Skip to content
View Shurtug4l's full-sized avatar

Block or report Shurtug4l

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don’t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
Shurtug4l/README.md

Simone La Porta

Analyst · Data & AI Ethics @ Deloitte Advisory
ISO/IEC 42001 Lead Auditor · Cybersecurity Specialist

Rotating titles

$ whoami
────────────────────────────────────────────────────────────────────────
 ROLE    Analyst · Data & AI Ethics @ Deloitte Advisory (Milan)
 WORK    agentic AI development: GenAI platform guardrails ·
         multi-agent codebase review · trustworthy AI · cybersecurity
 GOAL    LLM and agentic systems, secure by design
 CERTS   ISO/IEC 42001 Lead Auditor · Cybersecurity Specialist (EPICODE)
 EDU     MSc Astrophysics & Cosmology · University of Bologna
 NOW     AI Solutions Architect master @ ProfessionAI
         00-07 delivered · 08-10 planned
────────────────────────────────────────────────────────────────────────

About

My work at Deloitte has been shifting from assessing AI systems to building them. Today I develop agentic AI solutions on a proprietary GenAI platform, where I designed the risk methodology and the guardrails applied to every agent and app it ships, and I co-develop a multi-agent system that reviews agentic codebases by combining static analysis with LLM-based evaluation of governance, compliance and risk. The rest of my time goes to trustworthy-AI implementation (EU AI Act, ISO/IEC 42001, NIST AI RMF) and cybersecurity: risk assessments, security policies, access audits, awareness campaigns.

Astrophysicist by education (MSc, University of Bologna), I came to AI through ML research on gravitational lensing, with a thesis on automatic differentiation (PyTorch / TensorFlow). I co-authored HH4AI, a methodological framework for AI Human Rights Impact Assessment under the EU AI Act (LSAI 2025, Pisa). Off the keyboard, the mountains: ski mountaineering, alpinism, trail running.

Featured work

Type-safe LLM vulnerability triage on Pydantic AI + a custom MCP server. Ten typed tools (NVD · OSV · CISA KEV · EPSS · Exploit-DB · MITRE ATT&CK · SBOM · Nmap) ground every answer into a validated TriageReport with a deterministic SSVC verdict. Build it, then threat-model it: MITRE ATLAS red-team battery, OWASP LLM Top 10 + ISO 42001 mapping, reproducible scorecard (resistance · retrieval MRR · cost / latency · calibration).

Live demo — keyless, replays real captured triages across the full SSVC ladder, with a scorecard.

One hands-on project per master module: RAG for a company knowledge base, two agentic capstones, multi-cloud architecture, ML deployment. Modules 00-07 delivered, 08-10 planned; full progress log in the repo README.

MSc thesis code grown into a PyTorch toolkit for parametric strong, weak and microlensing, extended with deep-learning and LLM-assisted case studies.

Stack

agentic          LangGraph · LangChain · Pydantic AI · MCP · n8n
llm / rag        OpenAI / Azure / Anthropic APIs · Hugging Face Transformers
                 sentence-transformers · LiteLLM · ChromaDB · FAISS · BM25 hybrid · Ollama
engineering      Python · FastAPI · Flask · Docker · pytest · Git · GitHub Actions · Bash · SQL
ai-assisted dev  Claude Code (daily driver) · GitHub Copilot · agentic coding workflows
cloud / mlops    AWS SageMaker · Azure ML / OpenAI · Vertex AI (GCP)
ml / data        PyTorch · TensorFlow · scikit-learn · pandas · NumPy
ai security      OWASP LLM Top 10 · MITRE ATLAS · LLM red teaming · threat modeling
governance       EU AI Act · ISO/IEC 42001 · NIST AI RMF
vapt             Nmap · Metasploit · Burp Suite · SQLmap · Nessus · Wireshark · Splunk · Semgrep

Full CV, experience and education on LinkedIn.

Pinned Loading

  1. sec-recon-agent sec-recon-agent Public

    Type-safe LLM vulnerability triage on Pydantic AI + MCP. Ten typed tools (NVD, OSV, KEV, EPSS, Exploit-DB, ATT&CK, SBOM, Nmap) ground a validated TriageReport with a deterministic SSVC verdict. Red…

    Python

  2. AI_solutions_architect_course AI_solutions_architect_course Public

    AI Solutions Architect Master

    Jupyter Notebook

  3. CS0424IT CS0424IT Public

    Repository for my Cybersecurity Specialist course @ EPICODE -> CS0424IT.

    Python 1

  4. Applications-of-Automatic-Differentiation-in-Gravitational-Lensing Applications-of-Automatic-Differentiation-in-Gravitational-Lensing Public

    Simone La Porta's Master thesis in gravitational lensing with applications of automatic differentiation @ Alma Mater Studiorum - Università di Bologna

    TeX

  5. lensing lensing Public

    PyTorch toolkit for parametric strong, weak and microlensing — MSc thesis code (UNIBO 2024) extended with deep-learning, big-data and LLM-assisted case studies.

    Jupyter Notebook