics, or related fields are preferred.
• Additional Epic certifications.
• Data Governance knowledge and experience.
• Experience implementing or partnering with IAM/IGA platforms (Okta LCM or SailPoint ISC/IIQ preferred; similar tools acceptable).
• Experience with access reviews/attestations, segregation-of-duties concepts, and audit support in healthcare.

Compensation Range:

This range offers an estimate based on the minimum job qualifications. However, our approach to determining base pay is comprehensive, and a broad range of factors is considered when making an offer. This includes education, experience, skills, and certifications/licensures as they directly relate to position requirements; as well as business/organizational needs, internal equity, and market-competitiveness. In addition, BMCHS offers generous total compensation that includes, but is not limited to, benefits (medical, dental, vision, pharmacy), discretionary annual bonuses and merit increases, Flexible Spending Accounts, 403(b) savings matches, paid time off, career advancement opportunities, and resources to support employee and family well-being.

NOTE: This range is based on Boston-area data, and is subject to modification based on geographic location.