Penn Medicine is dedicated to our tripartite mission of providing the highest level of care to patients, conducting innovative research, and educating future leaders in the field of medicine. Working for this leading academic medical center means collaboration with top clinical, technical and business professionals across all disciplines. Today at Penn Medicine, someone will make a breakthrough. Someone will heal a heart, deliver hopeful news, and give comfort and reassurance. Our employees shape our future each day. Are you living your life's work? Entity: Corporate Service Department: IS-Cybersecurity Location: Hybrid, 3535 Market Street Hours: M-F, 8:30am-5:00pm (The role involves on-site presence for the first 6 months with the possibility of remote work after the introductory period is complete)The Cybersecurity Epic IAM Architect is responsible for designing, implementing, and managing the Identity and Access Management (IAM) security architecture for our Epic electronic health record (EHR) system. This role is critical in ensuring that all patient data and system access points are secure, compliant with healthcare regulations, and optimized for efficient operations. The Architect will collaborate closely with IT leadership, clinical staff, and compliance teams to develop security strategies that protect sensitive information while supporting seamless access for authorized users. The Architect will be responsible for overseeing the integration of IAM solutions within the Epic environment, identifying potential security risks, and implementing best practices to mitigate these risks. Additionally, the Architect will be responsible for continuously monitoring and updating the security protocols to adapt to new threats and regulatory changes, working with the team to establish Epic roles, templates/sub-templates/security classes, ensuring the highest standards of data protection and system integrity are maintained. This is a key position that requires a deep understanding of both Epic systems and IAM security frameworks within the healthcare industry. Accountabilities
- Design and Implementation: Lead the design, implementation, and management of the Identity and Access Management (IAM) architecture within the Epic EHR system, ensuring alignment with hospital security policies and industry best practices.
- Security Compliance: Ensure that IAM processes and configurations meet all relevant healthcare regulatory requirements (e.g., HIPAA, HITECH) and support internal audits by providing necessary documentation and expertise.
- Role Creation and Management: Develop and manage role-based access controls (RBAC) within Epic, designing roles that accurately reflect the responsibilities of hospital staff and ensuring that access permissions are appropriately assigned.
- Role Optimization: Continuously evaluate and optimize role structures to ensure they are efficient, scalable, and aligned with the evolving needs of the hospital's departments and staff.
- Risk Management: Identify, assess, and mitigate security risks associated with user access to Epic systems, implementing proactive measures to prevent unauthorized access or data breaches.
- Collaboration and Support: Work closely with IT leadership, clinical teams, and compliance officers to understand access needs and develop solutions that balance security with usability for authorized users.
- System Integration: Oversee the integration of IAM tools and technologies with Epic and other hospital systems, ensuring seamless and secure user access across the network.
- Monitoring and Reporting: Continuously monitor IAM security protocols, generate reports on access patterns, and adjust configurations as needed to address emerging threats or vulnerabilities.
- Performs duties in accordance with Penn Medicine and entity values, policies, and procedures
- Other duties as assigned to support the unit, department, entity, and health system organization
Minimum Requirements Required Education and Experience - Bachelor's Degree in Computer Science, Business Administration, Engineering, or Process Improvement is required.
- 5+ years Healthcare IT experience is required.
- IAM cybersecurity experience is preferred.
- Management/leadership experience is preferred.
- Help Desk or IS customer support experience is preferred.
- Experience with server class systems, including Windows Server, Active Directory, AD group security, group policy objects, provisioning enterprise mailboxes is preferred.
- Providing daily operational support including break/fix work, customer service, review and evaluate system performance including testing of possible system upgrade is preferred.
- Experience working on a Build team for an Epic System Installation is preferred.
Licenses, Registrations, and Certifications - CISSP/CISM (Or Masters) is preferred.
- Epic Security Certification is preferred.
- Epic Data Courier Certification is preferred.
- Any Epic application Certification is preferred.
Required Skills and Abilities - Understanding of Epic IAM security architecture and configuration
- Proven ability to design, implement, and optimize role-based access controls in EHR
- Strong knowledge of healthcare regulations such as HIPAA and HITECH, and their application in IAM security
- Ability to identify, assess, and mitigate security risks in a healthcare environment
- Experience in managing complex IT security projects, particularly in a healthcare setting
- Experience integrating IAM solutions with Epic and other hospital systems
- Strong analytical skills to troubleshoot and resolve complex access issues
- Excellent verbal and written communication skills, with the ability to work effectively with diverse teams across the hospital
- Ability to stay updated with the latest trends in IAM security and healthcare regulations, and adapt practices accordingly
- Experience with provisioning automation tools such as SailPoint, Saviynt, and Imprivata
Be a part of the exciting and ground-breaking upcoming years for the Penn Medicine Information Services department! Because growth is essential to continuing to meet the current and future needs of patients, Penn Medicine continues to expand its capabilities. Penn Medicine's Information Services (IS) Department focuses its efforts on the clinical and financial systems that support the day-to-day operations of four hospitals, several satellite practices, and more than 2,000 physicians. Learn more about Information Services We believe that the best care for our patients starts with the best care for our employees. Our employee benefits programs help our employees get healthy and stay healthy. We offer a comprehensive compensation and benefits program that includes one of the finest prepaid tuition assistance programs in the region. Penn Medicine employees are actively engaged and committed to our mission. Together we will continue to make medical advances that help people live longer, healthier lives. Live Your Life's Work We are an Equal Opportunity and Affirmative Action employer. Candidates are considered for employment without regard to race, ethnicity, color, sex, sexual orientation, gender identity, religion, national origin, ancestry, age, disability, marital status, familial status, genetic information, domestic or sexual violence victim status, citizenship status, military status, status as a protected veteran or any other status protected by applicable law.