๐Ÿ”’ Loading Portfolio...
$ whoami |

Ashish Goraniya

Information Security | Cloud Security | Data Loss Prevention

Protecting enterprise data and reducing security risks through automated defenses, threat detection, and cloud-native security solutions across Microsoft 365, Azure, AWS, and GCP environments.

0
Certifications
0
Years Experience
0
Weekly Alerts Analyzed
Get In Touch View Projects

About Me

Iโ€™m Ashish, a cybersecurity professional with hands-on experience in SOC operations, Data Loss Prevention (DLP), and cloud security. I previously worked as an Information Security Intern at Kinaxis, where I triaged security alerts using Microsoft Defender XDR, built detections in Azure Sentinel, and implemented DLP controls with Microsoft Purview.

My work focused on threat detection, incident response, and security automation, contributing to reduced data leakage and stronger protection against phishing and BEC attacks.

I hold a Masterโ€™s degree in Cybersecurity and multiple industry certifications, including AZ-500, SC-200, AWS Solutions Architect, and CompTIA CySA+. Iโ€™m currently working toward OSCP to strengthen my offensive security skills.

Outside of work, I share hands-on security projects and practical solutions through my portfolio and blog.

Ashish Goraniya

Ashish Goraniya

Information Security Professional

Professional Experience

Information Security Intern

Kinaxis
Feb 2025 โ€” Dec 2025
Remote
  • Monitor and triage 30+ security alerts weekly using MSSP's security portal and Microsoft Defender XDR, identifying and escalating potential security incidents
  • Review 100+ ZeroFox alerts weekly, reducing brand/reputation threats and external abuse attempts
  • Contribute to the Data Loss Prevention program by designing and testing sensitivity labels, Insider Risk Management policies, and endpoint DLP - achieving an estimated 40% reduction in potential data leaks
  • Use Abnormal Security and Exchange Online Protection to block BEC and phishing attacks, significantly improving email security posture
  • Detect Azure/GCP misconfigurations using Wiz and create Sentinel detection rules to improve cloud security posture
Microsoft XDR Azure Sentinel Microsoft Purview (DLP) Threat Hunting Wiz KnowBe4 ZeroFox Abnormal Security GCP Okta Cisco Umbrella Desktop Central ServiceNow Jira Confluence

Cybersecurity Analyst

SKV Ventures
June 2022 โ€” Oct 2023
Remote
  • Managed security incidents in Microsoft Sentinel, enhancing visibility and detection accuracy through custom KQL queries and analytics rules
  • Implemented Microsoft Cloud Apps policies to control unsanctioned application usage and minimize data exposure across the organization
  • Refined SOC procedures by updating internal runbooks and playbooks, accelerating the incident response lifecycle
  • Created role-based security awareness training modules with 85% completion rate, reducing user-reported incidents by 30%
  • Conducted phishing analysis, threat hunting, and vulnerability management to strengthen security posture
Microsoft Sentinel Threat Detection KQL Email Security Incident Response Cloud Security Vulnerability Management Phishing Analysis SOC Operations SIEM Log Analysis Wireshark MFA PIM

Certifications

Azure Security Engineer Associate

AZ-500

Microsoft

Azure Security Identity & Access Network Security

Security Operations Analyst Associate

SC-200

Microsoft

Microsoft Sentinel Threat Detection Incident Response

AWS Solutions Architect

AWS-SAA

Amazon Web Services

Cloud Architecture Security Best Practices

Certificate of Cloud Security Knowledge

CCSK

Cloud Security Alliance

Cloud Security CSA Framework

CompTIA CySA+

CS0-003

CompTIA

Threat Detection Security Analytics

CompTIA Security+

SY0-701

CompTIA

Security Fundamentals Risk Management

CompTIA Network+

N10-009

CompTIA

Network Security Infrastructure

Splunk Core Certified Power User

SPLK-1002

Splunk

SIEM Log Analysis

Offensive Security Certified Professional

OSCP+

Offensive Security

In Progress
Penetration Testing Exploit Development

Featured Projects

Hands-on security implementations and automation solutions

Data Loss Prevention with Microsoft Purview

Comprehensive DLP implementation using Microsoft Purview to protect sensitive data across endpoints, email, and AI applications. Deployed sensitivity labels, encryption, and Information Rights Management policies.

Deployed Purview sensitivity labels and encryption, ensuring protection travels with files externally
Built DLP/IRM policies across endpoints, email, and AI apps, blocking data leaks and reducing risk

AWS Auto-Remediation for Security Groups

Automated security workflow using AWS Lambda and EventBridge to detect and remediate overly permissive security group rules in real-time, enhancing cloud security posture.

Developed automated workflow to detect and revert overly permissive security group rules in real time
Improved AWS cloud security posture with SNS notifications and exception handling guardrails

Technical Skills

Cloud & Platform Security

  • Microsoft 365 Security Suite
  • Azure Security (Entra ID, Sentinel, Defender)
  • AWS (Lambda, EventBridge, Security Hub, IAM)
  • GCP Security
  • CSPM (Wiz)
  • Conditional Access & Identity Protection
  • Infrastructure as Code (IaC)

Security Tools & Platforms

  • EDR/XDR (Microsoft Defender, CrowdStrike)
  • SIEM (Splunk, Microsoft Sentinel)
  • Microsoft Purview (DLP, Information Protection)
  • Autopsy (Digital Forensics)
  • Log Correlation & Analysis
  • Kali Linux Toolsets (Nmap, Burp Suite, Metasploit)

Scripting & Automation

  • Python (Security Automation)
  • PowerShell (Windows Security)
  • Bash Scripting
  • SQL & Database Security
  • KQL (Kusto Query Language)
  • SPL (Splunk)
  • Regex & Log Parsing
  • SOAR Playbooks

Network & Infrastructure Security

  • Firewalls (Next-Gen)
  • IDS/IPS Systems
  • VPN Technologies
  • Packet Analysis (Wireshark)
  • TCP/IP Protocol Suite
  • DNS Security
  • Cisco Umbrella

Email & Threat Protection

  • Abnormal Security (BEC Detection)
  • Microsoft Defender for Office 365
  • Exchange Online Protection
  • KnowBe4 (Security Awareness)
  • ZeroFox (Brand Protection)
  • Phishing Analysis & Response

Identity & Access Management

  • Azure Entra ID (Azure AD)
  • Okta
  • Multi-Factor Authentication (MFA)
  • Privileged Identity Management (PIM)
  • Conditional Access Policies
  • Zero Trust Architecture

Frameworks & Compliance

  • MITRE ATT&CK Framework
  • NIST Cybersecurity Framework
  • ISO 27001
  • CIS Controls

Operating Systems

  • Windows Security & Hardening
  • Linux Security (Ubuntu, Kali)
  • macOS Security

Collaboration & Ticketing

  • ServiceNow (ITSM)
  • Jira (Project Management)
  • Confluence (Documentation)
  • Desktop Central

Get In Touch

Let's discuss cybersecurity opportunities and collaboration

Email

Let's Connect

Send Email