Cable and Antenna Operations
Installs, maintains, troubleshoots, and repairs fixed and deployable cable and antenna systems supporting Air Force communications infrastructure. Responsible for outside plant (OSP) fiber optic and copper cable systems, antenna systems, and associated hardware across the installation and deployed environments.
“You'll be the backbone of Air Force communications — literally building and maintaining the physical infrastructure that connects every mission system on base. You'll work with cutting-edge fiber optic technology, climb towers, and deploy worldwide to establish communications networks in austere environments. This is a hands-on technical career that translates directly to high-demand civilian telecom and network infrastructure jobs paying $70K+ right out of the gate. You'll earn industry certifications and your fiber splicing skills alone are worth their weight in gold.”
You are a cable dog. You will dig trenches in 110-degree heat and run fiber through underground vaults that smell like something crawled in there during the Clinton administration and never crawled out. Your 'cutting-edge fiber optic technology' is a fusion splicer you share with three other shops and a cable locator from 2004 that lies to you professionally. You will climb antenna towers in conditions that would make OSHA weep, and the safety briefing is basically 'don't fall.' Your hands will be permanently torn up from pulling cable through conduit that was installed by someone who clearly hated the next person who'd have to work on it — which is you. The 'deploy worldwide' part is real: you'll set up comms in places that don't have running water yet, and somehow you're expected to get a SIPR connection working before anyone builds a latrine. The civilian telecom industry WILL hire you, though. Fiber splicers are in genuine demand and your clearance is a bonus. Just don't tell them about the time you accidentally cut the base commander's internet during a VTC with a three-star.
MOS Intel
- 1Get your fiber optic certifications (FOI, BICSI) while the Air Force pays for them. These are expensive civilian-side and telecom companies love them.
- 2Tower climbing quals are valuable and unique. Not many people have them and the hazard pay adds up.
- 3Document everything you do — base infrastructure projects, cable plant upgrades, tower installs. This becomes your resume and it's more impressive than you think.
- 4Learn to read and update base cable plant records. The person who knows where every cable runs on base is the person who never gets voluntold for irrelevant details.
- 5The 3D career field transitioned to 1D7 — 1D7X3 specifically covers the outside plant and antenna mission. Understand how your shred-out maps to civilian CATV, fiber, and telecom installer roles.
Cable and Antenna is the most blue-collar AFSC in the cyber career field, and its people will tell you that with pride. While everyone else in 1D7 sits at keyboards, you're outside in the elements actually building the physical network they all depend on. The recruiter will call it 'cyber' because everything got rebranded under the 1D7 umbrella, but your daily reality is closer to a telecom lineman than a cybersecurity analyst. That's not a bad thing — it means your skills are tangible, your work is visible, and you'll never sit through a meeting about 'synergizing digital transformation.' The flip side: the work is physically demanding, the hours during outages are brutal, and you will develop a Pavlovian stress response to the sound of heavy equipment operating near buried cable. The civilian translation is excellent. Fiber splicers and cable installers are in serious demand and your security clearance makes you even more attractive to defense contractors. The honest truth is this: you won't be a hacker, you won't be a coder, and your job title will confuse people at parties. But the comms don't work without you. The mission doesn't move without you. And there's something deeply satisfying about being the person who makes the lights blink.
Execute the Job — By Rank
How you actually run this job at each rank — what you do, what you drill, which manuals you own, and what good looks like. Written for the soldier, sailor, airman, Marine, or Guardian currently in the seat. Each rank deeplinks into the full Playbook deep-dive: time-blocked schedules, unit-type variations, career decisions, and the read on the next rank.
You are training to be a Cyberspace Defense Analyst — a network security specialist responsible for monitoring, detecting, and responding to cyber threats against Air Force networks. You are on the front line of a domain that operates continuously and that adversaries probe every day without pause.
Complete the 1D7X3 initial skills training pipeline at Keesler AFB, MS. Learn network defense fundamentals — intrusion detection, security information and event management (SIEM) tools, network traffic analysis, log review, and the indicators of compromise that signal malicious activity. Study the Air Force and DoD network architecture you will be defending. Learn to use the tools deployed at Cyberspace Defense (CD) units — SIEMs, packet capture tools, endpoint detection platforms, and vulnerability management systems. Develop the analytical habits that distinguish an effective defender from one who generates alerts without understanding them.
- 01Network intrusion detection, SIEM tool operation, log analysis, packet capture and traffic analysis, indicators of compromise identification, endpoint security monitoring, Air Force network architecture knowledge
- —AFMAN 17-1303 (Cyberspace Defense), NIST publications applicable to federal network defense, DISA STIGs for Air Force networks, Air Forces Cyber (AFCYBER) tactics publications
- —Pass 1D7X3 initial training; network analysis demonstrated to standard; SIEM tool operations proficient; IOC identification accurate; all classified system access rules observed
- —Responding to every alert as an isolated event without building the pattern recognition that identifies coordinated campaigns — the defender who responds to individual alerts without asking "is this part of something larger?" will always be behind a sophisticated adversary.
An apprentice 1D7X3 who treats every shift as an opportunity to understand the adversary's methods, not just to clear the alert queue — who reads threat intelligence products, asks senior analysts about the campaigns behind recent alerts, and builds a mental model of the threat environment rather than just the tool procedures.
You are a qualified Cyberspace Defense Analyst defending Air Force networks during operational shifts, building the threat awareness and technical depth that effective network defense demands.
Operate as a qualified CD analyst during shift operations at a Cyber Protection Team, Air Forces Cyber unit, or AFNET operations center. Monitor assigned network segments for anomalous activity, investigate potential intrusions, and respond to confirmed incidents. Produce accurate incident reports and escalate appropriately. Develop threat hunting skills — proactively searching for adversary activity that has not yet triggered automated detection. Contribute to sensor tuning to reduce false positives without creating detection gaps. Begin working toward advanced certifications and the upgrade path to the Cyber Protection Team (CPT) hunt and defend roles.
- 01Network shift operations, incident investigation and reporting, threat hunting methodology, sensor tuning, escalation procedures, incident response coordination, advanced certification pursuit
- —AFMAN 17-1303, AFCYBER operational publications, CISA and NSA cybersecurity advisories for current threat environment, unit incident response plans
- —Detection quality accurate with low false negative rate; incident reports clear and actionable; escalation decisions appropriate; threat hunting producing findings; sensor tuning improvements documented
- —Tuning detection sensors to eliminate noise without documenting what was removed and why — every suppression rule creates a potential blind spot, and the analyst who cannot explain why a specific signature was tuned out is a liability during the next investigation that involves similar activity.
A SrA analyst who maintains a personal log of every significant detection event and the investigation that followed — building a personal case study library that improves their threat hunting skills over time and that provides training material for more junior analysts.
You are a senior 1D7X3 analyst, building toward advanced technical qualifications and developing the ability to lead incident response and train junior analysts.
Operate as a senior CD analyst, lead incident response investigations, and pursue advanced technical qualifications — CompTIA CySA+, GCIH (GIAC Certified Incident Handler), or similar certifications that deepen technical capability. Train junior analysts on detection, investigation, and incident response procedures. Lead shift-level incident coordination. Contribute to SOC procedure development and playbook improvement. Develop specializations in specific threat types, network segments, or detection technologies. Represent the section at cyber threat intelligence sharing events.
- 01Senior analyst operations, incident response leadership, advanced technical certifications, junior analyst mentoring, SOC procedure development, threat intelligence integration, technical specialization development
- —AFMAN 17-1303, AFCYBER tactics publications, MITRE ATT&CK framework, threat intelligence sharing platforms (SIPR/JWICS), unit SOC playbooks
- —Advanced certifications current; incident response leadership effective; junior analysts trained to standard; SOC procedures improved through contributions; threat intelligence applied in detection improvements
- —Becoming technically deep in one area of network defense without maintaining breadth — the analyst who can only work specific tool environments or threat types becomes a scheduling dependency rather than a force multiplier.
An SSgt analyst who has contributed at least one documented improvement to the unit's detection capability — a new detection rule, an updated playbook, a sensor tuning change that improved true positive rates — and who can describe the specific adversary technique it was designed to catch.
You are the senior 1D7X3 NCO within your unit, responsible for the training program, technical standards, and operational readiness of the cyberspace defense analyst section.
Serve as the CD section NCOIC or shift lead supervisor. Own the technical training program — manage analyst qualification, certification tracking, and skills development. Brief the section commander on analyst readiness and detection capability. Lead complex incident response investigations. Interface with mission defense team (MDT) leads and cyber protection team (CPT) leads on network security posture. Represent the section at cyber threat sharing forums. Advise the commander on technical capability gaps and required investments.
- 01Section NCOIC duties, technical training program management, incident response leadership, MDT/CPT coordination, cyber threat community engagement, capability gap assessment, readiness reporting
- —AFMAN 17-1303, AFCYBER management publications, DISA network security publications, unit incident response plans
- —All analysts maintaining required certifications; detection effectiveness meeting AFCYBER standards; section training documentation audit-ready; incident response capability demonstrated in exercises
- —Managing analyst certifications as a compliance requirement rather than a technical capability indicator — certifications that have expired but whose underlying skills are still practiced are less of a risk than certifications that are current but whose skills are not regularly exercised.
A TSgt who evaluates section readiness against actual detection performance — false negative rates, mean time to detect, incident investigation quality — rather than against certification expiration dates, and who can brief the commander on both.
You are the senior 1D7X3 functional at the group or command level, advising commanders on cyberspace defense capability and managing the analyst force.
Serve as the wing or AFCYBER group cyber defense superintendent. Advise commanders on network defense capability, analyst readiness, and emerging threat trends. Interface with AFCYBER and JFHQ-DODIN on career field management and mission requirements. Manage complex personnel actions for cyber analysts. Contribute to cyber defense doctrine and AFMAN updates. Represent the 1D7X3 community at AFCYBER standardization forums. As 1stSgt, own the welfare and discipline of the cyber operations formation.
- 01Group/wing cyber defense oversight, AFCYBER and JFHQ-DODIN interface, career field management, doctrine contribution, complex personnel management, senior enlisted advisory
- —AFCYBER directives, AFMAN 17-1303, JFHQ-DODIN publications, DoD cyber operations publications
- —Wing cyber defense capability meeting AFCYBER standards; analyst force technically current; doctrine contributions accurate; personnel actions appropriate
- —Allowing the cyber defense section to operate as a compliance-reporting function rather than an active threat-hunting team — MSgts who measure their section by audit findings rather than threat detection effectiveness are optimizing for inspection performance rather than mission performance.
An MSgt who briefs the wing commander on the section's actual detection effectiveness — what threats were hunted and found, what near-misses occurred, what the current adversary activity pattern looks like — not just on certification status and inspection compliance.
You are the most senior 1D7X3 enlisted leader, shaping cyberspace defense career field policy and Air Force network defense capability at the command level.
Serve as the AFCYBER or 16th Air Force cyberspace defense career field functional manager or senior enlisted cyber advisor. Shape analyst training standards, certification requirements, and the pipeline producing network defenders for the Air Force and joint cyber community. Advise four-star commanders on network defense posture, adversary trends, and the implications of network architecture changes on defensive capability. Interface with NSA, CISA, JFHQ-DODIN, and Cyber Command on defense standards and threat sharing. Ensure the career field evolves to address near-peer adversary capabilities.
- 01Career field functional management, four-star command advisory, NSA/CISA/JFHQ-DODIN engagement, near-peer threat assessment, network defense doctrine, pipeline oversight
- —AFCYBER career field publications, DoD cyber operations doctrine, NSA and CISA technical guidance, joint cyber publications
- —Career field pipeline producing technically current defenders; near-peer defense doctrine realistic; four-star commanders have accurate network defense posture assessments; training keeps pace with adversary capability evolution
- —Allowing training pipelines and certification programs to lag adversary capability evolution by 12-18 months — in cyberspace, a defender who was trained on last year's threat techniques is defending against this year's threat with outdated tools.
A CMSgt who has established a mechanism for incorporating current NSA and CISA threat intelligence into 1D7X3 training within 60 days of publication — so that the pipeline produces analysts who are trained against the threats that are actually active, not the ones that were active 18 months ago when the training was written.
What this actually is in the real world
Your skills translate. Here's what civilian employers call this job — and what they pay.
Electrical and Electronics Engineering Technologists and Technicians
Strong matchNetwork and Computer Systems Administrators
Related fieldComputer User Support Specialists
Related fieldSalary data from the U.S. Bureau of Labor Statistics Occupational Employment and Wage Statistics program, retrieved Feb 2026. BLS.gov cannot vouch for the data or analyses derived from these data after the data have been retrieved from BLS.gov.
MOS Pulse
Anonymous · One tap · No accountThree seconds of your time, zero of your identity. This is how the honest picture of 1D7X3 gets built — one tap at a time.
Knowing what you know now — would you pick 1D7X3 again?
Did your recruiter describe this job accurately?
Hours per week this job actually takes in garrison?
That tap took 3 seconds. A full review takes 10 minutes — and does about 100x more for the next person staring at this contract.
Write the Full Review →Nobody’s gone first. Yet.
Zero reviews for 1D7X3. Not because nobody has opinions — anyone who’s actually done Cable and Antenna Operations is carrying a full magazine of them — but because nobody’s put theirs on the record.
So here’s the deal: the first approved review of every MOS becomes its Founding Review. Permanently badged, permanently first. Every person who looks up 1D7X3 from now on reads it before anything else — including the recruiter’s version.
We could fill this page with fake reviews tonight. Plenty of sites do. We never will — which means this space stays exactly this empty until someone who lived it goes first.
Anonymous by default — no name, no unit, fuzzy timestamps. Your chain of command never knows it was you.
1D7X3 Cable and Antenna Operations — FAQ
Q01What does a 1D7X3 do in the Air Force?
Q02How long is 1D7X3 training and where is it held?
Q03What security clearance does a 1D7X3 need?
Q04What does a day in the life of a 1D7X3 look like?
Q05What are the most common career-ending mistakes for a 1D7X3?
Q06What civilian jobs does 1D7X3 translate to?
Q07What's the career progression for a 1D7X3?
Q08How often do 1D7X3 soldiers deploy?
Q09What's the recruiter not telling me about 1D7X3?
Sources:Branch MOS catalog · DTMO pay tables · DoD/.gov benefits references · O*NET civilian career mapping · verified service-member reviews