Base is building the foundation of American power. The grid is the largest, most complex machine in the world. Yet it’s aging, struggling to keep up with today’s demand, and is unprepared for our electrified future.

Base is modernizing the grid as the first engineering-led, technology-driven power company. We’re deploying a nationwide network of distributed batteries that strengthens critical infrastructure and saves Americans money.

Our team of engineers, operators, creatives, technicians, and electricians design and deploy systems at speed. If you want to tackle the problem that will define this century and shape the future of American energy, now is the time. Join us.

At Base, we are reinventing the infrastructure that powers the nation's electric grid—and we view security not as a layer, but as a foundation. As we scale our distributed fleet of energy storage devices and the software that orchestrates them, security is essential to maintaining trust, resilience, and operational integrity. We are looking for an experienced security expert to expand and lead our security efforts across both edge and cloud systems.

This role will be critical in safeguarding our edge device architecture, ensuring secure communications, hardening embedded Linux environments, and enforcing best-in-class security practices across our growing network. You'll help define and implement secure OTA update processes, manage identity and access control at scale, and respond proactively to evolving threats.

The ideal candidate has hands-on experience building and securing distributed systems—particularly in IoT, energy, or industrial environments—and is eager to shape the security posture of a fast-growing, mission-driven company from the ground up.

Responsibilities:

• Harden communication protocols and manage firewall rules to prevent unauthorized access and lateral movement.

• Design and maintain authentication mechanisms for device-to-cloud communication, including key rotation and certificate management.

• Manage secrets and credentials securely across the fleet and development environments.

• Continuously monitor, assess, and patch vulnerabilities across our embedded systems and infrastructure.

• Lead incident response and forensics in the event of a security breach or anomaly.

• Integrate security best practices into OTA update processes, ensuring updates are signed, validated, and securely distributed.

• Collaborate with the software team to audit and improve code security, especially in fleet management and configuration tooling.

• Help develop and enforce security policies and procedures to meet industry standards (e.g., NIST, ISO 27001).

• Maintain documentation and risk assessments for all security-critical systems.

Required Skills / Qualifications:

• Bachelor’s degree in Computer Science, Cybersecurity, or related field.

• 3+ years of experience in security engineering, ideally in embedded, IoT, or industrial environments.

• Strong knowledge of embedded Linux security and network security fundamentals.

• Experience with certificate-based authentication, TLS, VPNs, and firewalls.

• Familiarity with secure OTA update frameworks and encryption best practices.

• Proficiency in Python, C/C++, or Go.

• Experience with tools like Wireshark, Zeek, or OSQuery for network monitoring and threat detection.

• Excellent communication and collaboration skills in cross-functional teams.

We’re building a winning culture and we’re looking for people who are up for the challenge. Here’s what we expect from day one:

• In-Person Only: We work full-time in the office. No hybrid. No remote.

• Challenge the Status Quo: Question assumptions. Fix broken systems. Principles > rules.

• Move Fast: Focus on what matters, act quickly, and learn by doing.

• Give & Get Feedback: Be direct, be humble. Challenge ideas–including your own.

• Own the Outcome: Take full responsibility. Deliver results. No excuses.

• Act Like an Owner: Be resourceful, mindful of impact, and committed to the business.

• Be Decisive: Drive clarity. Make bold calls with imperfect info.

• Bring the Intensity: This is not a 9-to-5. We're building something hard which requires real commitment.