The Senior Application Security Analyst professional will lead the day-to-day execution and continuous improvement of Epic application access in a high-volume hospital environment. This role blends operational excellence (hundreds of access tickets weekly) with senior-level ownership of access models, governance, and audit readiness.
This role will also be a key application-side partner in our IAM/IGA automation program—helping define the Epic roles/entitlements, approvals, and access review structures that enable scalable onboarding and offboarding automation. Over the next 12–24 months, this team’s scope is expected to broaden from Epic-focused access to enterprise application access governance across the organization.
Position: Applications Security Analyst (Epic) III / Senior
Department: Information Security
Schedule: Full Time
Own and execute work in a high-volume ServiceNow queue , consistently handling hundreds of tickets per week for joiner/mover/leaver access changes, troubleshooting, and triage.
Prioritize and route requests using impact, urgency, patient-care considerations, risk, and defined SLAs; escalate complex/high-risk issues appropriately.
Troubleshoot access end-to-end (request intent, user attributes, role mapping, provisioning outcomes, in-application authorization) and document decisions/outcomes clearly for auditability.
Serve as the senior escalation point for Epic access design/build and complex access issues; ensure access is scalable, supportable, and aligned to policy.
Develop and maintain standardized access patterns Attribute Based Access Control (ABAC)/templates, privileged/elevated access controls) aligned to least privilege.
Partner with Epic application teams and operational leaders to translate workflows into durable access models and reduce one-off exceptions.
Maintain an Epic access catalog (roles/entitlements, risk tiers, prerequisites, approval paths) and keep it current as workflows evolve.
Support access reviews/attestations for high-risk roles and privileged access; drive remediation of findings and control gaps.
Support investigations related to inappropriate access/privacy concerns and contribute to corrective action plans.
Partner with IAM/IGA stakeholders during SailPoint implementation to ensure Epic is “automation-ready” (clean entitlements, requestable roles, approvals, constraints, and edge-case handling).
Help align access with authoritative source systems (HR, operations, credentialing, etc.) by defining needed attributes and lifecycle scenarios (joiner/mover/leaver, LOA, contractors, students).
Support testing/UAT and rollout readiness by validating that automated provisioning yields correct in-application authorization and usable audit trails.
Mentor and quality-review work performed by Level II analysts; establish standard work, runbooks, knowledge articles, and queue hygiene practices.
Track and improve key operational metrics (turnaround time, rework/defect rate, exception volume, access quality) and drive measurable process improvement.
Associates degree OR equivalent education or experience
Epic certification(s) , Security strongly preferred.
5+ years of experience in Epic security/access , application access governance, or closely related healthcare IT security operations with substantial Epic access responsibility.
Strong Epic import/export , Microsoft Excel skills and experience.
Demonstrated expertise in Attribute Based Access Control ( ABAC)/least privilege , access standardization, and governing elevated access in a complex clinical/operational environment.
Proven ability to thrive in a high-volume ticket environment while maintaining quality, consistency, and audit-ready documentation.
Strong cross-functional collaboration skills (Epic teams, operations, HR, IAM/IGA, IT) and clear written communication.
Bachelor’s degree ; majors in Computer Science, Information Systems, Cybersecurity, Healthcare Informatics, or related fields are preferred .
Additional Epic certifications.
Strong Data Governance knowledge and experience.
Experience implementing or partnering with IAM/IGA platforms (Okta LCM or SailPoint ISC/IIQ preferred; similar tools acceptable).
Experience with access reviews/attestations, segregation-of-duties concepts, and audit support in healthcare.
Microsoft Access database experience.
Sit inside Cybersecurity under the CISO organization with meaningful influence on enterprise access strategy.
Help shape the application authorization layer that makes IGA automation successful (Epic first; broader application portfolio next).
Have real scale: high operational volume, high-impact clinical workflows, and a multi-year IAM/IGA automation program modernizing access lifecycle controls.
Compensation Range:
$83,000.00- $120,500.00This range offers an estimate based on the minimum job qualifications. However, our approach to determining base pay is comprehensive, and a broad range of factors is considered when making an offer. This includes education, experience, skills, and certifications/licensures as they directly relate to position requirements; as well as business/organizational needs, internal equity, and market-competitiveness. In addition, BMCHS offers generous total compensation that includes, but is not limited to, benefits (medical, dental, vision, pharmacy), discretionary annual bonuses and merit increases, Flexible Spending Accounts, 403(b) savings matches, paid time off, career advancement opportunities, and resources to support employee and family well-being.
NOTE : This range is based on Boston-area data, and is subject to modification based on geographic location.
Equal Opportunity Employer/Disabled/Veterans
According to the FTC, there has been a rise in employment offer scams. Our current job openings are listed on our website and applications are received only through our website. We do not ask or require downloads of any applications, or “apps” job offers are not extended over text messages or social media platforms. We do not ask individuals to purchase equipment for or prior to employment.
...Job Details: Senior Accountant Role: As a Senior Accountant you'll be entering a rotational operational finance program that includes 6+ month rotations within Corporate Accounting, Finance, Strategy, Financial Reporting, and/or Tax. This is an MBA or master...
The primary purpose of the Senior Research Assistant position is to provide supervision, special training to technical personnel and/or highly... ...for employees working 30+ hours/week, plus optional group dental, vision, life, AD&D, and disability insurance. * Accruals for...
...and time management skills. ~ Excellent written and verbal communication. ~ Proficiency with MS Office, MS Teams, Jira, Smartsheet, and MS Project. Preferred Skills Experience in financial services or enterprise environments. Knowledge of Agile...
&##128293; Order Selector / Forklift Operator &##128205; Rancho Cordova, CA &##128176; $20 per hour Full-Time | Warehouse Environment Are you a seasoned warehouse professional who thrives in a fast-paced, hands-on environment? Do you take pride in accuracy...
...the organization. Direct interaction with CEOs and CFOs of other Finance organizations across the Enterprise occurs on a routine basis.... ...savings is key to the role. This role can be hybrid or remote. If you are within 50 miles of an office you will be hybrid onsite...