VDH Technical Support Analyst III

Virginia Information Technology Agency
Title/Role: VDH Technical Support Analyst III (800936)
Req. Status: Open
No. of Openings: 1
Total No. Filled: 0
Start Date: 05/11/2026
End Date: 06/30/2026
No New Submittals After:
Max Submittals by Vendor: 2
Worksite Address: 109 governor st, Richmond VA,23219

Expenses Reimbursed?: No
Priority: Normal
Agency Interview Type: Both Phone and In Person
Named Resource/Vendor:
Work Arrangement: Hybrid

Engagement Type: Contract

Short Description:
This is intended to extend into FY27 through June 30, 2027.
Maximum Vendor Submittal Rate is $49.15/hr.

Complete Description:
The Virginia Department of Health (VDH) enterprise level EHR Security Analyst will be responsible for providing help shaping the security profiles and access controls for the EHR along with providing support Tier 1 to the EHR end users on related areas. EHR Security Analyst/ Application Support Specialist

The EHR Security Analyst is responsible for managing and help define user access policies, security policies and role-based permissions within the EHR. This role will work closely with the EHR Application team, ISO Team and HIPAA compliance officer among others to ensure that the application is compliance with HIPAA standards, organizational security policies and best practices.

Key Responsibilities
· Map and maintaining EHR positions definitions, which includes, Millenium Positions, Preferences and OHPAC Security groups with VDH Positions.
· Monitor and enforce appropriate use of EHR Access Control Positions and Policies, ensuring that users have the correct level of access based on their roles and their job functions.
· Work with EHR Security Officer, IT Technical team, Support Team and EHR Core team to help define and automate user provisioning and offboarding procedures.
·Monitor and conduct internal security audits of the EHR application to identify and mitigate risks and/or vulnerabilities detected.
·Work with EHR Security Officer to develop and maintain security policies, procedure and guidelines related to the Application.
·Work with EHR Security Officer and ISO Office and EHR Core team to define and complete security documentation and downtime procedures according with VDH Security guidelines.
·Work with EHR Security Officer to respond and investigate security incidents related to EHR Application ensuring timely resolution and proper reporting to stakeholders.
·Collaborate with the EHR implementation and optimization teams to ensure that security measures are integrated into the deployment of new features, updates, and third-party applications.
·Stay informed about emerging security threats, technologies, and best practices related to EHR systems.
·Recommend improvements and optimizations to the EHR security environment based on industry trends and emerging threats.
·Monitor user behavior by using tools like P2Sentinel to determine trends and possible incidents.
·Work with EHR Security Officer and EHR Core team to assist on internal and external audits.
·Participate in Cerner/OHPAC upgrades, security patches and system maintenance to ensure ongoing security.
·Participate in the Domain Strategy for EHR Application.
·Stay up to date with security updates, best practices and regulatory changes.

Required Experience
·Three plus years of IT experience desired.
·Strong Understanding of EHR Systems
·Understanding of HIPAA, HITECH, meaningful user and other healthcare security regulations.
·Experience with Active Directory (AD), single sign-on (SSO), multi-factor authentication(MFA), and identity management solutions.
·Strong analytical, problem-solving, and troubleshooting skills related to Cerner/OHPAC security and access issues.
·Excellent communication and collaboration skills to work with IT teams, compliance officers, and end users.
·Familiarity with healthcare IT infrastructure, including networking, firewalls, and database security.
·Knowledge of Discern and ccl.

Skill Required / Desired Amount of Experience
Strong understanding of Oracle Health EHR and Security Required 5 Years
Understanding of HIPAA, HITECH, meaningful user and other healthcare security regulations Highly desired 3 Years
Experience with Active Directory (AD), single sign-on (SSO), multi-factor authentication (MFA), and identity management solutions. Highly desired 3 Years
Knowledge of Discern and ccl Highly desired 3 Years
Strong analytical, problem-solving, and troubleshooting skills related to Cerner/OHPAC security and access issues Required 5 Years
Excellent communication and collaboration skills to work with IT teams, compliance officers, and end users. Required 5 Years
Familiarity with healthcare IT infrastructure, including networking, firewalls, and database security. Highly desired 5 Years
Application Support Experience Required 5 Years
Ability to handle multiple competing priorities and multitask efficiently in a dynamic, fast-paced environment Required 3 Years
Demonstrated commitment to exceptional customer service with individuals of varying technical knowledge. Required 3 Years