Sales Lead – Growth & Business Development

Job Description:

MARKET & BUSINESS UNDERSTANDING EXPECTED
You must demonstrate working knowledge of the following within your first 30 days. This is not optional - it is the baseline for all commercial activity.
Regulatory Landscape: RBI cybersecurity guidelines, IRDAI IT governance mandates, SEBI CSCRF, DPDPA 2023, ISO 27001:2022 transition economics, PCI DSS v4.0.1 mandate timelines, CERT-In directions, and emerging AI governance frameworks (ISO 42001).
Target Buyers: CISOs, CROs, Compliance Heads, and DPOs in mid-market BFSI, insurance, fintech, NBFC, and OTT companies. IT/InfoSec Heads navigating first compliance audits. Series A–C fintech founders seeking ISO 27001 or SOC 2 as a sales enabler. Vendor risk and procurement teams evaluating GRC providers.
Competitive Dynamics: How Big 4 pricing creates an underserved mid-market gap. The difference between tool vendors (OneTrust, Vanta, Drata, Sprinto) and advisory-led GRC firms like SCLLP. The shift from annual-audit compliance to continuous controls assurance.
Our Edge: Automation-first GRC on Eramba (not a checkbox tool). AI-augmented advisory with human-in-the-loop governance. 176-control cross-framework library (ISO 27001, NIST 800-53, CIS v8). CCAP as a recurring-revenue, high-stickiness model vs. one-time projects.

THE ROLE
You will own SCLLP's entire commercial function. No sales team to inherit, no CRM full of warm leads, no marketing agency on retainer. You build the pipeline from scratch: identify targets, craft outreach, run discovery, create proposals, negotiate, and close. You also own brand visibility - LinkedIn, thought leadership, events, and partnerships. Builder's role, not a manager's role.

KEY RESPONSIBILITIES
GTM Strategy & Execution → Define and execute GTM strategy per service line with clear ICP definitions and channel strategy → Map the top 100 target accounts across BFSI, fintech, insurance, and OTT within 45 days → Build a repeatable outbound motion: OSINT-backed research, personalised sequences, multi-channel follow-ups → Own competitive intelligence and pricing positioning
Sales Pipeline & Revenue → Build and manage a structured pipeline from cold outreach to signed engagement letters → Own full sales cycle: qualification (BANT/MEDDIC), discovery, proposals, negotiation, closure → Establish CRM discipline from day one - pipeline stages, activity logging, forecasting → Monthly pipeline reviews with the Managing Partner → Target: first signed client within 60 days; three active engagements within 90 days
Marketing & Brand Building → Own LinkedIn and digital presence: weekly posts, thought leadership, regulatory insight pieces → Create sales collateral: capability decks, service-line one-pagers, battle cards, case studies → Content calendar aligned to regulatory timelines (ISO deadlines, RBI circulars, DPDPA dates) → Event participation: webinars, CISO roundtables, partnership forums
Business Development & Partnerships → Pursue channel partnerships: technology partners (Eramba, ManageEngine, Sophos etc.), VADs, consulting alliances → Initiate international market entry (Thailand, GCC, Southeast Asia) → Draft engagement letters, SOWs, and proposals with proper scoping and milestone billing

NON-NEGOTIABLES
These are absolute requirements. Candidates who do not meet them will not be considered.
Minimum 5 years B2B sales experience selling cybersecurity, GRC, or compliance services to regulated industries. No domain learning curve.
Proven track record of building pipeline from zero in a startup or boutique context - not just inheriting enterprise accounts with inbound flow.
Demonstrated ability to close ₹10L–50L+ annual deals within 60–90 day cycles.
Working knowledge of at least three of: ISO 27001, SOC 2, PCI DSS, RBI guidelines, IRDAI mandates, DPDPA, NIST CSF. You will be in rooms with CISOs - you must hold technical conversations.
Strong written communication - proposals, outreach, LinkedIn content, client documents - without heavy editing. Every communication is a brand statement.
Self-starter with high ownership. No play book to follow - you create it.
Comfort with AI-augmented workflows (AI platforms like Claude or other automation platforms) as daily productivity tools.
No moonlighting, no side gigs. Full commitment. Split attention shows in pipeline quality within month one.

30-60-90 DAY EXPECTATIONS
Willing to accept challenges and be ready to adapt to delivering defined deliverables from day 1 of joining. timeline based expectations will be discussed with shortlisted candidates.

PREFERRED (NOT MANDATORY)
MBA or equivalent; CISM, CISA, or ISO 27001 LA certification
Existing BFSI/fintech CISO and compliance network in India
Experience with GRC platforms (Eramba, Service Now GRC, Archer, One Trust)
International market exposure (Thailand, GCC, Southeast Asia)

COMPENSATION
Fixed+ Variable CTC: Competitive, benchmarked to experience band
Incentives: Uncapped commission tied to signed revenue
Equity/Profit-share: Discussion-ready for Directorship-track candidates