💼SalesJobsBoard
Jonathan Shtofman

Velocity Sales Representative

Sweet Security

Account ExecutiveOutbound HeavyConsultative
Deal Size: $50K-150K ACV
Sales Cycle: 2-4 months
Posted by Jonathan Shtofman
View Original PostMessage Jonathan

Overview

You're selling Sweet's Runtime CNAPP platform to security teams who are drowning in alerts from their current cloud security tools. You're targeting companies with complex cloud environments (AWS, Azure, GCP) where traditional CNAPP tools create too much noise. Most of your deals are with security engineers and CISOs who need better runtime visibility and faster incident investigation.

Role Snapshot

AspectDetails
Role TypeFull-cycle AE ("Velocity" likely means high-volume, shorter deals)
Sales MotionOutbound-heavy ("true hunter" language suggests self-sourcing)
Deal ComplexityConsultative to Enterprise
Sales Cycle2-4 months
Deal Size$50K-150K ACV (est. for mid-market security tooling)
Quota (est.)$600K-800K/year

Company Context

Stage: Series A/B (estimated - 103 employees, building sales team)

Size: 103 employees

Growth: Actively hiring GTM. New sales leader just joined from accessiBe. Building out velocity motion suggests they're moving down-market or increasing volume.

Market Position: Challenger in crowded CNAPP space. Differentiating on runtime context + AI-powered analysis. Competing against established players (Wiz, Orca, Prisma Cloud) and newer entrants.

GTM Reality

Pipeline Sources:

  • 15% Inbound - Some interest from security conferences, content marketing, and word-of-mouth in security community. Quality varies; many tire-kickers exploring options.
  • 75% Outbound - Cold outreach to security teams at target accounts. You're finding CISOs on LinkedIn, researching their cloud stack, and leading with runtime visibility pain points.
  • 10% Referrals - Early customer advocates, partner ecosystem still developing.

SDR/AE Structure: You're building pipeline yourself. "Velocity" suggests no SDR layer - you prospect, demo, and close. They may add SDRs later but right now you own the full cycle.

SE Support: Likely shared SE pool or you're doing technical demos yourself. At 103 employees, they probably have 1-2 SEs covering all deals.

Competitive Landscape

Main Competitors: Wiz (market leader), Orca Security, Palo Alto Prisma Cloud, traditional CNAPP vendors

How They Differentiate: Runtime context (most CNAPPs are static analysis), AI-powered investigation (their LLM analyzes threats), noise reduction (fewer false positives than traditional tools)

Common Objections:

  • "We already have a CNAPP" (most common)
  • "Another security tool to manage?"
  • "How does your AI actually work?" (skepticism about AI buzzwords)
  • "We need to see this in our environment" (requires POC)
  • Price - security budgets are tight, need to displace or consolidate tools

Win Themes: Faster investigation time, reduced alert fatigue, better runtime visibility than competitors, AI actually reduces manual work (if you can prove it)

What You'll Actually Do

Time Breakdown

Prospecting (40%) | Active Deals (35%) | POCs/Demos (15%) | Internal (10%)

Key Activities

  • Cold outreach to security teams: You're researching companies with cloud infrastructure (AWS-heavy orgs, cloud-native companies), finding their security leaders on LinkedIn, and sending personalized messages about runtime visibility gaps. You're booking 8-12 discovery calls per week. Most don't respond.

  • Running technical discovery calls: You're asking about their current CNAPP setup, alert volume, investigation workflow, and cloud architecture. You need to qualify whether they have enough cloud complexity to justify your platform. Half of your calls end with "we're not looking right now."

  • Managing POCs: You're coordinating 30-day trials where prospects connect their cloud environment. You're checking in on findings, helping them interpret alerts, and hoping they see enough value before the trial expires. POCs often stall because their team is too busy to actually use the tool.

  • Navigating security buying processes: You're dealing with security engineers who love the product but need CISO approval, procurement processes that take 6 weeks, and budget cycles that push deals to next quarter. You're on a lot of "check-in" calls where nothing moves forward.

The Honest Reality

What's Hard

  • Crowded, noisy market: Every security vendor claims AI-powered threat detection. You're fighting through skepticism and "we already have that" objections constantly. Differentiation is hard when prospects are overwhelmed.

  • Long, unpredictable sales cycles: Security teams move slowly. POCs take 30+ days, then you wait for security reviews, then procurement, then legal. Deals you think are closing in Q1 slip to Q2 or Q3. Your forecast is constantly changing.

  • You're building pipeline yourself: No SDR support means you're spending 40% of your time on activities that don't directly close business - list building, cold outreach, following up with no-shows. It's repetitive and most prospects ignore you.

  • Technical credibility required: You're selling to security engineers and CISOs who know more about cloud security than you do. You need to learn CNAPP architecture, runtime vs static analysis, Kubernetes security, and how to talk about their threat landscape credibly.

What Success Looks Like

  • Closing 6-8 deals per quarter in the $50K-150K range
  • Maintaining 3-4x pipeline coverage (you need $2-3M in pipeline to hit $600-800K quota)
  • Converting 20-25% of POCs to closed-won (most fail because prospects are too busy or don't have budget)
  • Building enough early pipeline that you're not scrambling at end of quarter

Who You're Selling To

Primary Buyers:

  • CISOs and VP Security (final decision-maker, budget owner)
  • Security Engineers / Cloud Security Architects (technical evaluators, POC users)
  • Sometimes SecOps or DevSecOps teams (users of the platform)

What They Care About:

  • Reducing alert fatigue: They're drowning in false positives from current tools. They want fewer, more accurate alerts.
  • Faster incident investigation: When something goes wrong, can they figure out what happened quickly? Runtime context helps here.
  • Consolidation: They have too many security tools. Will this replace something or is it another thing to manage?
  • Proof: Security teams are skeptical. They need to see it work in their environment during a POC.
  • Integration with existing stack: Does it work with their SIEM, ticketing system, cloud provider APIs?

Requirements

  • 3+ years selling B2B software, ideally security or infrastructure products (they need someone who can navigate technical buyers)
  • Experience with full-cycle sales where you built your own pipeline (no SDR support means you need to be comfortable prospecting)
  • Comfortable with technical conversations - you should understand cloud architecture, APIs, security concepts at a high level
  • Track record of hitting quota in a competitive market (security space is crowded, lots of vendors fighting for same budget)
  • Hunter mentality - this is outbound-heavy, early-stage, and you'll face a lot of rejection
← Back to all jobs