Full Time Kql Jobs (NOW HIRING)

Azure Cloud Security Engineer - Kids Dental Brands

Founded in 2002, Kids Dental Brands has been dedicated to providing high-quality dental care to children of all backgrounds in a fun, safe, and welcoming environment. With over 55+ practices across the country, we continue to grow by staying true to our patient-centered, doctor-led philosophy.

The Opportunity

We are seeking an experienced Cloud Security Engineer to support and strengthen security across our growing organization. This role will serve as the dedicated security operator for our Microsoft 365, Entra, and Azure environment, helping protect systems, identities, endpoints, and cloud infrastructure across the business.

This is a highly hands-on role focused on security operations, identity and access management, threat detection, endpoint protection, and cloud/network security. The ideal candidate is analytical, organized, and proactive, with the ability to investigate security incidents thoroughly, identify root causes, and clearly communicate risks and recommendations.

In addition to day-to-day security operations, this individual will help support broader security initiatives, improve governance and organization within the environment, and contribute to building scalable processes as the company continues to grow. This role is best suited for someone who enjoys problem solving, works well independently, and thrives in a fast-moving environment with evolving priorities.

Why Join Us?

At Kids Dental Brands, you’ll have the opportunity to directly impact the security and stability of a rapidly growing organization. You’ll work within a Microsoft-native security environment and play a key role in protecting systems, supporting compliance efforts, and helping shape the future of security operations across the company.

Summary of Essential Job Functions

• Must be based in or around Phoenix, Arizona

• Identity & Access Management. Own Microsoft Entra security configuration — Conditional Access, Privileged Identity Management, MFA and passwordless, app-registration governance, and access reviews of privileged and high-impact groups.

• Threat Detection & Response. Triage and remediate security alerts across Microsoft Defender XDR, Entra Identity Protection, and Exchange Online Protection within defined service-level targets. Own the Security Incident Response Process, maintain audit-log coverage, write KQL detections, and document remediation as the work is being done.

• Cloud & Network Security. Maintain the security posture of KDB's Azure subscriptions — network controls, firewalls, Key Vault, and Defender for Cloud secure-score remediation.

• Email & Collaboration Security. Maintain Exchange Online Protection, Defender for Office 365, transport rules, and Microsoft Purview DLP. Drive email-authentication maturity.

• Compliance. Serve as KDB's designated HIPAA Security Officer; configure and evidence security controls aligned to HIPAA; support internal and external audits.

• Vulnerability, Documentation & DR. Run regular vulnerability and configuration assessments; keep documentation of policies, configurations, and incidents current; coach IT peers; contribute to disaster-recovery planning and testing.

• Maintain and exhibit our core values of compassion, authenticity, talent, and teamwork.

• All other duties as assigned or apparent.

At a Glance

• Location Requirements: Must be based in or around Phoenix, Arizona
• Experience Required: 5+ years of IT/security experience preferred, with strong Microsoft Azure and Microsoft 365 security experience
• Certifications Required: at least one of: Microsoft AZ-500, SC-200, or SC-300
• Job Type: Full-time
• Work Environment: Hybrid - 2-3 days per week on-site

Compensation and Schedule

• Salary: $90,000 - $110,000 depending on experience
• Schedule: Full-time with standard business hours and flexibility as needed

Qualifications:

• Education: Bachelor's degree in Information Technology, Computer Science, Cybersecurity, or a related field, or equivalent professional experience.
• Experience: 7+ years in IT, including 3+ years focused on security in the Microsoft Azure and Microsoft 365 ecosystem. Hands-on experience with Microsoft Entra and Microsoft Defender XDR is required. Experience operating in a HIPAA-regulated environment is strongly preferred.
• Certifications: Required — at least one of: Microsoft AZ-500, SC-200, or SC-300. Preferred — Microsoft SC-100, CISSP, GIAC GCIH or GCSA, or CCSP.
• Computer Skills: Hands-on experience administering and securing Azure, Microsoft Entra, Exchange Online, and Microsoft Defender XDR. Strong PowerShell (Microsoft Graph and Az modules) and KQL required. Familiarity with Microsoft Sentinel, Cisco Meraki, and identity-provider federation patterns (SAML, OIDC, SCIM) preferred.
• Language Ability: Excellent verbal and written communication; remains calm under stress; documents technical decisions clearly in writing.

Benefits That Support You Personally and Professionally:

At Kids Dental Brands, we offer a comprehensive and competitive benefits package designed to support your health, well-being, and future. Our offerings for this role include:

• Health Coverage - Medical, dental, vision, and basic life insurance
• Supplemental Benefits - Voluntary life insurance, short- and long-term disability, legal assistance, identity theft protection, critical illness, hospitalization, and cancer insurance
• Wellness Program - Incentive-based wellness initiatives plus access to our Employee Assistance Program
• Financial Security - 401(k) retirement plan with company match
• Paid Time Off - Paid time off, wellness days, and paid holidays annually

Apply today to help protect and strengthen the systems that support our growing organization and mission.