SALES LEAD – GROWTH & BUSINESS DEVELOPMENT

PLEASE NOTE : Send your application to . Read section HOW TO APPLY and follow instructions.

Location: Mumbai (Hybrid) | Reports To: Managing Partner | Type: Full-Time Experience: 5–10 years | CTC: Competitive + uncapped incentives| Notice Period: Immediate – 30 days max

━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━

ABOUT US

Securisti Consulting LLP (SCLLP) is a specialist cybersecurity and GRC advisory firm serving regulated-sector clients across India. Core service lines: Managed GRC, TPRM, VAPT, Compliance Advisory, Continuous Controls Assurance Programme (CCAP), and AI Governance - delivered through an automation-first model anchored on the Eramba GRC platform.

We are a lean, high-conviction team. This is not about inheriting a running engine - it is about building one.

━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━

MARKET & BUSINESS UNDERSTANDING EXPECTED

You must demonstrate working knowledge of the following within your first 30 days. This is not optional - it is the baseline for all commercial activity.

Regulatory Landscape: RBI cybersecurity guidelines, IRDAI IT governance mandates, SEBI CSCRF, DPDPA 2023, ISO 27001:2022 transition economics, PCI DSS v4.0.1 mandate timelines, CERT-In directions, and emerging AI governance frameworks (ISO 42001).

Target Buyers: CISOs, CROs, Compliance Heads, and DPOs in mid-market BFSI, insurance, fintech, NBFC, and OTT companies. IT/InfoSec Heads navigating first compliance audits. Series A–C fintech founders seeking ISO 27001 or SOC 2 as a sales enabler. Vendor risk and procurement teams evaluating GRC providers.

Competitive Dynamics: How Big 4 pricing creates an underserved mid-market gap. The difference between tool vendors (OneTrust, Vanta, Drata, Sprinto) and advisory-led GRC firms like SCLLP. The shift from annual-audit compliance to continuous controls assurance.

Our Edge: Automation-first GRC on Eramba (not a checkbox tool). AI-augmented advisory with human-in-the-loop governance. 176-control cross-framework library (ISO 27001, NIST 800-53, CIS v8). CCAP as a recurring-revenue, high-stickiness model vs. one-time projects.

━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━

THE ROLE

You will own SCLLP's entire commercial function. No sales team to inherit, no CRM full of warm leads, no marketing agency on retainer. You build the pipeline from scratch: identify targets, craft outreach, run discovery, create proposals, negotiate, and close. You also own brand visibility - LinkedIn, thought leadership, events, and partnerships. Builder's role, not a manager's role.

━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━

KEY RESPONSIBILITIES

• GTM Strategy & Execution → Define and execute GTM strategy per service line with clear ICP definitions and channel strategy → Map the top 100 target accounts across BFSI, fintech, insurance, and OTT within 45 days → Build a repeatable outbound motion: OSINT-backed research, personalised sequences, multi-channel follow-ups → Own competitive intelligence and pricing positioning
• Sales Pipeline & Revenue → Build and manage a structured pipeline from cold outreach to signed engagement letters → Own full sales cycle: qualification (BANT/MEDDIC), discovery, proposals, negotiation, closure → Establish CRM discipline from day one - pipeline stages, activity logging, forecasting → Monthly pipeline reviews with the Managing Partner → Target: first signed client within 60 days; three active engagements within 90 days
• Marketing & Brand Building → Own LinkedIn and digital presence: weekly posts, thought leadership, regulatory insight pieces → Create sales collateral: capability decks, service-line one-pagers, battle cards, case studies → Content calendar aligned to regulatory timelines (ISO deadlines, RBI circulars, DPDPA dates) → Event participation: webinars, CISO roundtables, partnership forums
• Business Development & Partnerships → Pursue channel partnerships: technology partners (Eramba, ManageEngine, Sophos etc.), VADs, consulting alliances → Initiate international market entry (Thailand, GCC, Southeast Asia) → Draft engagement letters, SOWs, and proposals with proper scoping and milestone billing

━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━

⚠️ NON-NEGOTIABLES

These are absolute requirements. Candidates who do not meet them will not be considered.

• Minimum 5 years B2B sales experience selling cybersecurity, GRC, or compliance services to regulated industries. No domain learning curve.
• Proven track record of building pipeline from zero in a startup or boutique context - not just inheriting enterprise accounts with inbound flow.
• Demonstrated ability to close ₹10L–50L+ annual deals within 60–90 day cycles.
• Working knowledge of at least three of: ISO 27001, SOC 2, PCI DSS, RBI guidelines, IRDAI mandates, DPDPA, NIST CSF. You will be in rooms with CISOs - you must hold technical conversations.
• Strong written communication - proposals, outreach, LinkedIn content, client documents - without heavy editing. Every communication is a brand statement.
• Self-starter with high ownership. No playbook to follow - you create it.
• Comfort with AI-augmented workflows (AI platforms like Claude or other automation platforms) as daily productivity tools.
• No moonlighting, no side gigs. Full commitment. Split attention shows in pipeline quality within month one.

━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━

DAY EXPECTATIONS

Willing to accept challenges and be ready to adapt to delivering defined deliverables from day 1 of joining. timeline based expectations will be discussed with shortlisted candidates.

━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━

PREFERRED (NOT MANDATORY)

• MBA or equivalent; CISM, CISA, or ISO 27001 LA certification
• Existing BFSI/fintech CISO and compliance network in India
• Experience with GRC platforms (Eramba, ServiceNow GRC, Archer, OneTrust)
• International market exposure (Thailand, GCC, Southeast Asia)

━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━

COMPENSATION

• Fixed+ Variable CTC: Competitive, benchmarked to experience band
• Incentives: Uncapped commission tied to signed revenue
• Equity/Profit-share: Discussion-ready for Directorship-track candidates

━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━

HOW TO APPLY

• CV (PDF, max 2 pages)
• One-page cover note answering: "What is the single biggest untapped opportunity in India's cybersecurity GRC market, and how would you go after it for SCLLP in the first 90 days?"
• Links to published thought leadership or LinkedIn posts you have authored
• Details of Notice Period and how soon you can join, Current CTC, Expected CTC

Send Applications to

Applications without the cover note will not be considered.