Bridging the Cybersecurity Skills Gap: Insights from Kip Boyle
The missing mid-tier workers and the real meaning of entry level.
In a world where not all cyber job postings are backed by real intent to hire, Kip Boyle has studied and now describes a practical formula for landing roles. This article distills his advice for cybersecurity students in Washington's technical and community colleges.
This fall, while attending Secure World Seattle, we met Kip Boyle, CEO of Cyber Risk Opportunities LLC. He kindly interviewed with us to explore the evolving landscape of cybersecurity careers and education. Kip’s experience as a hiring manager, consultant, and advocate for workforce development offers crucial insights for educators, students, and professionals navigating the field.
Navigating the Cybersecurity Job Market
Kip’s conversation with our team delved into the complex realities of cybersecurity hiring—especially for community college students and career-changers.
The “Missing Middle” in Training
While many college programs focus on technical roles like SOC analysts, there is a growing demand for professionals in governance, risk, and compliance (GRC). Kip emphasized that experienced IT workers could quickly be upskilled in these specialty areas to fill this gap in mid-tiered cybersecurity jobs. Community colleges should be key providers of this training by offering targeted short-term credentials and employer-aligned training, scheduled on nights and weekends with virtual attendance options for working professionals.
The Hiring Reality Check
Kip provided a nuanced perspective on the often-cited cybersecurity talent shortage, challenging the assumption that every job posting represents a genuine opportunity. While job listings abound, he noted that some companies advertise positions merely to project an image of growth or to passively scan the talent pool—a practice that often leaves qualified candidates disillusioned.
This dynamic is further complicated by the rise of Artificial Intelligence (AI) in the hiring process. When applicants use AI to generate polished resumes and cover letters, the value of these documents disappears. AI can make anyone appear qualified, regardless of actual talent. Furthermore, hiring managers are flooded with too many applications as job seekers increasingly use automation to apply en masse. Employers respond by using AI filtration tools to search through applications and identify those worth interviewing. This new layer of abstraction between the applicant and the opportunity makes professional networking much more strategic and critical these days.
Kip also challenged the notion of an “entry-level cybersecurity role.” Genuine cybersecurity jobs require at least some prior IT experience.
“It’s like wanting an entry-level job as a 747 pilot,” he said. “You need time in smaller cockpits first.”
Kip recommends that beginners consider starting in IT roles as a strategic launchpad into cybersecurity, gaining foundational experience that hiring managers value.
How to Stand Out
With AI leveling the playing field for resumes and cover letters, Kip urged job seekers to “learn in public.”
“Show what you’ve been doing. Build a portfolio. Hiring managers need to see that you’re a problem solver. Let your technical curiosity shine through in projects you post on GitHub.”
He also highlighted the importance of demonstrating a curious, proactive mindset within an organization. “Those in IT roles should show a thirst for learning and invest in professional networking internally. Find out who’s in cyber and take them to coffee.”
Kip shared that, as a manager, he often looked for trainable talent within existing teams—a practice he wishes was more widespread.
Advice for Educators and Workforce Developers
Kip stressed the importance of building direct relationships with employers. “Have a robust advisory panel that includes hiring managers. Ask them what traits and skills they seek, and align your training accordingly.”
He also pointed to the growing role of apprenticeships and work-based learning models, which combine classroom instruction with on-the-job experience. As AI automates more repetitive tasks, the cyber professional’s role will increasingly emphasize oversight, strategy, and human skills—making adaptable, communication-focused training essential.
Kip’s Contributions to the Field
Beyond his consulting work, Kip is committed to broadening access to cybersecurity careers. He offers a Udemy course called “Irresistible: How to Land Your Dream Cybersecurity Position,” based on interviews with hiring managers. “I created this course to help people. It gives them an accurate picture of what employers really want.”
He is also the author of “Fire Doesn’t Innovate,” a book that helps business leaders understand cyber risk through the lens of operational resilience. In it, he argues that every modern company is a tech company—and that cybersecurity must be treated as a core business function, not just an IT expense.
- Udemy course: https://www.udemy.com/course/irresistible-cybersecurity/?couponCode=CP250105G1
- Book: https://www.amazon.com/Fire-Doesnt-Innovate-Executives-Practical-ebook/dp/B0F89NG63B
- Podcast: https://cr-map.com/podcast/
The WA Cybersecurity Center of Excellence continues to partner with industry leaders like Kip to shape responsive, relevant cybersecurity education across Washington’s community colleges.
Article prepared by Nichole Schmitt, Program Manager at the WA Cybersecurity Center of Excellence. To connect with our innovation hub, visit our contact page at: https://coecyber.io/contact.
