Electronic Health Record Analyst III - Security Location: CA - South San Francisco or San Mateo, USA Job Description: Salary $146,120.00 - $182,582.40 Annually Location County of San Mateo, CA Job Type Regular Job Number V402E Department Health IT Description San Mateo County Health is seeking highly-qualified individuals for the position of Electronic Health Record Analyst III - Security to, under minimal supervision, provide direct application support and user training for Health’s electronic health record (EHR) system; direct, install and maintain EHR applications and related security; support the design, development, implementation, testing, update, integration and maintenance of system configuration, and application tables; determine user, system and application needs and evaluate solutions to address needs; provide data analysis, report development, and technical assistance to system users; and perform related duties as required. There is currently one regular vacancy in the Health IT Division, located in South San Francisco or San Mateo, CA, and will require travel/driving throughout the county to perform job duties. This position is currently hybrid, with both on-site and remote work based on business need and subject to change. The ideal candidate will possess: - Epic certification in specified areas and work experience in Security and provider workflow within a hospital/clinic-based environment. - Advanced expertise working with electronic health records and access management. - Experience working in a healthcare setting, preferably government county health. - Experience providing lead direction and guidance in assigning, delegating, directing, training, and reviewing the work of staff. - Experience participating in the coordination of the workload of lower-level EHR Analysts. - Experience in lead roles in “user” meetings to prioritize, review, and respond to user requests and delegate tasks and activities. - Ability to assist in identifying time, resource management, requirement gathering, business need assessments, training needs i.e. Optimization, software updates, changes in regulatory requirements. - Experience as a liaison between system users and information technology staff, vendors, and service providers. - Experience spearheading projects requiring deeper workflow analysis with stakeholders across Health. - Demonstrated ability to troubleshoot and resolve complex issues involving the crossover of several legacy and EHR platforms. - Ability to work with key internal and external stakeholders to align technology solutions with business strategies. - Ability to provide product management, support, guidance, and troubleshooting through technology lifecycle management, including utilizing appropriate escalation steps. - Experience in implementation of new application systems. - Demonstrated exceptional customer service skills. - Experience in providing consultation services to customers/end-users, with ability to document business and technical problems, and identify requirements. - Ability to establish and maintain effective working relationships with those encountered on the job. - Excellent written and verbal communication skills with internal and external stakeholders to ensure that needs are met. - Self-starter with the ability to work independently and as a member of a team. - Excellent time management skills and ability to set priorities and adjust to meet deadlines. - Experience working in a diverse work environment including with staff who provide the care and services for patients/clients. - Adept at learning and applying newly acquired skills on the job. NOTE: The eligible list generated from this recruitment may be used to fill future extra-help, term, unclassified, and regular classified vacancies. Examples Of Duties The duties of the position may include, but are not limited to, the following: - Coordinate complex assignments involving multiple stakeholders, including software development life cycle, project planning, upgrade, build, optimization, identifying resource requirements, testing, and implementation. - Perform in-depth analysis of workflows, data collection, report details, and other technical issues in support of technical and business decision-making efforts associated with the EHR system. - Collaborate with stakeholders to improve overall EHR utilization. - Interact with vendors and other stakeholders to identify, prioritize, and recommend alternative solutions and risk mitigation strategies. - Assist in developing practices to improve configuration and documentation processes. - Monitor system performance, troubleshoot, and resolve application issues and system errors. - Participate in the evaluation of new application releases, test new applications and system upgrades. - Identify, analyze, and recommend improvements and enhancements to operational processes, system automation, and information flows to ensure greater integration of functions within the organization. - Design, develop, modify, and implement testing processes including scripts, recording test results, facilitating end-user testing, and maintaining test environments. - Facilitate and attend meetings with stakeholders to review end-user and tracking/trending issues, workflow problems, system capabilities, monitoring feedback, and potential system enhancement needs. - Respond to customer/user questions and concerns and recommend solutions as needed. - Create security classification templates to provide appropriate access while protecting patient health information. - Communicate with vendors regarding technical issues. - Coordinate and participate in the review, design, configuration, and testing of new releases, upgrades, release authorizations, and special updates; evaluate new functionality and manage master file changes for new features. - Configure, test, and evaluate new or changed clinical/business application functionality and workflows to meet enterprise requirements. - Investigate, design, develop, test, and implement reports and dashboards. - Develop and document internal procedures. - Provide information and support to facilitate instructional training; participate in developing and/or lead training programs, curriculum, and lessons, including preparing training materials. - Support systems, applications, processes, and customers, and respond to queries in a timely manner. - Provide support for application incidents reported through the help desk, including 24/7 on-call coverage, as required. - Perform related duties as assigned. Additional duties when designated as a Lead Worker: - Provide lead direction and guidance in assigning, delegating, directing, training, and reviewing the work of lower level EHR Analysts. - Participate in the coordination of the workload of lower level EHR Analysts. - Assume lead roles in user meetings to prioritize, review, and respond to user requests and delegate tasks, activities of lower level EHR Analysts. - Assist in identifying timelines, resources, requirement gathering, business need assessments, training needs, vendor and stakeholder engagement needs, milestone tracking, report needs and provide guidance for other analysts. - Serve as liaison between system users and information technology staff, vendors, and service providers for County-wide systems or applications. - Serve as the point person for the communication and coordination of vendor engagement and communication. Additional duties when designated as an Advanced Specialist: - Spearhead projects requiring deeper workflow analysis with stakeholders across Health. - Troubleshoot and resolve complex issues involving the crossover of several legacy and EHR platforms, and crossing over several specialties/service lines, e.g., vendors, stakeholder. - Work with business partners across the organization to align technology solutions with business strategies. - Provide product management, support, and guidance through the software development life cycle, including requirement gathering and analysis, design, implementation or coding, testing, deployment, and maintenance. This position will perform duties as either a lead worker or advanced specialist depending on the needs of the Health IT Division. Qualifications Education and Experience: Any combination of education and experience that would likely provide the required knowledge, skills and abilities is qualifying. A typical way to qualify is: - Three years of information technology support experience in a healthcare operation setting, including at least one year of Epic user support experience. License/Certification: - Epic Certification in Security or Data Courier; and a second Epic Certification in a second application that would be determined by Health IT management based on business needs, within six months from hire. Maintain Epic training credentials through Epic's Continuing Epic Education (CEE) program with additional training that must be completed to maintain certifications, proficiencies, and badges. Knowledge of: - Electronic health record systems, specifically Epic software applications. - Software development life cycle including requirement gathering and analysis, design, implementation or coding, testing, deployment, and maintenance. - Design, implementation, testing, updating, maintenance, evaluation, and analysis of system configuration, system setup, and application tables. - Clinical applications and regulatory standards, a wide range of application functionality, content, and associated workflows. - Basic supervisory principles and practices. - Customer service principles. - Policies, procedures, and business operations. - Principles and procedures in project management and project management methodologies. Skill/Ability to: - Train and mentor staff, including effective coaching and team building. - Translate and document complex clinical and/or business workflows. - Interact with and work collaboratively with multidisciplinary teams and process stakeholders. - Learn and retain knowledge of all assigned applications. - Configure, implement, maintain, and evaluate Epic applications and platform. - Troubleshoot application issues and system errors. - Multi-task complex work assignments. - Follow standards for naming and number conventions and security classifications. - Design, modify, and implement testing process. - Create security classification templates. - Communicate effectively, both orally and in writing. - Prioritize effectively and manage time efficiently. - Lead meetings and resolve conflicts. - Perform under pressure with tight deadlines. - Become cross-functional in one or more applications. - Motivate key process stakeholders. - Travel outside the County for training. Application/Examination Departmental Promotional Only. Only current County of San Mateo employees in San Mateo County Health with at least six months (1040 hours) of continuous service in a classified regular, probationary, or extra-help/limited term position prior to the final filing date may apply. The examination process will consist of an application screening (weight: pass/fail) based on the candidates' application and responses to the supplemental questions. Candidates who pass the application screening will be invited to a panel interview (weight: 100%). Depending on the number of applicants, an application appraisal of education and experience may be used in place of other examinations or further evaluation of work experience may be conducted to group applicants by level of qualification. All applicants who meet the minimum qualifications are not guaranteed advancement through any subsequent phase of the examination. All examinations will be given in San Mateo County, California and applicants must participate at their own expense. About the County San Mateo County is centrally located between San Francisco, San Jose, and the East Bay. With over 750,000 residents, San Mateo is one of the largest and most diverse counties in California and serves a multitude of culturally, ethnically, and linguistically diverse communities. The County of San Mateo, as an employer, is committed to advancing equity to ensure that all employees are welcomed in a safe and inclusive environment. The County seeks to hire, support, and retain employees who reflect our diverse community. We encourage applicants with diverse backgrounds and lived experiences to apply. Eighty percent of employees surveyed stated that they would recommend the County as a great place to work. The County of San Mateo is an equal opportunity employer. We seek to hire, support, and retain employees who reflect our diverse community.

• Investigate advanced and persistent attacks using data analysis and data science tools • Analyze customers' web traffic to detect unidentified threats and reduce false positives using Elasticsearch and BigQuery • Research, design, and continuously enhance detection mechanisms to stay ahead of evolving threats • Provide real-time technical support to global customers, delivering professional and timely incident responses • Produce clear, insightful incident reports • Collaborate cross-functionally with R&D and Research teams to optimize the company's detection and mitigation capabilities • Design, plan, and implement internal automation projects to improve team efficiency • Work in a shift-based schedule, including weekends

Role Description The Oracle Security Analyst position provides technical, functional support and security for Oracle Fusion Cloud and related applications. This is a remote-work position and will be based in the US in one of these states: Washington, Oregon, Texas or Arizona. - Manage Oracle access request tickets (Oracle Fusion ERP, HCM, SCM, CX, OAC, Customer Portal, etc.) to support Oracle access provisioning and deprovisioning. - Troubleshoot and resolve Oracle access (roles and data security) issues and requests. - Maintain Oracle service accounts password database. - Maintain Oracle role master and global process owner documents. - Support and maintain Oracle BI report folder permissions. - Support Oracle user access requirements for assigned projects (integrations, new module implementations, etc.). - Interact with users and business owners to understand and educate them regarding access requests and access issues. - Facilitate knowledge transfer and sharing within the Oracle security team. - Manage all consultant user access/account requests. - Support Oracle access related requirements as part of our environment refresh process. - Support Sox requirements and controls for Oracle access related functions and ensure no deficiencies during a Sox Audit related to access. Qualifications - A minimum of 5 years of experience in IT services or other application/ERP support, with at least three years of experience leading an IT service and support team for a global company. - Interaction with a global team is preferred. - Experience and proficiency with customizing Oracle Fusion roles. - Experience and proficiency with Oracle Fusion Security Console, Oracle IAM, Oracle IDCS. - Ability to lead geographically dispersed teams and team members. - Experience building and developing processes. - Excellent communication, written and verbal, and interpersonal skills. - Strong analytical skills. - Proven troubleshooting skills. - Experience streamlining, implementing, and globalizing policies and procedures. - Experience with Sox audits as it relates to application security. - Knowledge of Oracle Fusion ERP, SCM, CX, HCM modules/processes a plus. Education & Training - Bachelor’s degree in IT field or equivalent combination of education, training, and experience. Job Conditions/Physical Demands - Work from home office environment. - Ability to sit for prolonged period at desk, use computer keyboard; minimal exertion. Protective Devices Required - In designated areas. Hiring Salary Range - $85-$105K

Role Description Metro Vein Centers is hiring a Security Analyst to own and mature our information security program across a 70+ clinic, cloud-first healthcare environment. This is a newly created role that reflects our commitment to proactive security, HIPAA compliance, and a zero trust approach to identity and access management. You will be responsible for day-to-day security operations, including: - Alert monitoring - Access reviews - Endpoint security - Email security - MDM policy enforcement - MFA administration - Phishing simulation programs What You'll Do - Monitor security alerts and events across the environment; investigate, triage, and respond to incidents in a timely manner - Administer and maintain Google Workspace security controls, including DLP policies, Gmail security settings, Drive sharing policies, and audit log review - Manage endpoint detection and response operations - Oversee device compliance policies, conditional access rules, and endpoint security baselines - Administer and enforce MFA policies and password complexity standards across all user populations - Conduct quarterly role-based access audits across critical systems including Athena, Luma, Google Workspace, and BigQuery - Own and maintain least-privilege access model across enterprise applications and identity platforms - Manage email security controls including phishing protection, spam filtering, and DMARC/DKIM configuration - Design and execute phishing simulation campaigns; deliver user security awareness training - Support HIPAA security compliance, including contributing to risk assessments, policy updates, and audit readiness - Assist with identity and access management (IAM) administration, including SSO, Google Identity - Collaborate with the network team on ZTNA policy enforcement and Zscaler security configurations - Contribute to incident response plans, disaster recovery documentation, and security runbooks - Track and report on key security KPIs including MFA adoption, device compliance rates, open vulnerabilities, and audit findings - Other related security duties as assigned - Occasional travel for critical issues or growth - Being on call rotation Qualifications - 3–5 years of experience in an information security, security analyst, or IT security operations role - Hands-on experience administering Google Workspace security features (admin console, audit logs, DLP, OAuth app controls) - Experience with endpoint security platforms; CrowdStrike Falcon preferred, Microsoft Defender for Endpoint also considered - Familiarity with Microsoft security products including Intune, Microsoft Defender, and Entra ID - Solid understanding of identity and access management concepts: SSO, MFA, RBAC, least privilege - Experience conducting access reviews, user provisioning audits, and policy enforcement - Working knowledge of email security protocols (SPF, DKIM, DMARC) and email threat landscape - Strong analytical skills with the ability to investigate alerts and identify indicators of compromise - Excellent written and verbal communication skills; ability to explain security concepts to non-technical users - Familiarity with HIPAA Security Rule requirements and healthcare data protection obligations Preferred Skills - CrowdStrike certification (CCFA, CCFH, or equivalent) preferred - Microsoft security certifications (SC-200, MS-500, or equivalent) a strong plus - Experience with Zscaler ZIA security policy management or cloud-native security platforms - Familiarity with SIEM platforms and log management tools - Experience running security awareness programs and phishing simulations (KnowBe4, Proofpoint, or similar) - Prior experience in healthcare IT security or compliance roles - Knowledge of NIST CSF or CIS Controls frameworks Benefits - Medical, Dental, and Vision Insurance - 401(k) with Company Match - Generous Paid Time Off (PTO) + Paid Company Holidays - Company-Paid Life Insurance - Short-Term & Long-Term Disability Insurance - Employee Assistance Program (EAP) - Career Growth & Development Opportunities - A collaborative, mission-driven culture focused on delivering exceptional patient care Compensation $75,000 — $85,000 USD