mrunalsp09@gmail.com | LinkedIn | GitHub | QA Site
Senior QA Engineer and SDET with close to 5 years across SaaS, WordPress, AI-powered workflows, and government digital platforms. Strong in manual QA, Playwright automation, API validation, OWASP-aligned security testing, CI/CD quality gates, and release ownership.
Career proof: 500+ manual test cases, 200+ Playwright automation cases, 95%+ release stability, 35% regression-cycle reduction, 15+ critical security vulnerabilities identified, and QA ownership across 10+ products.
| Area | Proof |
|---|---|
| Manual QA | Designed/executed 500+ cases across functional, regression, UI, exploratory, cross-browser, and mobile testing |
| Automation/SDET | Built Playwright E2E suites with POM, parallel execution, CI/CD gates, Docker, fixtures, and reports |
| Security QA | Tested OWASP Top 10 risks including SQLi, XSS, IDOR, broken auth, API access-control issues |
| API Testing | Validated REST APIs with Postman across auth, payloads, errors, and integration contracts |
| AI Testing | Tested ZipWP AI builder, SureTriggers automation workflows, SureForms AI generation, SureWriter-style writing flows, prompt/response behaviour, hallucination risk, and agent workflow validation |
| Release Ownership | Owned QA strategy and sign-off for SaaS/WordPress releases with zero critical escapes on SureForms launch |
| Project | Type | Evidence | Focus Areas |
|---|---|---|---|
| SureForms Plugin Test Suite | WordPress Plugin + Playwright | 181 cases designed | SureForms, Business version, POM, Docker, smoke, validation, WIP execution evidence |
| E-Commerce QA | Web + Mobile Manual QA | 35 cases / 12 defects | WooCommerce, cart, checkout, coupons, responsive UX |
| WordPress Astra QA | WordPress Theme QA | 30 cases / 10 defects | Astra, Starter Templates, regression, responsive UI, data integrity |
| AI Application QA | AI/SaaS QA | 32 cases / 11 defects | Prompt validation, prompt injection, hallucination risk, output filtering, file upload, session/state, usability |
| Playwright Automation Framework | SDET Framework | 200+ automation cases | Login flows, form submissions, API mocking, cross-browser, GitHub Actions, Allure |
| OWASP Security Testing Checklist | Security QA | 15+ critical issues found | SQLi, XSS, IDOR, broken auth, API vulnerability checks, remediation notes |
| Category | Skills |
|---|---|
| Manual Testing | Test planning, test case design, execution, regression, exploratory, UI/UX, smoke, UAT, RTM, QA sign-off |
| Automation/SDET | Playwright, JavaScript, TypeScript, Page Object Model, parallel execution, fixtures, GitHub Actions, Docker, Allure |
| API Testing | Postman, REST APIs, auth validation, request/response testing, contract checks, integration flow validation |
| Security QA | OWASP Top 10, SQL Injection, XSS, IDOR, broken authentication, API vulnerability assessment, Burp Suite basics |
| AI QA | Prompt/response validation, hallucination-risk testing, state/session testing, AI agent workflow validation |
| Tools/Platforms | Jira, OpenForge, Git, GitHub, Figma, Zephyr Scale, TestRail basics, WordPress, Android testing, SaaS platforms |
Nov 2022 – Mar 2026 · Pune, India
Products: Astra, Starter Templates, Spectra, CartFlows, ZipWP, SureTriggers, SureForms, SureRank, SureMail, SureWriter.
- Designed and executed 500+ manual cases across 10 SaaS/WordPress products.
- Built Playwright automation suite covering 200+ cases, cutting regression from 3 days to under 8 hours.
- Integrated Playwright into GitHub Actions quality gates, improving release cadence by ~20%.
- Owned QA strategy and release sign-off for ZipWP, SureTriggers, and SureForms launch workflows.
- Tested AI-powered SaaS workflows including ZipWP website generation, SureTriggers automation chains, SureForms AI form generation, and SureWriter writing-assistant flows.
Oct 2021 – Nov 2022 · Delhi, India
Platforms: DigiLocker, SancharSaathi, API Setu, MeriPehchaan, OpenForge, Poshan Tracker, UMANG.
- Executed OWASP Top 10-aligned testing across 7 government platforms.
- Identified 15+ critical vulnerabilities affecting SQLi, XSS, IDOR, and access-control risks.
- Tested REST APIs for auth flaws, injection risks, payload handling, and access-control gaps.
- Validated security fixes through regression before release cycles.
- ISTQB Foundation Level (CTFL) — In Progress
- Playwright Automation Professional Certificate — LambdaTest / Test Automation University, 2024
- Ethical Hacking Introduction — EC-Council / Coursera, 2022
- UX Design Foundations — Google / Coursera, 2023
- MCA — Pimpri Chinchwad College of Engineering, Pune
- B.Sc Computer Science — Moolji Jaitha College, Jalgaon
- LinkedIn: linkedin.com/in/mrunalpatil23
- Email: mrunalsp09@gmail.com
- QA site: mruunalll.github.io/qa-agent-os
- QA evidence projects: github.com/Mruunalll