VHC Health

Welcome page
ID 2026-13346
Category Information Technology/Information Services
Job Locations
US-VA-Alexandria
Position Type
Full Time
Shift
Days
Workday Cost Center : Name
Information Security
Scheduled Weekly Hours
40

Position Title

Epic Applications Security Manager

Job Description

Purpose & Scope:

The Epic Applications Security Manager provides strategic leadership and operational oversight for all Epic-related application security functions. This role manages the team responsible for safeguarding Epic system assets, ensuring strong access governance, and maintaining a secure environment for clinical and operational workflows. The Manager directs all Epic security lifecycle activities, including access strategy, build standards, testing governance, risk evaluation, and integration with enterprise cybersecurity programs.

This position serves as the primary liaison between Epic application teams, Information Security, IT Operations, Compliance, and clinical/business departments to ensure that all Epic users have the appropriate access needed to perform their roles while maintaining strict security, privacy, and regulatory compliance. The Manager oversees issue resolution, coordinates incident response related to Epic security, evaluates emerging risks, designs mitigation strategies, and leads continuous improvement of Epic security posture and processes.

Education:

Bachelor's degree in computer engineering, computer science, or information systems management or approved equivalent combination of education and experience. Three years of additional related experience may be substituted in lieu of educational requirement.

Experience:

  • Minimum five to seven years of experience in information technology or information security, including direct responsibility for application security programs.
  • Prior experience supporting Epic application security is strongly preferred.
  • Experience leading teams or serving as a project or technical lead in a complex healthcare environment.
  • Strong understanding of operating systems, risk assessment processes, project planning/management, and business continuity.
  • Experience with enterprise vulnerability scanning, code review, and secure development practices.
  • Experience engaging cross-functional stakeholders and serving as the escalation point for complex security issues.
  • Experience with and knowledge of UNIX operating systems desired and Microsoft operating systems required; risk and threat assessment process and practices; project planning and management; business continuity planning, documentation and evaluation
  • Experience with vulnerability scanning tools (e.g., Qualys, Nessus, Nexpose, Saint)
  • Experience with high level programming languages (e.g., Java, C, C++, .NET (C#, VB))

Certification/Licensure:

None.

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed

Still searching for the perfect role?

Join our Talent Community by submitting your resume for general consideration. Our team will reach out with future opportunities that align with your skills and qualifications. We look forward to working with you soon!