MFA ( Multifactor Authentication ) Engineer - IAM

Role: MFA ( Multifactor Authentication ) Engineer - IAMLocation: North Quincy 02171 or 600 College Road East Princeton, New Jersey 08540. 100% onsiteContract Role Descriptions: MFA Engineer Engineer| deploy| and support MFA solutions (e.g.| Duo| Okta Verify| Microsoft MFA| ForgeRock MFA) across enterprise applications.Handle vulnerability remediation for MFA components including proxies| gateways| agents| and authentication flows.Configure and optimize MFA policies (adaptive auth| device trust| step-up authentication) aligned to security standards.Provide L2L3 support for MFA-related issuesuser lockouts| enrollment failures| latency| and integration challenges.Manage upgrades| patching| and secure configurations including certificate and secret rotations.Partner with infrastructure| endpoint| and application teams to ensure resilient and secure MFA deployments.Document configurations| remediation evidence| and operational procedures support audits and incident response.Essential Skills: MFA Engineer Engineer| deploy| and support MFA solutions (e.g.| Duo| Okta Verify| Microsoft MFA| ForgeRock MFA) across enterprise applications.Handle vulnerability remediation for MFA components including proxies| gateways| agents| and authentication flows.Configure and optimize MFA policies (adaptive auth| device trust| step-up authentication) aligned to security standards.Provide L2L3 support for MFA-related issuesuser lockouts| enrollment failures| latency| and integration challenges.Manage upgrades| patching| and secure configurations including certificate and secret rotations.Partner with infrastructure| endpoint| and application teams to ensure resilient and secure MFA deployments.Document configurations| remediation evidence| and operational procedures support audits and incident response.Skills: Multifactor Authentication (MFA) Experience Required: 8-10The MFA Engineer will lead workforce authentication hardening, focusing on rolling out MFA where missing, remediating weak MFA methods, and ensuring consistent enforcement across a multi IDP environment involving Entra ID, ForgeRock, RSA, and ADFS.________________________________________Key Responsibilities• Identify applications without MFA and define rollout strategies.• Remediate weak MFA methods (e.g., OTP, mobile PINs, voice based helpdesk auth).• Design and implement stronger MFA controls across authentication flows.• Configure and enforce MFA policies in Microsoft Entra ID, ForgeRock, RSA, or ADFS.• Ensure MFA enforcement survives federated and brokered authentication flows.• Support pilot, rollout, and enterprise adoption with minimal business disruption.• Define secure exception, fallback, and support desk processes.________________________________________Mandatory Skills & Experience• Strong hands on experience implementing enterprise MFA for workforce users.• Experience assessing and remediating weak or legacy MFA implementations.• Hands on experience with Entra MFA and/or MFA in ForgeRock, RSA, ADFS.• Strong understanding of authentication flows and federated MFA enforcement.• Ability to work with application teams on technical constraints and rollout planning.________________________________________Preferred Experience• Experience with phishing resistant authentication concepts.• Familiarity with conditional / step up authentication.• Experience in regulated or high security enterprise environments.