AWS Splunk Engineer

MANTECH seeks a motivated, career and customer-oriented AWS Splunk Engineer to join our team in Virginia Beach, VA. This is a remote position.

We are seeking an experienced AWS Splunk Engineer to lead the design, implementation, and optimization of our enterprise-wide observability and security logging platform. In this role, you won't just "manage logs"—you will architect high-scale data pipelines that bridge AWS cloud-native services with Splunk’s predictive analytics. You will be responsible for automating our infrastructure via code (IaC), integrating AI/ML models for proactive threat detection, and optimizing data ingestion for cost-efficiency in a high-growth environment.

Responsibilities include but are not limited to:

• Design and maintain a resilient, multi-region Splunk environment on AWS (EC2/EKS) utilizing Splunk SmartStore and Federated Search to balance performance and storage costs

• Lead the integration of AWS-native logs (CloudTrail, VPC Flow Logs, Route 53, GuardDuty, and Security Hub) into Splunk using AWS Kinesis Firehose, Lambda, and SQS

• Develop and maintain infrastructure using Terraform/OpenTofu. Automate Splunk app deployments and configuration updates via CI/CD pipelines (GitHub Actions/GitLab)

• Conduct monthly "Data Hygiene" audits. Use Splunk DSP (Data Stream Processor) or to filter, mask, and route data, ensuring high-value logs are prioritized for indexing while reducing "dark data" costs

• Participate in Agile ceremonies as a member of a highly functioning Agile engineering team

• Ensure all logging pipelines meet Department of War/US Navy compliance requirement

Minimum Qualifications:

• Bachelor’s degree in computer science or other related STEM discipline; OR High School Diploma and 13+ years of relevant cloud engineering experience

• 9+ years of experience related to cloud engineering

• Experience with SPL (Search Processing Language), Splunk Admin (Cluster Management), and building complex XML/Glass Table dashboards

• Experience with IAM (Least Privilege), S3 (Lifecycle Policies), Kinesis Data Firehose, and AWS Organizations

• Ability to obtain a DoD 8570 Computing Environment certification within 6 months of hire

• Ability to script in one or more of the following computer languages: Python, Bash, or Perl

• Experience monitoring Amazon EKS/ECS environments using the Splunk OpenTelemetry (OTel) Collector

Preferred Qualifications:

• AWS Associate-level certification (e.g., AWS Certified Solutions Architect – Associate)

• Splunk Enterprise Certified Architect certification

• 3+ years of experience using Terraform

• Experience using Git-based version control systems (e.g., GitHub) to manage and deploy infrastructure changes

Clearance Requirements:

• Must have an active Secret security clearance.

Physical Requirements:

• Must be able to remain in a stationary position up to 50% of the time.

• Occasionally required to move about the office to access file cabinets, office equipment, and other work areas.

• Frequently communicates with coworkers, management, and customers, including delivering presentations.

• Must be able to exchange accurate information in these interactions.