💼SalesJobsBoard
Cameron Youngblood

Business Development Representative (BDR)

360 Advanced

BDROutbound HeavyConsultative
Deal Size: $25K-150K+ (typical compliance/security project size)
Sales Cycle: 2-4 months (AE cycle, not BDR responsibility)
Posted by Cameron Youngblood
View Original PostMessage Cameron

Overview

You're the first point of contact for prospects who've never heard of 360 Advanced. You'll spend your day calling CISOs, IT Directors, and compliance managers at companies that need SOC 2, ISO 27001, HIPAA, or PCI DSS certifications. You're booking discovery calls for AEs, not closing deals. This is pure volume outbound work in a crowded market where dozens of firms offer similar services.

Role Snapshot

AspectDetails
Role TypeOutbound BDR - meeting generation only
Sales MotionOutbound-heavy (80%+) with minimal inbound
Deal ComplexityConsultative - requires educating on compliance requirements
Sales CycleYour job is booking meetings; AE cycle is 2-4 months
Deal SizeN/A - you don't close, but deals likely $25K-150K+
Quota (est.)15-20 qualified meetings per month

Company Context

Stage: Bootstrapped/Private (20+ years in business, 135 employees)

Size: 135 employees

Growth: New CRO just started, building GTM team from scratch - signals investment in revenue growth

Market Position: Mid-tier player in crowded cybersecurity/compliance space - 900+ clients but not a household name

GTM Reality

Pipeline Sources:

  • 80-90% Outbound - cold calls, LinkedIn outreach, email sequences to target accounts
  • 10-20% Inbound - website inquiries from companies needing compliance (usually small volume)
  • Minimal partner referrals at this stage

SDR/AE Structure: You're the BDR feeding meetings to AEs. New team means you'll be figuring out messaging and cadences together.

SE Support: No dedicated SEs - AEs likely handle technical discovery themselves or bring in delivery team for complex assessments.

Competitive Landscape

Main Competitors: Coalfire, Schellman, A-LIGN, Prescient Assurance, plus dozens of regional compliance firms and Big 4 consulting

How They Differentiate: 20+ years in business, 900+ satisfied clients, integrated approach (not just checking boxes)

Common Objections: "We already have a compliance vendor", "Too expensive", "We'll handle it internally", "Not ready yet"

Win Themes: Experience across multiple frameworks, not just audit-focused but security-focused, proven track record

What You'll Actually Do

Time Breakdown

Cold Calling (50%) | Email/LinkedIn (30%) | Research/Admin (20%)

Key Activities

  • Cold calling decision-makers: 60-80 calls per day to CISOs, IT Directors, Compliance Managers. Most go to voicemail. You're trying to catch them at the right moment when compliance is top-of-mind (audit coming up, customer requirement, security incident).
  • Email sequences and LinkedIn outreach: Multichannel cadences to break through. You'll spend time researching companies to personalize messages - what frameworks they likely need, recent funding that triggers compliance requirements, etc.
  • Qualifying interested prospects: When someone responds, you're asking questions about their current compliance state, timeline, frameworks needed, and budget authority before handing off to AE.
  • CRM hygiene and activity tracking: Logging every call, email, and interaction. Updating lead status. Reporting on daily/weekly metrics.

The Honest Reality

What's Hard

  • Low response rates: Most prospects already have a compliance vendor or aren't actively looking. You'll hear "send me information" (they won't read it) or get ghosted after initial interest.
  • Complex value prop to communicate quickly: Compliance services aren't simple to explain. You need to understand SOC 2 vs ISO vs HIPAA vs PCI well enough to have credible conversations, but you're not a security expert yet.
  • Long research requirements: You can't just dial for dollars. Effective outreach requires understanding each company's industry, likely compliance needs, and recent triggers (funding, partnerships, customer requirements).
  • Rejection and gatekeepers: You'll get hung up on. Assistants will block you. Prospects will be rude because they get pitched cybersecurity services constantly.

What Success Looks Like

  • Hit 15-20 qualified meeting quota monthly (meetings that show up and have legitimate compliance needs)
  • 2-3% connect rate on cold calls (meaning actual conversations)
  • AEs convert 30-40% of your meetings to opportunities (if lower, you're booking unqualified meetings)

Who You're Selling To

Primary Buyers:

  • CISOs and IT Directors (usually your champion, they own security and compliance)
  • Compliance Managers/Officers (at larger companies with dedicated compliance teams)
  • CFOs/COOs (sometimes involved, especially at smaller companies where compliance is seen as a business requirement)

What They Care About:

  • Passing audits on time: They have deadlines (customer requirements, contract renewals) and can't afford to fail
  • Minimizing internal lift: They're already stretched thin, want a vendor who does heavy lifting
  • Cost predictability: Compliance projects can balloon in scope; they want fixed pricing or clear estimates
  • Auditor credibility: They need a firm that auditors respect and that won't cause re-work

Requirements

  • 1-2 years in outbound sales or SDR/BDR role preferred (or new grad with strong work ethic)
  • Comfortable making 60-80 cold calls daily and hearing "no" constantly
  • Quick learner - you need to understand compliance frameworks (SOC 2, ISO 27001, HIPAA, etc.) well enough to have credible conversations
  • Strong research skills - effective prospecting requires understanding company context
  • Resilience and consistency - this is a grind, and success comes from daily discipline
  • CRM proficiency (Salesforce or similar) and tech stack comfort (outreach tools, LinkedIn Sales Navigator)
← Back to all jobs