Carric Dooley has extensive experience leading comprehensive security assessments as well as network and application penetration tests in a wide range of industries across North America, Europe, and Asia. As the director of Foundstone Services at McAfee, he works with companies around the world in various industries, including financial services, insurance, healthcare, software, manufacturing, retail, pharmaceuticals, government, food services, and entertainment.
Dooley has performed information security assessments, security architecture reviews, wireless assessments, web application penetration tests, host configuration reviews, product reviews, risk assessments, and policy development projects. He has also led several enterprise risk assessments following Foundstone’s methodology based on NIST 800-30, helping clients in the financial services, government, and software industries to develop effective risk management strategies. In 2005, Dooley also helped establish Foundstone’s methodology for assessment and penetration testing.
In addition to his duties as director, Dooley is a lead instructor for the Ultimate Hacking series of courses and helps develop class materials. He also teaches classes for the U.S. Department of Defense, numerous private-sector companies, and at Black Hat conferences in both the U.S. and Europe.
Prior to McAfee, he worked for Microsoft as part of its information security team, performing extensive assessment work on PCI section 11.3.
Dooley holds a bachelor’s degree in business administration from Georgia Southern University, with a focus on international economics and a minor in French. He is fluent in French, conversant in German, and has studied Russian, Japanese, Spanish, Portuguese, Norwegian, and Gaelic.