AWS Splunk Engineer

MANTECH seeks a motivated, career and customer-oriented AWS Splunk Engineer to join our team in Virginia Beach, VA. This is a remote position.

We are seeking an experienced AWS Splunk Engineer to lead the design, implementation, and optimization of our enterprise-wide observability and security logging platform. In this role, you won't just "manage logs"-you will architect high-scale data pipelines that bridge AWS cloud-native services with Splunk's predictive analytics. You will be responsible for automating our infrastructure via code (IaC), integrating AI/ML models for proactive threat detection, and optimizing data ingestion for cost-efficiency in a high-growth environment.

Responsibilities include but are not limited to:

• Design and maintain a resilient, multi-region Splunk environment on AWS (EC2/EKS) utilizing Splunk SmartStore and Federated Search to balance performance and storage costs
• Lead the integration of AWS-native logs (CloudTrail, VPC Flow Logs, Route 53, GuardDuty, and Security Hub) into Splunk using AWS Kinesis Firehose, Lambda, and SQS
• Develop and maintain infrastructure using Terraform/OpenTofu. Automate Splunk app deployments and configuration updates via CI/CD pipelines (GitHub Actions/GitLab)
• Conduct monthly "Data Hygiene" audits. Use Splunk DSP (Data Stream Processor) or to filter, mask, and route data, ensuring high-value logs are prioritized for indexing while reducing "dark data" costs
• Participate in Agile ceremonies as a member of a highly functioning Agile engineering team
• Ensure all logging pipelines meet Department of War/US Navy compliance requirement

Minimum Qualifications:

• Bachelor's degree in computer science or other related STEM discipline; OR High School Diploma and 13+ years of relevant cloud engineering experience
• 9+ years of experience related to cloud engineering
• Experience with SPL (Search Processing Language), Splunk Admin (Cluster Management), and building complex XML/Glass Table dashboards
• Experience with IAM (Least Privilege), S3 (Lifecycle Policies), Kinesis Data Firehose, and AWS Organizations
• Ability to obtain a DoD 8570 Computing Environment certification within 6 months of hire
• Ability to script in one or more of the following computer languages: Python, Bash, or Perl
• Experience monitoring Amazon EKS/ECS environments using the Splunk OpenTelemetry (OTel) Collector

Preferred Qualifications:

• AWS Associate-level certification (e.g., AWS Certified Solutions Architect - Associate)
• Splunk Enterprise Certified Architect certification
• 3+ years of experience using Terraform
• Experience using Git-based version control systems (e.g., GitHub) to manage and deploy infrastructure changes

Clearance Requirements:

• Must have an active Secret security clearance.

Physical Requirements:

• Must be able to remain in a stationary position up to 50% of the time.
• Occasionally required to move about the office to access file cabinets, office equipment, and other work areas.
• Frequently communicates with coworkers, management, and customers, including delivering presentations.
• Must be able to exchange accurate information in these interactions.