Open to opportunities

Ilya Shaposhnikov

@ilyashaposhnikov

Message

Security team leader specializing in offensive, application and IoT security.

Spain

Message

What I'm looking for

I am looking to lead and scale offensive and application security programs, mentor teams, deliver measurable vulnerability reduction, and work in collaborative, security-focused organizations that value research and technical excellence.

I am a security specialist and team leader with over nine years of hands-on experience in offensive security, application security and research. For the last six years I led Offensive (RedTeam), Application and Research security teams, implementing processes across large organizations.

I developed and deployed complete offensive testing and application security processes at companies with thousands to over a hundred thousand employees, and delivered B2B security services and education internally. I hold OSCP and OSEP certifications and a Master’s degree in Information Security.

My technical work includes penetration testing of TCP/IP and wireless networks, cloud systems, websites and mobile applications; I discovered 21 critical IoT vulnerabilities and produced widely read security articles and conference talks. I also developed tools for secrets discovery and pentest collaboration and authored public security projects.

I regularly speak at international InfoSec conferences (including BlackHat), run bug bounty research in my free time, and seek roles where I can lead offensive security programs, improve application security posture, and mentor technical teams while delivering measurable risk reduction.

Experience

Work history, roles, and key accomplishments

Security Team Leader

My.Games

Jan 2024 - Jan 2026 (2 years)

Led offensive security and application security functions, implemented end-to-end penetration testing and application security processes, and developed automated vulnerability processing and secrets-detection tooling that improved response workflows.

Application Security Penetration Testing AWS Security Mobile Security Vulnerability Management Secret Detection Digital Forensics

Penetration Tester

Amazon

Jan 2023 - Jan 2024 (1 year)

Provided offensive security services for internal teams, developed a novel pentest solution for proprietary service-to-service protocol, and led cross-team AppSec/pentest initiatives and internal training sessions.

Mobile Security Security Protocols

Security Research Team Lead

PAO Rostelecom

Jan 2019 - Jan 2023 (4 years)

Led a security research (RedTeam) group delivering IoT, SCADA, cloud and mobile penetration testing, created Hadoop security testing service, and led 20+ IoT testing projects with customer accolades.

IoT Security Cloud Security Vulnerability Research Team Leadership Network Penetration Incident Response

Security Analyst

PAO Rostelecom

Jul 2017 - Jan 2019 (1 year 6 months)

Pioneered IoT security research and integrated IoT testing processes into RedTeam operations while performing network, wireless and web penetration tests.

IoT Security Wireless Penetration Network Penetration Web Security Security Research Vulnerability Discovery Reporting

Offensive Security Expert

Compliance Control Ltd

Jul 2016 - Jul 2017 (1 year)

Conducted penetration testing engagements for payment systems covering external, internal and web application assessments as a hands-on offensive engineer.

Internal Network Testing Reporting Vulnerability Assessment

Education

Degrees, certifications, and relevant coursework

Bauman Moscow State Technical University

Master of Science, Information Security

2016 - 2022

Activities and societies: Captain of university information security CTF team “SFT0”; speaker at internal university conferences; recommended for PhD; helped develop a new educational program for information security specialists.

Master of Science in Information Security of Automated Systems; served as captain of the university information security CTF team and contributed to curriculum development.