MFA Engineer (IAM)

Skills:

Multifactor Authentication (MFA)

Experience Required:

8-10 Role Summary The MFA Engineer will lead workforce authentication hardening, focusing on rolling out MFA where missing, remediating weak MFA methods, and ensuring consistent enforcement across a multi IDP environment involving Entra ID, ForgeRock, RSA, and ADFS. ________________________________________ Key Responsibilities Identify applications without MFA and define rollout strategies. Remediate weak MFA methods (e.g., OTP, mobile PINs, voice based helpdesk auth). Design and implement stronger MFA controls across authentication flows. Configure and enforce MFA policies in Microsoft Entra ID, ForgeRock, RSA, or ADFS. Ensure MFA enforcement survives federated and brokered authentication flows. Support pilot, rollout, and enterprise adoption with minimal business disruption. Define secure exception, fallback, and support desk processes. ________________________________________ Mandatory Skills & Experience Strong hands on experience implementing enterprise MFA for workforce users. Experience assessing and remediating weak or legacy MFA implementations. Hands on experience with Entra MFA and/or MFA in ForgeRock, RSA, ADFS. Strong understanding of authentication flows and federated MFA enforcement. Ability to work with application teams on technical constraints and rollout planning. ________________________________________ Preferred Experience Experience with phishing resistant authentication concepts. Familiarity with conditional / step up authentication. Experience in regulated or high security enterprise environments.