CV ATS — Elyer Gregorio Maldonado

ATS-Friendly CV — Elyer Gregorio Maldonado — Aligned with portfolio e-gregorio.github.io/mi-portafolio

Elyer Gregorio Maldonado

QA Tech Lead • Test Automation Architect • QA Tool Author

Buenos Aires, Argentina • Available for global remote • +54 11 7061-9954 • elyer.g.maldonado@gmail.com
linkedin.com/in/elyergregorio • e-gregorio.github.io/mi-portafolio • github.com/E-Gregorio

13+Years Exp.

12+QASL Tools

10QA Supervised

99.3%Health Score

1,300+AI Test Cases

100%E2E Pass Rate

Professional Summary

QA Tech Lead and Test Automation Architect with 13+ years of experience designing software quality ecosystems in government, fintech, healthtech and e-commerce sectors. Creator of the QASL ecosystem, a suite of 12+ proprietary tools implemented in production with documented results. Technical leader with direct supervision of 10 QA analysts in simultaneous enterprise projects. Specialist in Shift-Left Testing, AI/LLM Testing, Mobile Testing with AI, MLOps QA, Performance Testing and Security Testing. Methodologies aligned with ISTQB v4.0, IEEE 829/830 and ISO/IEC 25010. Author of the VCR Methodology (Value + Cost + Risk), proprietary automation decision algorithm adopted in production. What sets me apart: I don't just run tests — I build the systems others use to run them.

QASL·TOMEX v5.1: 3 coordinated AI agents (Claude/GPT-4/Gemini) — 100 issues detected in ~6 minutes automatically exploring paths on worldwide scope websites
99.3% Health Score in Staging environment — 413+ automated checks across multiple simultaneous enterprise systems
1,300+ test cases generated before development through static analysis with AI (40 gaps detected in 66 seconds with Claude API)
614+ test cases with Multi-LLM platform QASL NEXUS: 92.9 ILT Score · 100% E2E Pass Rate · 0 critical vulnerabilities
Dual-VM QA Infrastructure with 29 tools approved by Management, Servers and SOC — first ecosystem of this level in Argentine government agencies
QASL-MOBILE: only mobile framework with integrated AI (Claude Vision), SAST/DAST and New Relic + Grafana observability
55–60% reduction in critical defects in production · 40% increase in automated coverage
Supervision and technical mentorship of 10 QA analysts in simultaneous enterprise projects

Professional Experience

QA Tech Lead — Test Automation Architect

March 2024 – Present

EPIDATA Consulting • Government and enterprise sector • Multiple NDA clients • Buenos Aires • Hybrid

Technical leader of 10 QA analysts in multiple simultaneous enterprise projects: SMART objectives, technical mentorship and deliverable quality control
Design and implementation of the complete QASL ecosystem: 12+ proprietary tools in production (TOMEX, Certification Framework, MOBILE, NEXUS LLM, INGRID, MLOPS-LAYER, SENTINEL, BACKEND-LIVE, MTP)
Dual-VM QA Infrastructure with 29 tools on RHEL 10, approved by Management, Servers and SOC; 5 Docker containers orchestrated with Grafana, Prometheus and InfluxDB
Shift-Left static testing: 1,300+ test cases generated before first code; 40 gaps detected in 66 seconds through HU analysis with Claude API
Proprietary Fullstack Scanner methodology: simultaneous UI and API validation with real-time Dual Panel; 99.3% Health Score with 413+ automated checks
Complete CI/CD Pipeline GitLab Runner Docker: stages INFO → E2E → API → NOTIFY → DEPLOY with automatic PASS/FAIL notifications
Performance Testing: Stress 200–1,000+ VUs and Soak 1–4h with K6 and JMeter; p50/p90/p99 metrics; race conditions and memory leaks detection
Security Testing: OWASP ZAP (SQLi, XSS, CSRF, LFI), MobSF SAST for APKs, Garak/NVIDIA NeMo with OWASP LLM Top 10 2025
Mobile Testing with AI: Maestro for Android/iOS, Claude Vision for autonomous UX/UI analysis, real-time New Relic + Grafana observability
55–60% reduction in critical defects · 40% increase in automated coverage

Stack: Playwright 1.50, TypeScript, Newman, K6, JMeter, Gatling, OWASP ZAP, Garak, MobSF, Maestro, GitLab CI/CD, GitLab Runner Docker, GitHub Actions, Docker, Docker Compose, React 18, Vite, PocketBase, Claude API, GPT-4, Gemini, Grafana, Prometheus, InfluxDB, Loki, New Relic, Allure, PostgreSQL 16, Node.js, Python, JIRA, Xray, RHEL 10

QA Automation Engineer

August 2020 – December 2024

UPEX • E-commerce • Fintech (PCI-DSS, ISO 8583) • Healthtech (HIPAA) • Remote

30% reduction in regression execution time with Playwright and TypeScript (Page Object Model, parallel execution)
40% increase in automated test coverage: regression, smoke, sanity and contract testing
55% reduction in critical defects in production
Performance Testing with JMeter and K6; Security Testing with OWASP ZAP in critical flows (authentication, payments, PCI-DSS, HIPAA)
CI/CD with GitHub Actions · Training of 15+ professionals in QA Automation and testing best practices

Stack: Playwright, TypeScript, Newman, Postman, JMeter, K6, OWASP ZAP, GitHub Actions, Docker, Allure, JIRA, TestRail

Project Manager / QA Lead

April 2013 – May 2020

STOP MEDICAL ESTENDELY • Healthcare sector • HIS Systems • Caracas, Venezuela • On-site

Successful HIS implementation in 5 medical centers with no critical incidents in production
65% reduction in data migration errors · Coordination of teams up to 8 professionals · HIPAA compliance

QASL Ecosystem — 12+ Proprietary Tools

QASL·TOMEX v5.1 "The Tomograph" — Flagship 2026

Autonomous Multi-Agent QA Security Scanner · 3 AI Agents · 70 seconds

First autonomous QA audit system with Claude/Director, GPT-4/Veins and Gemini/Surface coordinated. Scans any URL in 3 dimensions: UI, APIs and code. Automatic Path Discovery of hidden routes, Data Exposure Scanner, autonomous Frontend Interactor. PDF report with vulnerabilities by code line in 70 seconds. Real-time Grafana dashboard.

Stack: Claude API, GPT-4, Gemini, Playwright, Grafana, TypeScript, Docker, Node.js

QASL-MOBILE — Shift-Left Mobile Testing with AI Validation

Only mobile framework with integrated AI · SAST/DAST · New Relic 5 pages · Real-time Grafana

Android/iOS automation with Maestro, APK static analysis with MobSF (SAST), dynamic security with OWASP ZAP mobile APIs, autonomous UX/UI analysis with Claude Vision. New Relic dashboard 5 executive pages and real-time Grafana. Health Score with 4 weighted components.

Stack: Maestro, MobSF, OWASP ZAP, Claude Vision, New Relic, Grafana, InfluxDB, Newman, Docker, ADB, Android SDK

QASL NEXUS LLM — Multi-LLM QA Platform

12 Microservices · 614+ TCs · 92.9 ILT Score · 100% E2E Pass Rate · 0 critical vulnerabilities

First QA platform with multiple LLMs. 12 microservices integrating Claude Opus/Sonnet, GPT-4 and Gemini 2.5 Pro. Proprietary VCR Decision Engine. MCP integration with Jira, Xray, TestRail and Azure DevOps.

Stack: TypeScript, Claude API, GPT-4, Gemini, PostgreSQL 16, Docker, MCP, K6, OWASP ZAP, Garak, Grafana

INGRID v2.0 — AI Assistant + LLM Testing Framework

LLM-as-Judge · Red-Teaming · OWASP LLM Top 10 2025 · NIST AI RMF

Framework for LLM systems testing with multi-dimensional evaluation: relevance, precision, coherence, completeness and hallucination detection. Red-Teaming with Garak/NVIDIA NeMo: prompt injection, jailbreak, PII leakage.

Stack: TypeScript, Claude API, Garak, Python, Grafana, Prometheus, Docker

QASL-BACKEND-LIVE-SCANNER — Integration Discovery Engine

Health Score 0–100 · Release Verdict · 30 Grafana panels · Production 2026

Analyzes E2E HAR files and automatically discovers cross-system integrations. Generates Health Score + Verdict: APPROVED / OBSERVATIONS / HIGH RISK. 12 Express.js API Endpoints with Infinity Datasource for live Grafana.

Stack: Node.js, Playwright HAR, Grafana, Express.js, Docker, SVG Animations

QASL-SENTINEL-UNIFIED — QA Command Center

Monitor · 55 Grafana panels · DEFCON System DC-1 to DC-5

Unified command center. Dual monitoring Backend APIs (Prometheus) + Frontend DOM (Playwright + InfluxDB). 55 Grafana panels in 8 sections. DEFCON system (DC-1 critical → DC-5 nominal).

Stack: Node.js, TypeScript, Playwright, Claude API, Grafana, Prometheus, InfluxDB, PDFKit, OWASP ZAP

Dual-VM QA Infrastructure — 29 Tools

Design, proposal and deployment of complete architecture approved by Management, Server Department and SOC (government NDA client). First ecosystem of this level in Argentine government agencies. 5 orchestrated Docker containers: Grafana, Prometheus, InfluxDB, Node Exporter, MobSF.

Automation VM — 4 vCPUs, 7.5 GiB RAM, RHEL 10.1, 12 tools: Playwright 1.50, TypeScript, Newman, Allure, GitLab Runner CI/CD, Docker
Performance and Security VM — 8 vCPUs, 15 GiB RAM, RHEL 10.1, 17 tools: K6, JMeter, OWASP ZAP, Garak, MobSF, Grafana, Prometheus, InfluxDB

Technical Stack

E2E Automation

Playwright 1.50, TypeScript, Page Object Model, Fixtures, Parallel Execution, Allure Reports

API Testing

Newman, Postman Collections, REST, SOAP, Contract Testing, automatic HTML reports

Performance Testing

K6, JMeter, Gatling — Stress 1,000+ VUs, Load Testing, Soak 1–4h, p50/p90/p99 metrics

Security Testing

OWASP ZAP, MobSF (mobile SAST/DAST), Garak (NVIDIA NeMo), OWASP Top 10, SQLi, XSS, CSRF, LFI

AI / LLM Testing

Claude API, GPT-4, Gemini 2.5 Pro, Garak Red-Teaming, LLM-as-Judge, OWASP LLM Top 10 2025

Mobile Testing

Maestro (Android/iOS), MobSF SAST/DAST, OWASP ZAP mobile APIs, Claude Vision (UX/UI), ADB

Observability

Grafana, Prometheus, InfluxDB, Loki, New Relic, executive dashboards, mobile PWA, dynamic PDF

CI/CD & DevOps

GitLab CI/CD, GitLab Runner Docker, GitHub Actions, Docker, Docker Compose, RHEL 10

VCR Methodology (proprietary)

V+C+R for automation decision: VCR ≥9 → automate · VCR <9 → manual

Certifications

Playwright Certification — UPEX

2023 · Obtained

API Testing Certification — UPEX

2024 · Obtained

Claude Code in Action — Anthropic Academy

2025 · 87.5%

ISTQB Foundation Level v4.0

In progress

Languages

Spanish — Native

English — Advanced technical reading and writing. Functional oral communication.