MFA Implementation Software Developer – Contract Position chez Swyfft

At Swyfft, we're reshaping the way home insurance and commercial package products are priced and bound. We've created an insurance experience that's smart, instant, and designed to deliver unparalleled customer service.

Our focus on lightning-fast quotes and seamless claims servicing is powered by cutting-edge technology and an Agent and Customer-centric approach that sets us apart in the industry.

Joining Swyfft means becoming part of a dynamic team of forward-thinkers who thrive on moving fast and delivering exceptional products. We pride ourselves on fostering an environment where creativity and positive energy thrive.

As we continue to grow and expand, we're on the lookout for experienced professionals like you to join us in transforming the insurance landscape. If you're passionate about leveraging technology to provide the best customer service experience and are ready to be a part of our journey, we welcome you to explore opportunities at Swyfft!

About the Position:

Swyfft, an insurance technology company, needs to implement multi-factor authentication (MFA) for ~6-7K users (insurance agents and admins) to meet NYDFS cybersecurity compliance requirements by April 2026.

*This position is a 100% remote U.S. based opportunity that can be based in one of the following states only: AL, AZ, FL, GA, KY, LA, MA, MO, NC, NJ, NY, OH, OR, PA, SC, TX, UT, VA, WA, WI.

This is a temporary, direct-hire position lasting 3-6 months, with the potential for extension (no 3rd party firms). Hourly rate based on experience.

Unfortunately, we are unable to provide sponsorship at this time.

Key Responsibilities: (What you'll be asked to do)

• Implement MFA with multiple authentication methods:
  • Core MFA functionality:
    • TOTP authenticator app support (Google Authenticator, Authy, etc.) - required for admins
    • Email or SMS-based codes - option for agents
    • QR code enrollment flow for TOTP
    • SMS delivery integration (e.g., Twilio, AWS SNS)
    • Backup/recovery code generation and validation
    • MFA challenge at login with method selection
  • Trusted device system:
    • 90-day device token implementation (users shouldn't MFA on every login)
    • Database schema for tracking trusted devices
    • User-facing "Trusted Devices" management page
    • Device revocation functionality
  • User experience considerations:
    • Guided enrollment flow with clear instructions for non-technical users
    • User choice between SMS and TOTP (with admin enforcement of TOTP where required)
    • Admin tools for managing user MFA status and method requirements
    • Graceful handling of lost devices/recovery scenarios
    • Phone number management for SMS users
  • Integration:
    • Modify existing authentication middleware/controllers
    • Maintain compatibility with current session management
    • SMS provider integration
    • Minimal disruption to existing codebase
  
  

The Successful Candidate: (What we're looking for)

• Strong C#/.NET and ASP.NET Core experience
• Experience implementing authentication systems (MFA specifically is a plus)
• Understanding of security best practices and token management
• Experience integrating third-party APIs (SMS providers)
• Ability to write clean, maintainable code that fits existing patterns
• Experience with TypeScript frontend work
• Good communication skills for explaining implementation decisions

 Some Requirements:

• Working MFA implementation with both SMS and TOTP support
• SMS provider integration
• Database migrations and schema changes
• Documentation for deployment and future maintenance
• Support during initial rollout/testing phase

Education:

• A Bachelor’s degree in Computer Science, Computer Engineering, or equivalent work experience is required.

Computer Skills:

• Backend: C#/.NET (ASP.NET Core)
• Frontend: TypeScript
• Database: SQL Server
• Current Auth: Custom JWT/cookie-based authentication with 30-day sessions
• We’re a MS Office environment (Outlook, Word, Excel, PowerPoint).
• Experience using video and chat technology (MSTeams & Slack).

Other:

• Reliable high-speed internet connectivity required.
• Designated quiet work from home space.

It is the policy of Swyfft to provide equal employment opportunities to all employees and applicants for employment without regard to race, religion, color, ethnic origin, gender, gender identity, age, marital status, veteran status, sexual orientation, disability, or any other basis prohibited by applicable federal, state, or local law. EOE/AA/M/D/V/F.

If you require accommodations during the application or interview, please contact Human Resources at [email protected], and we will make every effort to accommodate your needs.

Please Note: Swyfft Holdings, LLC is not accepting 3rd party agency resumes for this position, please do not forward resumes to our careers email address or Swyfft Holdings, LLC employees. Swyfft Holdings, LLC will not be responsible for any fees related to unsolicited resumes.