AWS Splunk Engineer
MANTECH
RemoteRemoteFull Time
Job Description
MANTECH seeks a motivated, career and customer-oriented AWS Splunk Engineer to join our team in Virginia Beach, VA. This is a remote position.
We are seeking an experienced AWS Splunk Engineer to lead the design, implementation, and optimization of our enterprise-wide observability and security logging platform. In this role, you won't just "manage logs"—you will architect high-scale data pipelines that bridge AWS cloud-native services with Splunk’s predictive analytics. You will be responsible for automating our infrastructure via code (IaC), integrating AI/ML models for proactive threat detection, and optimizing data ingestion for cost-efficiency in a high-growth environment.
Responsibilities include but are not limited to:
Design and maintain a resilient, multi-region Splunk environment on AWS (EC2/EKS) utilizing Splunk SmartStore and Federated Search to balance performance and storage costs
Lead the integration of AWS-native logs (CloudTrail, VPC Flow Logs, Route 53, GuardDuty, and Security Hub) into Splunk using AWS Kinesis Firehose, Lambda, and SQS
Develop and maintain infrastructure using Terraform/OpenTofu. Automate Splunk app deployments and configuration updates via CI/CD pipelines (GitHub Actions/GitLab)
Conduct monthly "Data Hygiene" audits. Use Splunk DSP (Data Stream Processor) or to filter, mask, and route data, ensuring high-value logs are prioritized for indexing while reducing "dark data" costs
Participate in Agile ceremonies as a member of a highly functioning Agile engineering team
Ensure all logging pipelines meet Department of War/US Navy compliance requirement
Minimum Qualifications:
Bachelor’s degree in computer science or other related STEM discipline; OR High School Diploma and 13+ years of relevant cloud engineering experience
9+ years of experience related to cloud engineering
Experience with SPL (Search Processing Language), Splunk Admin (Cluster Management), and building complex XML/Glass Table dashboards
Experience with IAM (Least Privilege), S3 (Lifecycle Policies), Kinesis Data Firehose, and AWS Organizations
Ability to obtain a DoD 8570 Computing Environment certification within 6 months of hire
Ability to script in one or more of the following computer languages: Python, Bash, or Perl
Experience monitoring Amazon EKS/ECS environments using the Splunk OpenTelemetry (OTel) Collector
Preferred Qualifications:
AWS Associate-level certification (e.g., AWS Certified Solutions Architect – Associate)
Splunk Enterprise Certified Architect certification
3+ years of experience using Terraform
Experience using Git-based version control systems (e.g., GitHub) to manage and deploy infrastructure changes
Clearance Requirements:
Must have an active Secret security clearance.
Physical Requirements:
Must be able to remain in a stationary position up to 50% of the time.
Occasionally required to move about the office to access file cabinets, office equipment, and other work areas.
Frequently communicates with coworkers, management, and customers, including delivering presentations.
Must be able to exchange accurate information in these interactions.
We are seeking an experienced AWS Splunk Engineer to lead the design, implementation, and optimization of our enterprise-wide observability and security logging platform. In this role, you won't just "manage logs"—you will architect high-scale data pipelines that bridge AWS cloud-native services with Splunk’s predictive analytics. You will be responsible for automating our infrastructure via code (IaC), integrating AI/ML models for proactive threat detection, and optimizing data ingestion for cost-efficiency in a high-growth environment.
Responsibilities include but are not limited to:
Design and maintain a resilient, multi-region Splunk environment on AWS (EC2/EKS) utilizing Splunk SmartStore and Federated Search to balance performance and storage costs
Lead the integration of AWS-native logs (CloudTrail, VPC Flow Logs, Route 53, GuardDuty, and Security Hub) into Splunk using AWS Kinesis Firehose, Lambda, and SQS
Develop and maintain infrastructure using Terraform/OpenTofu. Automate Splunk app deployments and configuration updates via CI/CD pipelines (GitHub Actions/GitLab)
Conduct monthly "Data Hygiene" audits. Use Splunk DSP (Data Stream Processor) or to filter, mask, and route data, ensuring high-value logs are prioritized for indexing while reducing "dark data" costs
Participate in Agile ceremonies as a member of a highly functioning Agile engineering team
Ensure all logging pipelines meet Department of War/US Navy compliance requirement
Minimum Qualifications:
Bachelor’s degree in computer science or other related STEM discipline; OR High School Diploma and 13+ years of relevant cloud engineering experience
9+ years of experience related to cloud engineering
Experience with SPL (Search Processing Language), Splunk Admin (Cluster Management), and building complex XML/Glass Table dashboards
Experience with IAM (Least Privilege), S3 (Lifecycle Policies), Kinesis Data Firehose, and AWS Organizations
Ability to obtain a DoD 8570 Computing Environment certification within 6 months of hire
Ability to script in one or more of the following computer languages: Python, Bash, or Perl
Experience monitoring Amazon EKS/ECS environments using the Splunk OpenTelemetry (OTel) Collector
Preferred Qualifications:
AWS Associate-level certification (e.g., AWS Certified Solutions Architect – Associate)
Splunk Enterprise Certified Architect certification
3+ years of experience using Terraform
Experience using Git-based version control systems (e.g., GitHub) to manage and deploy infrastructure changes
Clearance Requirements:
Must have an active Secret security clearance.
Physical Requirements:
Must be able to remain in a stationary position up to 50% of the time.
Occasionally required to move about the office to access file cabinets, office equipment, and other work areas.
Frequently communicates with coworkers, management, and customers, including delivering presentations.
Must be able to exchange accurate information in these interactions.