Hi,
This can be achieved through Conditional Access. You can set up exclusions within a conditional access policy, even when using the "Common Conditional Access policy: Require MFA for all users." https://learn.microsoft.com/en-us/azure/active-directory/conditional-access/howto-conditional-access-policy-all-users-mfa#user-exclusions
Note that you will be unable to apply conditional access if "Security Defaults" is enabled. https://learn.microsoft.com/en-us/microsoft-365/business-premium/m365bp-conditional-access?view=o365-worldwide&tabs=secdefaults