
About
Tony St. Pierre
Senior Secure Web Application Engineer
Secure systems. Clear thinking. Work that holds up.
I'm Tony St. Pierre. I'm a senior secure web application engineer with more than two decades of experience building, shipping, fixing, and improving production software.
I care about the parts of engineering that show up when things get real: security, pressure, unclear requirements, aging code, changing teams, and systems that need to keep working after the easy part is over.
Working carefully matters.
I started in software because I liked building things. I stayed because I learned how much judgment the work actually takes.
A system can look clean on the surface and still be fragile underneath. A feature can ship and still leave behind risk. A codebase can move fast for a while and then become hard to understand, hard to change, and hard to trust.
That is the work I care about now.
My background is rooted in TypeScript, React, Next.js, secure web applications, API integration, performance, and long-term maintainability. I'm AWS Certified Solutions Architect – Professional, and I'm continuing to push deeper into cloud security, infrastructure patterns, and AI-agent workflows that keep human review where it belongs.
I'm not interested in novelty for its own sake. I'm interested in building things that are easier to reason about, harder to misuse, and more likely to survive real use.
Core Engineering Principles
These are the standards I keep coming back to.
- Secure Web Application Architecture
- Defensive Engineering & API Hardening
- Frontend Performance & Load Optimization
- Scalable Next.js & React Development
- Authentication & Authorization
- CI/CD Pipelines with Embedded Security
- Code Quality, OWASP Principles & Long-Term Maintainability
Tools & Practices
Tools change. The discipline matters more. These are the areas I work in and continue to sharpen.
- TypeScript, Next.js, React
- Node.js & API Integration
- AWS Cloud Architecture
- CI/CD Pipelines
- Web Application Security
- OWASP & API Security
- Secure Coding Practices & Code Review Discipline
- AI-Agent Workflows with Human Review
Security is not something I like to bolt on later. It belongs in the shape of the system from the beginning.
The goal is simple: build clearly, reduce avoidable risk, and leave the work better than I found it.