$ whoami |

Ashish Goraniya

Information Security | Cloud Security | Data Loss Prevention

Protecting enterprise data and reducing security risks through automated defenses, threat detection, and cloud-native security solutions across Microsoft 365, Azure, AWS, and GCP environments.

Certifications

Years Experience

Weekly Alerts Analyzed

Get In Touch View Projects

About Me

I'm Ashish, a cybersecurity professional specializing in Security Operations Center (SOC) operations, Data Loss Prevention (DLP), and cloud security. Currently at Kinaxis as an Information Security Intern, I monitor and triage security alerts using Microsoft Defender XDR, build detection rules in Azure Sentinel, and implement comprehensive DLP policies using Microsoft Purview.

My expertise spans across threat detection, incident response, cloud security posture management, and security automation. I've successfully contributed to reducing data leaks by 40% through strategic DLP implementation and enhanced email security against BEC and phishing attacks.

I hold a Master of Science in Cybersecurity from New York Institute of Technology and possess eight industry-recognized certifications including Azure Security Engineer (AZ-500), Security Operations Analyst (SC-200), AWS Solutions Architect, and CompTIA CySA+. Currently pursuing OSCP to further strengthen my offensive security skills.

Beyond my professional work, I share hands-on security projects and insights through my portfolio and Medium blogs, demonstrating how to solve complex security challenges with practical, automated solutions.

Professional Experience

Information Security Intern

Kinaxis

Feb 2025 — Present

Remote

Monitor and triage 30+ security alerts weekly using MSSP's security portal and Microsoft Defender XDR, identifying and escalating potential security incidents
Review 100+ ZeroFox alerts weekly, reducing brand/reputation threats and external abuse attempts
Contribute to the Data Loss Prevention program by designing and testing sensitivity labels, Insider Risk Management policies, and endpoint DLP - achieving an estimated 40% reduction in potential data leaks
Use Abnormal Security and Exchange Online Protection to block BEC and phishing attacks, significantly improving email security posture
Detect Azure/GCP misconfigurations using Wiz and create Sentinel detection rules to improve cloud security posture

Microsoft XDR Azure Sentinel Microsoft Purview (DLP) Threat Hunting Wiz KnowBe4 ZeroFox Abnormal Security GCP Okta Cisco Umbrella Desktop Central ServiceNow Jira Confluence

Cybersecurity Analyst

SKV Ventures

June 2022 — Oct 2023

Remote

Managed security incidents in Microsoft Sentinel, enhancing visibility and detection accuracy through custom KQL queries and analytics rules
Implemented Microsoft Cloud Apps policies to control unsanctioned application usage and minimize data exposure across the organization
Refined SOC procedures by updating internal runbooks and playbooks, accelerating the incident response lifecycle
Created role-based security awareness training modules with 85% completion rate, reducing user-reported incidents by 30%
Conducted phishing analysis, threat hunting, and vulnerability management to strengthen security posture

Microsoft Sentinel Threat Detection KQL Email Security Incident Response Cloud Security Vulnerability Management Phishing Analysis SOC Operations SIEM Log Analysis Wireshark MFA PIM

Certifications

Azure Security Engineer Associate

AZ-500

Microsoft

Azure Security Identity & Access Network Security

Security Operations Analyst Associate

SC-200

Microsoft

Microsoft Sentinel Threat Detection Incident Response

AWS Solutions Architect

AWS-SAA

Amazon Web Services

Cloud Architecture Security Best Practices

Certificate of Cloud Security Knowledge

CCSK

Cloud Security Alliance

Cloud Security CSA Framework

CompTIA CySA+

CS0-003

CompTIA

Threat Detection Security Analytics

CompTIA Security+

SY0-701

CompTIA

Security Fundamentals Risk Management

CompTIA Network+

N10-009

CompTIA

Network Security Infrastructure

Splunk Core Certified Power User

SPLK-1002

Splunk

SIEM Log Analysis

Offensive Security Certified Professional

OSCP+

Offensive Security

In Progress

Penetration Testing Exploit Development

Featured Projects

Hands-on security implementations and automation solutions

Data Loss Prevention with Microsoft Purview

Comprehensive DLP implementation using Microsoft Purview to protect sensitive data across endpoints, email, and AI applications. Deployed sensitivity labels, encryption, and Information Rights Management policies.

                            
                            Deployed Purview sensitivity labels and encryption, ensuring protection travels with files externally
                        

                            
                            Built DLP/IRM policies across endpoints, email, and AI apps, blocking data leaks and reducing risk
                        

Microsoft Purview DLP Information Protection Cloud Apps Endpoint Security

AWS Auto-Remediation for Security Groups

Automated security workflow using AWS Lambda and EventBridge to detect and remediate overly permissive security group rules in real-time, enhancing cloud security posture.

                            
                            Developed automated workflow to detect and revert overly permissive security group rules in real time
                        

                            
                            Improved AWS cloud security posture with SNS notifications and exception handling guardrails
                        

AWS Lambda EventBridge CloudTrail SNS Python Automation

Technical Skills

Cloud & Platform Security

Microsoft 365 Security Suite
Azure Security (Entra ID, Sentinel, Defender)
AWS (Lambda, EventBridge, Security Hub, IAM)
GCP Security
CSPM (Wiz)
Conditional Access & Identity Protection
Infrastructure as Code (IaC)

Security Tools & Platforms

EDR/XDR (Microsoft Defender, CrowdStrike)
SIEM (Splunk, Microsoft Sentinel)
Microsoft Purview (DLP, Information Protection)
Autopsy (Digital Forensics)
Log Correlation & Analysis
Kali Linux Toolsets (Nmap, Burp Suite, Metasploit)

Scripting & Automation

Python (Security Automation)
PowerShell (Windows Security)
Bash Scripting
SQL & Database Security
KQL (Kusto Query Language)
SPL (Splunk)
Regex & Log Parsing
SOAR Playbooks

Network & Infrastructure Security

Firewalls (Next-Gen)
IDS/IPS Systems
VPN Technologies
Packet Analysis (Wireshark)
TCP/IP Protocol Suite
DNS Security
Cisco Umbrella

Email & Threat Protection

Abnormal Security (BEC Detection)
Microsoft Defender for Office 365
Exchange Online Protection
KnowBe4 (Security Awareness)
ZeroFox (Brand Protection)
Phishing Analysis & Response

Identity & Access Management

Azure Entra ID (Azure AD)
Okta
Multi-Factor Authentication (MFA)
Privileged Identity Management (PIM)
Conditional Access Policies
Zero Trust Architecture

Frameworks & Compliance

MITRE ATT&CK Framework
NIST Cybersecurity Framework
ISO 27001
CIS Controls

Operating Systems

Windows Security & Hardening
Linux Security (Ubuntu, Kali)
macOS Security

Collaboration & Ticketing

ServiceNow (ITSM)
Jira (Project Management)
Confluence (Documentation)
Desktop Central