CB

Open to new opportunities

Field Dossier — Cloud Security

Chris Baker

Cloud & network security engineer. SASE · ZTNA · Network Security

Location
Vancouver, BC
Focus
SASE escalation & diagnostics
Tenure
14+ yrs — Cisco, Sophos
Status
Open to opportunities
01

Profile

Cloud and network security engineer with 14+ years at Cisco and Sophos, specializing in high-severity escalation engineering across SASE platforms and in building the tooling and knowledge infrastructure that accelerates resolution at scale.

I specialize in diagnosing high-severity issues across SASE platforms — ZTNA, FWaaS, secure web gateway, DNS security, IPS, and RAVPN — and in bridging engineering and support to drive root cause to resolution. Beyond escalations, I build the infrastructure that makes the team faster: a cloud lab for reproducing customer environments, diagnostic tooling in Bash, Python, and JavaScript, a Webex automation bot (Python async, Docker, EC2) for case routing and severity alerting, internal documentation, and mentoring and training programs.

I use AI-assisted development workflows (Claude Code, Anthropic API) routinely. Recent focus is designing agentic AI tools — Claude Code Skills, Model Context Protocol (MCP), and AWS Bedrock — that integrate with internal systems to accelerate engineering workflows. The latest, now in active use by my team at Cisco, drives end-to-end triage on high-severity escalations.

What motivates me is the full loop — taking a difficult technical problem to a deeper understanding of the product, then scaling that understanding across teams through documentation, labs, and hands-on teaching.
02

Capabilities

Cloud & Network Security

  • SASE
  • ZTNA
  • FWaaS
  • Secure Web Gateway
  • DNS Security
  • IPS
  • RAVPN
  • VPN — IPSec / SSL
  • TLS
  • Traffic analysis

Agentic AI & Skills

  • Claude Code Skills
  • Model Context Protocol (MCP)
  • Agentic workflows
  • Planner–executor patterns
  • Human-in-the-loop
  • Tool calling
  • Prompt engineering

AI Tooling & Platforms

  • Claude Code (primary)
  • GitHub Copilot
  • Anthropic API
  • AWS Bedrock

Cisco Products

  • Cisco Secure Access
  • Cisco Umbrella
  • Cisco ASA
  • Meraki MX

Firewalls & Gateways

  • pfSense
  • Sophos UTM
  • Cisco ASA
  • Sophos Web Appliance
  • Sophos Email Appliance

Identity & Access

  • SAML
  • SSO
  • Active Directory
  • LDAP
  • IdP integration — Okta / Microsoft Entra ID

Logging, Detection & SIEM

  • Splunk
  • Grafana
  • DataDog
  • Fail2Ban
  • Snort / IPS event triage
  • Log analysis
  • Packet capture — Wireshark / tcpdump

Scripting & Automation

  • Bash
  • Python
  • PHP
  • JavaScript
  • Expect

Operating Systems

  • Linux — Alpine / RHEL / Ubuntu / Debian
  • FreeBSD
  • Windows Server
  • macOS

Cloud & Virtualization

  • Azure
  • AWS
  • VMware
  • Docker

Networking

  • TCP/IP
  • DNS — BIND / MS DNS / Unbound / DNSCrypt
  • Routing & switching

Web & Mail Infrastructure

  • NGINX
  • HAProxy
  • Postfix
  • MS Exchange

Practice

  • Technical documentation
  • Training & mentorship
  • Technical interviewing
  • Escalation management
  • Incident response
03

Experience

May 2023 — Present

Software Engineer — Cloud Security

Cisco · Vancouver, BC

  • Own high-severity technical escalations for Cisco Secure Access — driving root-cause analysis and cross-functional resolution across ZTNA, FWaaS, web filtering, IPS, RAVPN, and DNS security.
  • Designed and shipped an internal agentic AI tool on Claude Code + AWS Bedrock — uses Model Context Protocol (MCP) for live integration with Jira and Cisco's case-management system, evaluates pre-escalation diagnostic checklists, and generates customer-facing TAC resolutions or dev-facing Jira tickets to accelerate high-severity escalation triage across the team.
  • Built and operate a cloud-based lab environment used by support and engineering to reproduce customer issues in isolated conditions, reducing time-to-diagnosis on the most technically complex cases.
  • Built and deployed a Webex automation bot (Python async, Docker, EC2) for the escalation team: monitors the live case feed via outbound WebSocket, relays new cases with severity banners, routes SEV 1 @all and SEV 2 @manager alerts, and tracks case ownership via emoji reactions — operating with zero open ports via outbound-only WebSocket connection.
  • Authored diagnostic and automation tooling adopted across the team — DNS resolver diagnostics (EDNS packet decoding, name-server chain consistency testing, in-rotation resolver mapping), a comprehensive Virtual Appliance toolkit (DNS testing across all ports and protocols, ephemeral port profiling, query volume analysis), Active Directory Connector event parsing, Teleport infrastructure access automation, and Cisco case-management browser automation (Tampermonkey).
  • Build lab reproductions of customer SAML/SSO and identity-provider integrations (Okta, Microsoft Entra ID, ADFS) to isolate authentication flow failures and validate fixes before delivery.
  • Author internal technical documentation on advanced product behavior, lab procedures, and testing methodology — used as the primary reference by both engineering and support teams.
  • Conduct technical interviews, onboard new hires, mentor existing staff, and run knowledge-sharing sessions to raise team-wide capability across the Secure Access stack.

Dec 2021 — Apr 2023

Senior Technical Support Engineer — Cloud Security

Cisco · Vancouver, BC

  • Subject matter expert on Cisco Umbrella escalations; resolved the most complex technical issues facing the support organization.
  • Built customized test environments and diagnostic scripts that became standard tooling for staff training and issue reproduction.
  • Partnered with Development on bug fixes and enhancements; delivered training and conducted technical interviews.

Dec 2016 — Dec 2021

Technical Support Engineer — Cloud Security

Cisco · Vancouver, BC

  • Handled escalated cases across DNS security, secure web gateway, and proxy components.
  • Created Umbrella test environments in VMware and Azure used company-wide for training and reproduction.
  • Wrote support scripts and internal documentation; partnered with Development on bug fixes and product improvements.

Mar 2015 — Dec 2016

Senior Technical Support Engineer — Email Security

Sophos · Vancouver, BC

  • Subject matter expert for Sophos Email Appliance and PureMessage Unix; handled cases escalated from Tier 2 teams worldwide.
  • Worked directly with Development on bug fixes, enhancements, new-feature testing, and release planning.
  • Authored internal and public-facing knowledge base documentation; trained and mentored Tier 1 and Tier 2 engineers.

Jan 2014 — May 2015

Technical Support Engineer II & Technical Account Manager — Web & Email Security

Sophos · Vancouver, BC

  • Provided tiered support (Tier 2 → Tier 3) for Sophos Web Appliance, Email Appliance, and PureMessage Unix/Exchange — appliance config, Unix/Linux back-ends, AD integration, DNS, and traffic flow.
  • Served concurrently as Technical Account Manager for large enterprise customers — health checks, incident response during critical outages, and cross-team coordination.

Apr 2013 — Dec 2013

Technical Support Engineer — Web & Email Security

Sophos · Vancouver, BC

  • Frontline technical support for Sophos Web Appliance, Email Appliance, and PureMessage Unix/Exchange. Promoted to Tier 2 and Technical Account Manager within 9 months.

Nov 2011 — Apr 2013

Technical Support Engineer — Endpoint Security

Sophos · Vancouver, BC

  • Supported the enterprise Sophos endpoint suite — admin server components on Windows Server with MS SQL, and clients across Windows, macOS, Linux, Unix, NetWare, and NetApp.
  • Created scripts and knowledge base articles to streamline support delivery.
04

Open Source

Active open-source contributor — network and DNS security tooling, home-automation platform integrations, and upstream library fixes, primarily in Python, PHP, and Shell.

Project details and repositories available on request.

05

Education & Certifications

Network Administration & Security Professional Program

BCIT — UBC Joint Program · 2011

Graduated with Distinction. Coursework in VMware virtualization, Active Directory, Postfix/Dovecot, pfSense, Cisco routing & switching, FreeBSD, and Windows Server — with strong standing in security theory and applied practice.

Certifications

  • CompTIA Security+
  • CompTIA Network+
  • CompTIA Linux+
  • Cisco CCNA