Process and fulfill Epic user access requests, including account creation, modifications, deactivations, and role changes.
Assign and maintain security templates, user roles, and access levels based on job responsibilities, adhering to least privilege and segregation of duties principles.
Coordinate Epic security audits, access reviews, and monitor for inappropriate or excessive permissions.
Support onboarding and offboarding processes, ensuring timely updates to Epic access based on employment status, role changes, and facility requirements.
Ensure all access requests and configurations align with HIPAA, state IT security policies, and organizational standards.
Participate in internal and external audits, providing reports and documentation as required.
Identify and report security risks or access anomalies to the IT Security & Compliance Manager.
Serve as the primary point of contact for Epic access issues across 13 facilities, partnering with HR, Clinical Informatics, and department leadership.
Respond to incidents and service requests related to Epic user access in ServiceNow, escalating complex issues as needed.
Support Epic go-lives, upgrades, and maintenance events by ensuring accurate and timely access provisioning.
Maintain accurate records of all Epic access requests, approvals, and changes to support audit readiness.
Generate reports on user access, role utilization, and permissions for compliance, operational reviews, and process improvements.
Develop and maintain documentation, including standard operating procedures (SOPs), training materials, and knowledge base articles for Epic security processes.
| Skill | Required /Desired | Amount | of Experience |
|---|---|---|---|
| Certified by Epic in Security and Security Coordinator | Required | 3 | Years |
| Understands the Epic software security structures, including user profiles, roles, and security classes. | Required | 3 | Years |
| Understanding of concepts of confidentiality and data security | Required | 5 | Years |
| Security administration experience | Required | 5 | Years |
| Problem Solving, Collaboration and Customer Service | Required | 5 | Years |
| Oral and Written communications | Required | 5 | Years |
| Ability to identify and escalate issues and mitigate identified risks. | Required | 5 | Years |
| Health information technology experience | Highly desired | 0 | |
| State government experience | Nice to have | 0 |
| No. | Question |
|---|---|
| Question1 | Absences greater than two weeks MUST be approved by CAI management in advance, and contact information must be provided to CAI so that the resource can be reached during his or her absence. The Client has the right to dismiss the resource if he or she does not return to work by the agreed upon date. Do you accept this requirement? |
| Question2 | Hybrid Arrangement- There will be a one-week orientation session in September, and likely 1 week per month during the project, with being onsite for about 2-4 weeks for go live prep and go live support. About 6 times during the project on average but could be less. |
| Question3 | Candidate must be able to attend an interview via webcam Do you accept this requirement? |
| Question4 | Please list candidate’s email address. |
| Question5 | Please indicate how soon this candidate is available to start work. Vendors are encouraged to submit candidates that are available for the duration of the assignment. |
| Question6 | Vendor must disclose to the agency if the candidate will be subcontracted at the time of submission. Do you accept this requirement? |
| Question7 | Vendor must notify the agency if any portion of the requirements listed in this task order are to be outsourced to other countries. Do you accept this requirement? |
| Question8 | Candidates submitted above the rate of - will not be considered. Do you accept this requirement? |
| Question9 | Payment for all approved hours will be paid at the straight hourly rate regardless of the total hours worked by the engaged resource. It is the responsibility of the supplier to adhere to any applicable compensation laws including payment for overtime hours. Do you accept this requirement? |
| Question10 | Please confirm you have thoroughly validated, and attest to the accuracy of, the credentials listed throughout this candidate’s VectorVMS profile and resume pursuant to Section 5.2.5 of ITS-009440. Do you confirm? |
| Question11 | Please confirm the candidate holds a valid, active, and current Epic User Security Certification from Epic. Please disclose Epic certification number here. |