Discover Vanderbilt University Medical Center: Located in Nashville, Tennessee, and operating at a global crossroads of teaching, discovery, and patient care, VUMC is a community of individuals who come to work each day with the simple aim of changing the world. It is a place where your expertise will be valued, your knowledge expanded, and your abilities challenged. Vanderbilt Health is committed to an environment where everyone has the chance to thrive and where your uniqueness is sought and celebrated. It is a place where employees know they are part of something that is bigger than themselves, take exceptional pride in their work and never settle for what was good enough yesterday. Vanderbilt’s mission is to advance health and wellness through preeminent programs in patient care, education, and research. Organization: HealthIT Ambulatory Core Job Summary: This Senior Application Analyst analyst will support traditional Epic Printer Service (EPS) mappings as well as Virtual Local Printer (VLP) mappings and be positioned to help build future roll outs of VLP. This analyst will play a vital role in translating technical details from the End User Devices team into maps in Epic. Additionally, this role will be responsible for providing technical expertise to build Order Transmittal Rules in Epic specific to the Clarksville Clinics. This role will help optimize Epic build for the clinics include build of navigators, note templates, flowsheet documentation, and other tools as required by the Clarksville clinics. This role will support ongoing lab build needs, including build for integrating lab results into the clinical workflows. The role will support the Enterprise Clinical Systems team overall with maintenance and enhancements, support upgrades, participate in on call. . KEY RESPONSIBILITIES • Designs, builds, installs, configures, and/or develops software to support clinical, administrative, financial and operational workflows. • Analyzes clinical, administrative, financial or operational workflows supported by the assigned products and their relationship to the technical environment in which they operate. • May perform analysis and design of supporting technical infrastructures. • Supports clinical, administrative, financial, revenue, or operational implementations for assigned products which may also include testing and QA, reporting, product life cycle, communication/collaboration with customers and vendors, and training users. • Assists with onboarding and training as needed. • The responsibilities listed are a general overview of the position and additional duties may be assigned. REQUIREMENTS • Epic Ambulatory certification is required. • Bachelor’s degree is required. TECHNICAL CAPABILITIES • Business Knowledge (Intermediate): Demonstrates the ability to apply multiple areas of business knowledge to successfully meet broad work objectives. Knowledgeable of the major business units of the company which relate to work responsibilities. Understands and monitors appropriate key business indicators as well as the competition. Able to communicate with users and customers regarding various business functions in an easily understood manner. Able to interpret and draw conclusions from business data. Demonstrates an understanding of overall business perspectives. • Problem Management (Intermediate): Demonstrates mastery of Incident Tracking and Problem Reporting in practical applications of a difficult nature. Assures that the proper people receive problem reports as soon as detected. Possesses sufficient knowledge, training, and experience to be capable of successfully delivering Incident Tracking and Problem Reporting products and services without requiring support and instruction from others. Able to train and educate by setting the example, giving technical instruction, providing leadership, and generally raising the level of performance of others while on the job. • Product Knowledge (Intermediate): Possesses sufficient knowledge, training, and experience to be capable of successfully developing or supporting applications for the product without requiring support and instruction from others. Able to educate and train others regarding the process. • Testing (Intermediate): Possesses a high level of skill to develop new and execute pre-designed program test data, load testing, and ensures validity of data passed among programs. Able to use automated testing aids to help debug programs. Creates and maintains appropriate test documentation for regulatory requirements. • Technical Analysis (Intermediate): Possesses high level of knowledge of the functionality of assigned products and the systems with which they interface. Proactively identifies, analyzes, and develops solutions to complex clinical, administrative, financial, operational, and technical issues. Possesses sufficient knowledge, training, and experience to be capable to successfully design build, configure, install, run reports, and perform maintenance support with minimal instruction or guidance from others. Participates in optimization efforts. May lead projects and delegate tasks. • Configuration Management and Planning (Intermediate): Demonstrates a conceptual and business understanding of configuration management, planning and related topics. Able to quickly and accurately discuss the impact of new technology, platforms, and design criteria. Understands and monitors key business indicators as they may apply to enhancements of the system. Able to communicate with users and customers regarding configuration for business functions in an easily understandable manner. Participates or develops multi-faceted configuration plans. About the Department: Health IT HealthIT provides the best health information technology tools that support Vanderbilt University Medical Center’s mission of: - Delivering distinctively personalized care - Improving the health care of individuals and communities regionally, nationally and internationally - Providing transformative learning programs - Supporting compelling discoveries Our tools, which form the digital arteries of VUMC, are either developed in-house by our innovative product teams or selected from the most cutting-edge solutions available in today’s ever-changing marketplace. Our 500 colleagues provide ongoing support over each product’s entire lifespan, ensuring that the tools are meeting the evolving needs of the Medical Center’s 24,000 colleagues. Our solutions are driven by the incredible work and research of our colleagues throughout Vanderbilt and supported through a close partnership with VUMC Information Technology (VUMC IT). The strong collaboration among our teams means that VUMC can respond to clinical and operational issues with agility and innovation. Together, we ensure VUMC remains a leader in its pioneering use of healthcare information technology. Underscoring our entire department are our core values of accountability, transparency and execution, delivered with a strong Partner Promise. Position Shift: Days Our professional administrative functions include critical supporting roles in information technology and informatics, finance, administration, legal and community affairs, human resources, communications and marketing, development, facilities, and many more. At our growing health system, we support each other and encourage excellence among all who are part of our workforce. High-achieving employees stay at Vanderbilt Health for professional growth, appreciation of benefits, and a sense of community and purpose. Core Accountabilities: Organizational Impact: Independently delivers on objectives with understanding of how they impact the results of own area/team and other related teams. Problem Solving/ Complexity of work: Utilizes multiple sources of data to analyze and resolve complex problems; may take a new perspective on existing solution. Breadth of Knowledge: Has advanced knowledge within a professional area and basic knowledge across related areas. Team Interaction: Acts as a "go-to" resource for colleagues with less experience; may lead small project teams. Core Capabilities : Supporting Colleagues: - Develops Self and Others: Invests time, energy, and enthusiasm in developing self/others to help improve performance e and gain knowledge in new areas. - Builds and Maintains Relationships: Maintains regular contact with key colleagues and stakeholders using formal and informal opportunities to expand and strengthen relationships. - Communicates Effectively: Recognizes group interactions and modifies one's own communication style to suit different situations and audiences. Delivering Excellent Services: - Serves Others with Compassion: Seeks to understand current and future needs of relevant stakeholders and customizes services to better address them. - Solves Complex Problems: Approaches problems from different angles; Identifies new possibilities to interpret opportunities and develop concrete solutions. - Offers Meaningful Advice and Support: Provides ongoing support and coaching in a constructive manner to increase employees' effectiveness. Ensuring High Quality: - Performs Excellent Work: Engages regularly in formal and informal dialogue about quality; directly addresses quality issues promptly. - Ensures Continuous Improvement: Applies various learning experiences by looking beyond symptoms to uncover underlying causes of problems and identifies ways to resolve them. - Fulfills Safety and Regulatory Requirements: Understands all aspects of providing a safe environment and performs routine safety checks to prevent safety hazards from occurring. Managing Resources Effectively: - Demonstrates Accountability: Demonstrates a sense of ownership, focusing on and driving critical issues to closure. - Stewards Organizational Resources: Applies understanding of the departmental work to effectively manage resources for a department/area. - Makes Data Driven Decisions: Demonstrates strong understanding of the information or data to identify and elevate opportunities. Fostering Innovation: - Generates New Ideas: Proactively identifies new ideas/opportunities from multiple sources or methods to improve processes beyond conventional approaches. - Applies Technology: Demonstrates an enthusiasm for learning new technologies, tools, and procedures to address short-term challenges. - Adapts to Change: Views difficult situations and/or problems as opportunities for improvement; actively embraces change instead of emphasizing negative elements. Position Qualifications: Responsibilities: Certifications: Work Experience: Relevant Work Experience Experience Level: 5 years Education: Bachelor's (Required) Vanderbilt Health is committed to fostering an environment where everyone has the chance to thrive and is committed to the principles of equal opportunity. EOE/Vets/Disabled.

• Embed security into the SDLC • Integrate security activities across all SDLC phases: requirements, design, implementation, testing, deployment, and maintenance. • Partner closely with engineering teams to ensure secure development practices are applied consistently. • Review security controls for new features, services, and architectural changes. • Run threat modeling sessions (e.g. STRIDE) for new and existing systems. • Identify threats, attack paths, misconfigurations, and insecure design patterns. • Collaborate with engineers to ensure systems follow secure-by-design principles. • Perform security-focused code reviews to identify vulnerabilities and risky implementations. • Provide clear, actionable guidance on secure coding patterns and best practices. • Assess application and system architectures from a security perspective. • Perform manual and automated web application security testing (e.g. injection flaws, auth issues, access control gaps, insecure configs, logic flaws). • Operate, tune, and improve AppSec tooling (SAST, DAST, SCA, secrets scanning, dependency scanning). • Integrate and automate security checks within CI/CD pipelines. • Identify gaps in tooling and recommend or introduce improvements. • Support engineering teams during application security incidents or vulnerability disclosures. • Contribute to triage, impact assessment, and root cause analysis. • Ensure lessons learned are fed back into design, tooling, and processes. • Enable engineers through training, documentation, and hands-on guidance. • Create and maintain secure coding guidelines, checklists, and internal resources. • Act as a trusted security partner, not a blocker.

• Embed security into the SDLC. • Integrate security activities across all SDLC phases: requirements, design, implementation, testing, deployment, and maintenance. • Partner closely with engineering teams to ensure secure development practices are applied consistently. • Review security controls for new features, services, and architectural changes. • Run threat modeling sessions (e.g. STRIDE) for new and existing systems. • Identify threats, attack paths, misconfigurations, and insecure design patterns. • Collaborate with engineers to ensure systems follow secure-by-design principles. • Perform security-focused code reviews to identify vulnerabilities and risky implementations. • Provide clear, actionable guidance on secure coding patterns and best practices. • Assess application and system architectures from a security perspective. • Perform manual and automated web application security testing (e.g. injection flaws, auth issues, access control gaps, insecure configs, logic flaws). • Operate, tune, and improve AppSec tooling (SAST, DAST, SCA, secrets scanning, dependency scanning). • Integrate and automate security checks within CI/CD pipelines. • Identify gaps in tooling and recommend or introduce improvements. • Support engineering teams during application security incidents or vulnerability disclosures. • Contribute to triage, impact assessment, and root cause analysis. • Ensure lessons learned are fed back into design, tooling, and processes. • Enable engineers through training, documentation, and hands-on guidance. • Create and maintain secure coding guidelines, checklists, and internal resources. • Act as a trusted security partner, not a blocker.

• Embed security into the SDLC. • Integrate security activities across all SDLC phases: requirements, design, implementation, testing, deployment, and maintenance. • Partner closely with engineering teams to ensure secure development practices are applied consistently. • Review security controls for new features, services, and architectural changes. • Run threat modeling sessions (e.g. STRIDE) for new and existing systems. • Identify threats, attack paths, misconfigurations, and insecure design patterns. • Collaborate with engineers to ensure systems follow secure-by-design principles. • Perform security-focused code reviews to identify vulnerabilities and risky implementations. • Provide clear, actionable guidance on secure coding patterns and best practices. • Assess application and system architectures from a security perspective. • Perform manual and automated web application security testing (e.g. injection flaws, auth issues, access control gaps, insecure configs, logic flaws). • Operate, tune, and improve AppSec tooling (SAST, DAST, SCA, secrets scanning, dependency scanning). • Integrate and automate security checks within CI/CD pipelines. • Identify gaps in tooling and recommend or introduce improvements. • Support engineering teams during application security incidents or vulnerability disclosures. • Contribute to triage, impact assessment, and root cause analysis. • Ensure lessons learned are fed back into design, tooling, and processes. • Enable engineers through training, documentation, and hands-on guidance. • Create and maintain secure coding guidelines, checklists, and internal resources. • Act as a trusted security partner, not a blocker.