How Goldman Sachs Embraced the Public Cloud

Investment banks are embracing the public cloud. Goldman Sachs said last week that it’s moving its Marquee Platform (along with various other functions) to Amazon Web Services (AWS)… and it’s not the only one.

Various banks are eyeing external providers and building internal cloud teams to manage their moves. UBS, for example, hired Steven Jeffrey from pharmaceutical firm GSK as global head of its cloud office in October, and is promptly advertising multiple roles for cloud engineers familiar with Microsoft Azure. Cloud skills promise to be a very big deal in 2020.

As banks everywhere espouse the public cloud, however, the abilities of their existing technology staff can be found wanting. Current developers either need to supplement their abilities fast or to risk being superannuated by other people who come with a more updated toolbox.

Two Goldman vice presidents explained as much at last week’s Amazon Web Services (AWS) re:Invent event. Vicky Ledda, a VP in global investment research engineering, and Yun Zhang, a VP in the core engineering group, explained how they were charged with migrating the bank’s global investment research portal to the public cloud in a two-step process that involved the creation of a ‘research lite’ portal, followed by full migration sometime next year.  

“It’s about more than just learning about the Cloud and AWS,” Ledda said during the presentation. “As soon as you move to the cloud, the average developer will be responsible for a lot more than they used to be, from networking to security to operational support.”

This is a change to the previous state of affairs. Before their team began using the cloud, Ledda said, software developers had “the luxury of not having to worry about networks, or network security.” Someone else dealt with databases and networks; the developer’s role simply involved worrying about “Java or C++ code and if it works, perfect.”

But a public-cloud migration comes with different concerns. “A developer is looking at the whole account,” Ledda said. Developers are making decisions about virtual private clouds, what sits on public and private subnets, the control of ingress and egress, firewalls, and so on. 

“This has been quite challenging for everyone on the journey,” Ledda continued. “You need to pick up your textbook and to read about computer networking and Amazon menus.” Today’s developers control their own fates, she added: “Please polish your networking skills.” 

Goldman Sachs: Too Late to Amazon’s Services?

It helps, too, to have an understanding of the tools available through Amazon. Both Ledda and Zhang said Goldman adopted Amazon’s services too late. “We were only doing tools discovery and adoption at the last minute,” Zhang explained. “If we had invested in tooling that helped us do the migration and security monitoring early, that could have helped. My advice to everyone here is to invest in tooling early.”

Ultimately, Goldman did invest in Amazon tools… which it then had to modify. “A lot of AWS products come with inbuilt security capabilties, but in the financial industry they are likely not enough,” said Ledda. “You also need to customise the AWS product with additional tooling and processes.”

Although migrating to the public cloud might initially seem easy, it really isn’t, said the two Goldman VPs. “Our initial migration took 18 tries,” Ledda said. “I remember, it was a long night,” Zhang added.

A modified version of this article appeared in eFinancialCareers.