Luis Guzman loves a good challenge. “I’ve always hated hearing that I can’t do something,” he says, laughing. “It just makes me crazy.”
Fittingly, Guzman has carved a niche for himself in the world of cybersecurity, where “the challenges and threats continue to evolve and change” and where business success and growth come with a whole new set of risks. As director of information security and compliance operations at Fragomen, one of the world’s top immigration law firms, Guzman has put that reality at the forefront of his team’s operations, working to ensure that the company continuously evolves in its evaluation of and response to cyberthreats.
Guzman first discovered his passion for the field while serving in the military. “I loved analyzing information and learning how to communicate that for decision-making,” he says. “I was really attracted to the analytical components of the intelligence field—having structured ways to break down information, gather the best information available, and understand the capabilities of the organization I was supporting and how the environment and culture affected what we were doing. It was just fascinating.”
When Guzman left the military and moved back to the United States, he quickly realized that the cybersecurity field was a natural fit for all the skills he had been cultivating. And what he didn’t already know, he was more than willing to learn. “I can absorb anything if I’m around somebody long enough,” Guzman says. “I have learned so much from my colleagues and from diving in, ranging from forensics to scripting.”
By 2013, Guzman had gained sufficient knowledge of cybersecurity, intelligence, and analysis operations to begin developing those functions for a company. He joined PNC as vice president of cyberthreat analysis and immediately set to work creating a cyberthreat analysis team. Eighteen months later, the team was a dozen people strong and providing consistent, actionable results to the organization.
In the following years, Guzman was asked to take on yet more challenges. He led the security operations center for PNC, then transitioned to Uber in 2016 to mature the detection and response team. In each position, Guzman says, he learned “a tremendous amount” from colleagues just as focused on data-driven decision-making as he is.
“Nothing moves forward without risk, but you can reduce it in a way that you can deal with it.”
True to form, though, Guzman kept an eye out for other opportunities to stretch himself. And when a former colleague recommended him to Fragomen’s CIO in 2017, he knew that that opportunity had come.
As Guzman explains, Fragomen’s CIO was looking to start a technology innovation center in Pittsburgh, a center that would enable the company to “recruit the best and the brightest to come and work on not only our current technology but the emerging technologies the firm was looking to employ.”
The Pittsburgh office had an in-house technology team but no security professionals—until Guzman joined. “It was very exciting to me to get another chance to build a team—I love building teams,” the director says. “And Fragomen is a technology company, in the end. We deliver immigration and employment support, but we do that through technologies that we create.”
Fragomen, Guzman points out, does not follow the traditional law firm model. They work at scale, gathering information and documentation from individuals, families, and businesses across more than 120 countries.
And all that data needs to remain secure and private—which is where Guzman and his team come in. “It’s about becoming part of the solution on how we deliver technologies that take into account security and data privacy by, as someone wiser than me said, design and default,” he says.
Guzman has helped further reduce risk to the organization by founding a governance risk and compliance committee and by ensuring that his team members are as transparent as possible about what they do. “Nothing moves forward without risk,” he admits, “but you can reduce it in a way that you can deal with it.”
But to the director’s mind, his team’s success isn’t measured only by their technical innovations and insights. Throughout his tenure at Fragomen, Guzman has striven to foster an open, collaborative mindset in his team members.
“There is this dichotomy I’ve seen, even back when I was in the government, between operators and intelligence people,” he explains. “There was so much unnecessary friction, so I learned early on to become much more of a collaborative partner with all of the other elements that make military operations function. And when I came into this field, I saw that same problem wherever I went: there were security people over here, and the operation guys were over there. I was just not going to operate that way.”
This approach has caught the attention of Fragomen’s partners, including Blake Sallé, chief revenue officer at Proofpoint. “Luis has been instrumental in advancing Fragomen’s security mission, and we’re thrilled to be a part of that,” Sallé says. “We’ve always believed in a people-centric approach to cybersecurity—and in strong, collaborative partnerships to achieve it.”
Of course, Guzman has seen a lot of internal support as well. From the beginning, Guzman says, Fragomen’s leadership supported him in his effort to “build a strong interplay across teams.” Together, he and his colleagues have successfully identified and resolved weaknesses in the company’s system, brought the organization up to international compliance standards, and supported the company in its continued growth—and they’ve got the data to prove it.
Luis Guzman has learned a lot over the years—from colleagues in the field as well as from his own experiments and explorations. Here, he offers his top pieces of advice for anyone interested in cybersecurity:
- Get your hands dirty. “I’ve self-taught for much of my career, even if that meant rushing home to wipe Windows off my personal machines to learn Linux.”
- Don’t be afraid to take the next step. “People will take a chance on you if they understand that you’re bringing a passion and willingness to learn and a hunger to be better.”
- Be a positive force. “In this field, it’s all a challenge, it’s all difficult—you have to frame things in a way that helps people understand what is there and how to [proceed].”
At DeFY Security, our twenty-plus years of experience in and dedication to cybersecurity have led some of our nation’s leading financial institutions, healthcare organizations, manufacturers, and retail outlets to entrust their cybersecurity needs to us. Congratulations to Luis Guzman, you are a leader and innovator in cybersecurity.