Overview
You manage a portfolio of VAR partners who resell Bugcrowd's crowdsourced security platform (bug bounty, pentesting, vulnerability disclosure) to enterprises. Your job is to make your partners successful at selling Bugcrowdâyou don't carry a direct sales quota, but you're measured on how much revenue flows through your partner accounts. You're likely managing smaller or newer partners compared to the Senior CAM role, with more focus on activation and enablement than strategic planning.
Role Snapshot
| Aspect | Details |
|---|---|
| Role Type | Channel Account Manager (partner enablement + deal support) |
| Sales Motion | Partner channel (through VARs) |
| Deal Complexity | Consultative to Enterprise |
| Sales Cycle | 3-9 months (you join deals mid-cycle when partners need help) |
| Deal Size | $50K-300K ACV (mix of mid-market and some enterprise) |
| Quota (est.) | $1.5-2M in partner-sourced revenue/year |
Company Context
Stage: Late-stage (3576 employees, likely Series D+ or private equity backed)
Size: 3576 employees
Growth: Large enough to have a formal channel program with regional coverage
Market Position: Category leader in crowdsourced securityâcompeting with HackerOne, Synack, and traditional pentest firms like Rapid7 or Coalfire
GTM Reality
Pipeline Sources:
- 70% Partner-sourced: VARs bring Bugcrowd into existing security deals with their clients
- 20% Deal registration: Partners register opps they found in their base
- 10% Channel-led: You identify white space in partner client bases and tee up intros
Partner Structure: You manage 10-15 VAR partners, likely smaller regional firms or newer partnerships. These are partners still learning how to sell Bugcrowd effectivelyâyou're doing more hand-holding than the Sr. CAM.
SE Support: You have access to shared SEs for partner training and big deal support, but partners are expected to demo and present on their own for most deals.
Competitive Landscape
Main Competitors: HackerOne (main crowdsourced competitor), Synack (boutique), traditional pentest firms (manual, not scalable), in-house red teams
How They Differentiate: Larger hacker community (claimed), more mature platform for continuous testing vs point-in-time pentests
Common Objections: "We already do annual pentests" / "How is this different from our existing vuln scanning?" / "What if hackers leak our vulnerabilities?"
Win Themes: Continuous testing finds more than annual pentests, cost-effective vs maintaining internal red team, compliance-friendly with disclosure controls
What You'll Actually Do
Time Breakdown
Partner Enablement (35%) | Deal Support (35%) | QBRs/Planning (15%) | Internal (15%)
Key Activities
- Partner Activation: Your partners aren't yet mature Bugcrowd sellers. You're running regular training sessions, building their pitch decks, riding along on their first few Bugcrowd calls until they can do it alone
- Deal Support: Partner rep calls you when they're stuckâcompetitive situation, pricing question, technical objection from the CISO. You join late-stage meetings, help with proposals, coach them through negotiations
- Pipeline Development: Look at your partners' client lists, identify good-fit accounts (tech companies, healthcare, finance), push your partners to bring Bugcrowd into those conversations. Half your partners won't do this proactively, so you're driving activity
- Quarterly Business Reviews: Check in with partner leadership quarterly, review pipeline and wins, figure out why certain sales teams aren't engaged, adjust your enablement approach
- Deal Registration: Process deal reg requests, make sure they're legitimate opps, fight with direct AEs when accounts overlap
The Honest Reality
What's Hard
- Your partners need a lot of handholding: Unlike the Sr. CAM's mature partners, yours are still figuring out how to sell crowdsourced security. You're repeating the same training multiple times for new reps who join
- Most partners won't prioritize Bugcrowd: They have 20 other vendors, and unless you're constantly staying in front of them, Bugcrowd falls to the bottom of their focus. You're fighting for mindshare
- No control over partner rep quality: Some of their salespeople are weak. You can't fire them, you just have to work around them or find the good reps and focus there
- Revenue is lumpy: You might go 6 weeks with nothing closing, then hit 3 deals in one week. Forecasting is hard when you're dependent on partner execution
What Success Looks Like
- $1.5-2M in partner-sourced revenue flows through your accounts annually
- You activate 3-4 previously dormant partnersâthey go from zero Bugcrowd deals to consistently including it in proposals
- Close 1-2 solid deals per quarter where your involvement was critical to getting the partner across the line
Who You're Selling To (Through Partners)
Primary Buyers:
- CISOs or VPs of Security (budget holders, care about risk reduction and board reporting)
- Application Security Managers (day-to-day users, care about finding vulnerabilities before production)
- Compliance/Risk leaders (need to check pentesting boxes for SOC2, ISO, PCI)
What They Care About:
- Continuous coverage: Don't want to find critical vulns the day after their annual pentest ends
- Cost vs internal team: Cheaper than hiring 3-4 FTE pentesters, more scalable
- Compliance: Need documentation that they're doing ongoing security testing
- Quality of findings: Worried about noise and false positives from the crowd
Requirements
- 3-5 years in channel sales, partner management, or field sales in cybersecurity or B2B SaaS
- Experience working with resellers or VARsâyou understand how channel partnerships work
- Can speak credibly about security topics (pentesting, vulnerabilities, bug bounties) without sounding clueless in front of technical buyers
- TOLA region strongly preferred (Texas, Oklahoma, Louisiana, Arkansas) for in-person partner meetings
- Comfortable with 30-40% travelâpartner offices, trade shows, joint customer calls