You're seeing this page as if you were . The main menu is still yours, though. Exit from immersion
Malt Strategy
New report
Malt Tech Trends 2026
Mehrez MarouaniMM

Mehrez Marouani

Solutions Architect | IAM Expert | AWS Architect

On-demand
Paris, FR
8-15 years
Amazon Web Services
Identity and Access Management (IAM)
Keycloak
PingIdentity
Kubernetes

Average response time: 1 hour

Freelancer profile translated to English.
Back to original language

About Mehrez

I am a Senior Solutions Architect with over 10 years of experience in designing and implementing IAM solutions, cloud security, microservices architectures, and event streaming with Kafka for international companies. My expertise covers Identity and Access Management (IAM), cloud security (AWS), API & microservices architecture, as well as DevOps automation and real-time event processing with Kafka.


🔹 What I do
I assist companies in modernizing and securing their IT infrastructure, ensuring smooth access management, regulatory compliance, and process automation. Whether it's deploying an IAM solution (PingIdentity, Keycloak), designing a secure architecture on AWS, integrating Kafka for real-time event processing, or automating deployments with DevOps, my goal is to offer robust and scalable solutions tailored to the needs of businesses.

🔹 Areas of Expertise
✅ Identity and Access Management (IAM) – Secure authentication and authorization, SSO, OAuth2, OpenID Connect, RBAC, identity federation.
✅ Cloud Architecture (AWS) – Designing secure, scalable, and optimized infrastructures.
✅ Event Streaming & Kafka – Designing and implementing event platforms, event-driven architectures, and real-time data ingestion.
✅ Software Architecture & Digital Transformation – Migration to modern architectures with APIs, microservices, event-driven architectures.
✅ DevOps Automation & CI/CD – Infrastructure as Code (IaC) with Ansible, Terraform, Jenkins, and GitLab for increased security, scalability, and speed.
✅ Security Audits & Compliance – Aligning IAM, cloud, and event-driven solutions with GDPR, ISO 27001, PCI-DSS, and NIST standards.

  • English

    Native or bilingual

  • French

    Native or bilingual

Can work on-site
Paris (up to 50km)

Experience

  • BNP Paribas,
    Solutions Architect
    November 2020 - December 2024 (4 years and 1 month)
    Paris, France
    As a Principal IAM Architect, I designed and implemented an Identity and Access Management (IAM) solution for BNP Paribas, covering clients and partners across Europe (France, Germany, Spain, Portugal, Belgium) as well as Jaguar Land Rover (JLR), which was primarily based on federated authentication. Key contributions:
    • Deployment of an IAM solution based on PingIdentity: Implementation of a secure and high-performance authentication, authorization, and identity federation system.
    • Identity federation for JLR: Integration of a federated authentication system for Jaguar Land Rover (JLR), ensuring secure and transparent access to various resources.
    • Kafka integration for user event management: Consumption and processing of client-related events to dynamically synchronize user data in PingDirectory.
    • Deployment automation with Ansible: Standardization and automation of IAM solution deployment across all environments, ensuring reliability and consistency.
    • Implementation of an optimized CI/CD pipeline: Integration of a CI/CD chain with Jenkins, Sonar, GitLab, and Nexus to improve automation, code quality, and deployment efficiency. This initiative significantly strengthened BNP Paribas' IAM capabilities, providing scalability, security, and automation, while ensuring a smooth and secure federated authentication experience for Jaguar Land Rover (JLR).
  • Siemens
    Solutions Architect
    January 2020 - December 2020 (1 year)
    Paris, France
    As an IAM Architect, I designed and implemented the user management solution for the Communication-Based Train Control (CBTC) system of the Queens Boulevard (QBL) subway line within New York City Transit (NYCT). The solution was based on Keycloak, ensuring secure authentication and authorization tailored to the system's requirements. Key contributions:
    • Identity and Access Management (IAM) with Keycloak: Design and deployment of a role-based access control (RBAC) system enabling efficient management of user identities and permissions.
    • Custom extensions for Keycloak (SPI development): Development of Server Provider Interfaces (SPIs) to implement specific authentication and authorization requirements, thereby extending Keycloak's native functionalities.
    • Automation with PowerShell for VMware: Development of PowerShell scripts to automate the deployment and configuration of VMware virtual machines, ensuring consistency and efficiency across all environments.
    • Integration with the CBTC system: Implementation of a seamless authentication and authorization process, enhancing the security and operational efficiency of the train control system.
    • Deployment on VMware: Installation and management of the IAM solution on VMware virtual machines, ensuring high availability and scalability. This project enabled the deployment of a secure, scalable, and automated IAM framework, improving user management and access control for one of New York's busiest subway lines.
  • TNP Consulting,
    Solutions Architect
    January 2020 - June 2020 (5 months)
    Paris, France
    As a Solutions Architect at TNP Consulting, I led the design and implementation of the authentication system for the Very Small Enterprises (TPE) elections, commissioned by the Ministry of Labor. This large-scale system, intended for approximately 5 million users, required a secure, scalable, and high-performance IAM solution to ensure smooth and regulation-compliant authentication during the elections.
    Key contributions:
    • IAM solution architecture: Design and implementation of a robust authentication system based on Keycloak, ensuring secure and efficient management of user identities.
    • Cloud infrastructure on AWS: Design of a scalable and highly available solution on AWS, optimizing resources to ensure performance and cost control.
    • Customization of authentication workflows: Adaptation of Keycloak to the specific requirements of the electoral process, ensuring compliance with government security standards.
    • High availability and performance optimization: Implementation of mechanisms ensuring efficient management of millions of authentication requests, while maintaining system availability and responsiveness.
    • Automation and DevOps: Industrialization of infrastructure deployment and management through advanced DevOps practices, thereby improving scalability, security, and operational efficiency. This project enabled the implementation of a secure, scalable, and government-compliant IAM solution, ensuring a smooth electoral process for millions of users, while maintaining a high level of performance and optimized cost management.
Check out Mehrez's experience

Recommendations

Be the first to recommend Mehrez

Help this freelancer shine by sharing your experience working together.

These freelancer profiles also match your criteria

AgathaA

Agatha Frydrych

Backend Java Software Engineer

4.7

(3)

2

BaptisteB

Baptiste Duhen

Fullstack developer

4.6

(4)

5

AmedA

Amed Hamou

Senior Lead Developer

4

(2)

7

AudreyA

Audrey Champion

Web developer

4.3

(3)

4

Signup to reveal

Education

  • Master of Science in Computer Science
    CEFOR,
    2005
    Master's degree, Computer Science,
  • Bachelor of Science in Computer Science
    ISAMM
    2003
    B.S. degree, Computer Science

Skill set

REST APIs
CI/CD
Ansible Automation Platform
JAVA/JEE;
Microservices

Categories