Skip to content
Skip to content
finalbossqafinalbossqa
Get early accessSign in
Free · Read without signing up

QA CareerNavigation Map

A practical navigation map for the QA engineering career path — based on what actually works today, not a decade ago. Use it to orient yourself, not as a rigid prescription.

What this is — and isn't

This is a free, informational career navigation map — not a course catalogue. It shows the full QA learning path so you can orient yourself regardless of how you learn.

I currently teach phases 1–5 (the core path) only. The advanced tracks are included as guidance and point to external resources — they are not courses or services I provide.

Phases:
8 phases (5 core + 3 advanced)
Requirements:
No degree needed
Coverage:
AI-era skills included
Schedule:
Works alongside a full-time job

5 core phases · 3 advanced tracks

Roadmap phases

Path
Topic
8 phases
Core Path
Core pathBeginner1–2 weeks

QA Foundations

Understand what QA is, where it fits in the software lifecycle, and develop the tester mindset.

  • What QA actually is (and isn't)
  • The tester mindset — finding bugs others miss
  • Types of testing: manual, automated, exploratory
  • +3 more…

All skills

  • What QA actually is (and isn't)
  • The tester mindset — finding bugs others miss
  • Types of testing: manual, automated, exploratory
  • SDLC and where QA fits in Agile sprints
  • The 7 principles of software testing
  • Risk-based thinking: what to test first and why

Tools

Confluence / Notion (docs)Jira (issue tracking concepts)

Deliverables

  • Written breakdown of SDLC phases in your own words
  • 10 questions a tester should ask before testing any feature

Done when…

  • Can explain the difference between verification and validation
  • Can describe where QA fits in an Agile sprint
  • Understands the 7 principles of testing (ISTQB Foundation)

What you'll be able to do

  • Explain what QA does to a non-technical stakeholder
  • Identify risk areas in a feature specification
  • Participate meaningfully in sprint planning

Portfolio proof

Write a 'QA onboarding guide' for a fictional project — what you'd ask, what you'd test first, and why.

Core pathBeginner2–3 weeks

Manual Testing

Master test design techniques and write bug reports that developers act on immediately.

  • Writing test cases and test plans
  • Equivalence partitioning & boundary value analysis
  • Decision table and state transition testing
  • +3 more…

All skills

  • Writing test cases and test plans
  • Equivalence partitioning & boundary value analysis
  • Decision table and state transition testing
  • Exploratory testing with session-based charters
  • Bug reporting: steps to reproduce, severity, impact
  • Regression, smoke, and sanity testing

Tools

TestRail or Xray (test management)Jira (bug tracking)Browser DevTools (console + network)

Deliverables

  • Full test plan for a simple e-commerce checkout flow
  • 5 high-quality bug reports with screenshots and reproduction steps

Done when…

  • Can apply equivalence partitioning to any input field
  • Writes bug reports that require zero developer clarification
  • Can design a test suite from a requirements document

What you'll be able to do

  • Design a complete test suite from scratch
  • Write a bug report that gets fixed the same sprint
  • Run a structured exploratory testing session

Portfolio proof

Test a real open-source web app, write 3 production-quality bug reports, and submit them as GitHub issues.

Core pathIntermediate2–3 weeks

API & Data Validation

Test REST APIs confidently, validate data integrity, and debug state mismatches between layers.

  • REST fundamentals: methods, status codes, headers
  • Request/response inspection and schema validation
  • Authentication testing (JWT, OAuth, API keys)
  • +3 more…

All skills

  • REST fundamentals: methods, status codes, headers
  • Request/response inspection and schema validation
  • Authentication testing (JWT, OAuth, API keys)
  • Data state debugging — UI vs API vs DB mismatches
  • Contract testing concepts
  • Writing API test collections with assertions

Tools

Postman or Bruno (API client)Browser DevTools — Network tabJSON Schema tools

Deliverables

  • Postman collection with 20+ tests for a public REST API
  • Bug report for a data integrity issue found via API vs UI mismatch

Done when…

  • Can test any REST endpoint without a frontend
  • Can identify data discrepancies between API and UI
  • Understands what 401, 403, 422, 500 mean and how to test each

What you'll be able to do

  • Test APIs end-to-end without relying on a UI
  • Write shareable API test collections for the whole team
  • Debug frontend bugs by tracing them to their API source

Portfolio proof

Build a Postman collection testing a real public API (GitHub, Stripe, etc.) with environment variables, assertions, and edge case coverage.

Core pathBeginner1–2 weeks

AI-Assisted QA Workflows

Use AI tools to accelerate test design and risk analysis — without writing a single line of automation code.

  • Prompt writing for thorough test scenario generation
  • AI-assisted risk analysis from requirement specs
  • Reviewing and validating AI-generated test cases
  • +3 more…

All skills

  • Prompt writing for thorough test scenario generation
  • AI-assisted risk analysis from requirement specs
  • Reviewing and validating AI-generated test cases
  • Identifying AI hallucination in generated content
  • Human-in-the-loop governance: when to trust, when to verify
  • AI tools for exploratory testing session planning

Tools

Claude / ChatGPT (test ideation)GitHub Copilot (code review assistance)AI-enhanced Jira / Linear

Deliverables

  • Documented AI-assisted test design workflow with a human review checklist
  • Before/after: manual vs AI-assisted test ideation — speed and quality compared

Done when…

  • Can generate a full test plan from a spec using AI, then critically review it
  • Has a repeatable process for when to trust vs verify AI output
  • Can identify at least 3 hallucination patterns in AI-generated test cases

What you'll be able to do

  • Use AI to 5× test ideation speed without sacrificing quality
  • Critically evaluate AI output before it reaches the team
  • Build a human+AI review workflow others can follow

Portfolio proof

Document your AI-assisted test planning workflow with real before/after examples and a governance checklist you'd hand to a new tester.

Core pathBeginnerOngoing

Portfolio & First Job

Land your first QA role with a portfolio that demonstrates real skill — not just course certificates.

  • QA portfolio structure — what to include and what to cut
  • CV writing for QA roles: measurable impact over duties
  • Technical interview preparation: live testing scenarios
  • +2 more…

All skills

  • QA portfolio structure — what to include and what to cut
  • CV writing for QA roles: measurable impact over duties
  • Technical interview preparation: live testing scenarios
  • Take-home QA task execution under time pressure
  • Salary research and negotiation preparation

Tools

GitHub (portfolio host)LinkedInGlassdoor / LinkedIn Salary (market research)

Deliverables

  • 3 portfolio pieces: real bug reports, API collection, test plan
  • QA-specific CV with at least 2 measurable achievements
  • 5 interview answers rehearsed and recorded

Done when…

  • Portfolio reviewed by at least one working QA engineer
  • Can complete a typical take-home QA task in under 3 hours
  • Has applied to at least 10 roles with tailored applications

What you'll be able to do

  • Present your work confidently in a technical interview
  • Complete any typical QA take-home test under time pressure
  • Negotiate salary using current market data

Portfolio proof

A GitHub profile with pinned repos covering core phases: bug reports, API collection, test plan, and AI workflow documentation.

Advanced Tracks — not taught by me
Advanced trackIntermediate5–7 weeks

AI-Powered QA & CI Quality Gates

Build an AI-assisted QA workflow and integrate it into CI/CD with quality gates.

Not covered in my courses — this section links to external resources only.

  • Prompt engineering for test case generation
  • Using AI to identify edge cases and coverage gaps
  • AI-assisted bug report writing and triage
  • +4 more…

All skills

  • Prompt engineering for test case generation
  • Using AI to identify edge cases and coverage gaps
  • AI-assisted bug report writing and triage
  • Test isolation and independent state management
  • GitHub Actions / GitLab CI YAML configuration
  • AI-assisted flake detection and root cause analysis
  • Blocking deployments on test failure (quality gates)

Tools

ChatGPT / ClaudeGitHub CopilotVS Code + AI extensionsGitHub ActionsAI test generation tools

Deliverables

  • AI-generated test suite for a login + checkout flow
  • GitHub Actions workflow running tests on every PR with merge blocking
  • AI-assisted flake analysis report: identified, root-caused, and fixed

Done when…

  • Tests pass reliably 3 times in a row without modification
  • AI prompts are documented and reusable across test files
  • CI pipeline blocks merge on test failure

What you'll be able to do

  • Build an AI-assisted test suite from scratch
  • Set up a full CI pipeline with quality gates
  • Use AI to debug and explain test failures clearly

Portfolio proof

AI-assisted QA project on GitHub with a green CI badge, merge-blocking on failure, and a README explaining your AI workflow decisions.

Advanced trackAdvanced2–3 weeks

A11y, Performance & Security

Add specialist depth: WCAG 2.2 audits, Core Web Vitals testing, and OWASP security testing basics.

Not covered in my courses — this section links to external resources only.

  • WCAG 2.2 — the 4 principles and key success criteria
  • Automated a11y testing with axe-core and Playwright-axe
  • Core Web Vitals: LCP, INP, CLS — measurement and budgets
  • +2 more…

All skills

  • WCAG 2.2 — the 4 principles and key success criteria
  • Automated a11y testing with axe-core and Playwright-axe
  • Core Web Vitals: LCP, INP, CLS — measurement and budgets
  • OWASP WSTG basics: XSS, IDOR, auth bypass patterns
  • Security testing mindset — adversarial thinking

Tools

axe DevTools (browser ext)Lighthouse CIOWASP ZAP (passive scan)WebPageTest

Deliverables

  • Accessibility audit for a real website with WCAG 2.2 success criteria references
  • Lighthouse CI integration blocking PRs on performance regression

Done when…

  • Can run a full WCAG 2.2 audit and prioritise findings by impact
  • Can explain LCP, INP, CLS and name specific improvements for each
  • Can identify at least 3 OWASP Top 10 risks in a test scenario

What you'll be able to do

  • Audit any web app for accessibility compliance and prioritise findings
  • Set performance budgets and alert the team on regression
  • Identify common security testing gaps in an existing QA plan

Portfolio proof

Publish an accessibility + performance audit of an open-source project as a GitHub issue or blog post with prioritised, actionable recommendations.

Advanced trackAdvanced2–3 weeks

AI Risk & Governance Testing

Test AI-powered products for safety, reliability, and compliance — covering LLM-specific risk classes and governance frameworks.

Not covered in my courses — this section links to external resources only.

  • OWASP LLM Top 10: prompt injection, insecure output, overreliance
  • Testing for hallucination, toxicity, and bias in AI outputs
  • Human-in-the-loop (HITL) coverage design
  • +3 more…

All skills

  • OWASP LLM Top 10: prompt injection, insecure output, overreliance
  • Testing for hallucination, toxicity, and bias in AI outputs
  • Human-in-the-loop (HITL) coverage design
  • AI governance frameworks: ISO 42001, NIST AI RMF basics
  • Adversarial prompt testing and red-teaming concepts
  • AI incident reporting and risk documentation

Tools

OWASP LLM Top 10 checklistGarak (LLM probe tool)Custom adversarial prompt libraries

Deliverables

  • AI risk test plan for a fictional LLM-powered product
  • Documented red-team findings with risk ratings and mitigations

Done when…

  • Can name and test for all OWASP LLM Top 10 risk categories
  • Can write an adversarial prompt that exposes a real AI vulnerability
  • Understands HITL requirements and can design test coverage for them

What you'll be able to do

  • Test any AI-powered feature against LLM Top 10 risk categories
  • Write an AI test plan that satisfies basic governance requirements
  • Present AI risk findings clearly to product and legal stakeholders

Portfolio proof

A public AI risk test plan + findings report for an open-source LLM-powered tool, mapped to OWASP LLM Top 10 with prioritised mitigations.

1

Next checkpoint

QA Foundations

Core

Common questions

No. QA is one of the best entry points into tech because it's more about analytical thinking than coding. Many QA engineers come from completely unrelated fields.

It varies significantly by background, availability, and market. The core path gives you the skills; job timelines depend on factors outside any course's control — location, competition, and how you present your work. Focus on building a genuine portfolio rather than optimising for a specific timeline.

No. Senior QA, QA Lead, SDET, and QA Manager are all real progression paths. AI and testing skills are in very high demand and open doors into engineering roles.

QA salaries vary widely by location, company type, and specialisation. Rather than quoting numbers that go stale, I'd recommend checking Glassdoor, LinkedIn Salary, and Levels.fyi filtered to your target market for current data. Automation and AI-risk skills generally command higher rates than manual-only roles.

Get the roadmap summary + course updates

I'll send you a condensed 1-page version of this map — useful as a quick reference — plus early access when the core-path course launches.

Ready to go deeper?

Join the waitlist for the full QA Core Path course →