diff --git a/defaults/main.yml b/defaults/main.yml
index 584fe2c7..17710b79 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -33,6 +33,11 @@ security_package_state: present
 # installed by the role. This may prevent certain packages from installing,
 # such as ClamAV.
 security_epel_install_repository: yes
+#
+# Some deployers install a customized EPEL package that redirects servers to
+# their internal EPEL mirrors. Provide the name of the EPEL repository package
+# (epel-release by default on CentOS) or a URL to an EPEL release RPM file.
+security_epel_release_package: epel-release
 
 ###############################################################################
 #   ____  _   _ _____ _        __     ____ _____ ___ ____
diff --git a/releasenotes/notes/allow-custom-epel-release-packages-b409be1aa46ee9c3.yaml b/releasenotes/notes/allow-custom-epel-release-packages-b409be1aa46ee9c3.yaml
new file mode 100644
index 00000000..e96bbdbd
--- /dev/null
+++ b/releasenotes/notes/allow-custom-epel-release-packages-b409be1aa46ee9c3.yaml
@@ -0,0 +1,6 @@
+---
+features:
+  - |
+    Deployers can now specify a custom package name or URL for an EPEL release
+    package. CentOS systems use ``epel-release`` by default, but some deployers
+    have a customized package that redirects servers to internal mirrors.
diff --git a/tasks/rhel6stig/main.yml b/tasks/rhel6stig/main.yml
index 3afb6997..979afcb3 100644
--- a/tasks/rhel6stig/main.yml
+++ b/tasks/rhel6stig/main.yml
@@ -15,7 +15,7 @@
 
   - name: Install EPEL repository
     yum:
-      name: epel-release
+      name: "{{ security_epel_release_package }}"
       state: "{{ security_package_state }}"
     when:
       - ansible_pkg_mgr == 'yum'
diff --git a/tasks/rhel7stig/main.yml b/tasks/rhel7stig/main.yml
index 37bf3c26..158a1f56 100644
--- a/tasks/rhel7stig/main.yml
+++ b/tasks/rhel7stig/main.yml
@@ -69,7 +69,7 @@
 # install EPEL if the deployer asked for clamav to be installed.
 - name: Install EPEL repository
   yum:
-    name: epel-release
+    name: "{{ security_epel_release_package }}"
     state: "{{ security_package_state }}"
   when:
     - ansible_pkg_mgr == 'yum'