Skip to main content
HonestMOS
InvestigationsCongress made VA disability claims free to file. An entire industry charges veterans anyway — and nobody can stop them.
Back to 25B Information Technology Specialist — overview, pay, training, civilian translation, reviews
25BE1-E3

Information Technology Specialist

E-1 to E-3 (Junior Enlisted) · Army

HEADS UP

25B AIT at Fort Eisenhower (the renamed Fort Gordon, GA) runs around 20 weeks under the Cyber Center of Excellence. You graduate with CompTIA Security+ — the DoD 8140 baseline cert — which is genuinely portable to civilian IT/cyber jobs. That cert plus a clearance is the foundation of every 25B post-service career conversation.

The Honest MOS Read
You enlisted 25B Information Technology Specialist, finished BCT, and are at Fort Eisenhower (renamed from Fort Gordon in 2023), GA — the home of the Army's Cyber Center of Excellence and the Signal School. AIT for 25B is roughly 20 weeks, run by the 15th Signal Brigade / Signal School, and the syllabus has shifted materially over the last several years as the Army has integrated cyber and signal training. You'll cover network fundamentals (TCP/IP, routing, switching), Windows server admin, Active Directory, basic cybersecurity, and the Army's specific tactical network systems (WIN-T elements, JBC-P / Joint Battle Command - Platform integrations, tactical SATCOM nodes). The cert outcome matters: 25B AIT is structured to push you through CompTIA Security+ certification during the course, because Sec+ is the DoD 8140.03 baseline for IT positions on the DoD network — without it, you cannot administer the systems you're being trained to administer. That cert is yours for three years (recertification required), is civilian-portable, and is the foundational credential for every IT or cyber career conversation after the Army. Some AIT cohorts also push CompTIA Network+ or other DoD 8140-compliant certs; check your class's specific cert track. Drop assignments are highly varied for 25B. Signal Battalions (Expeditionary Signal Battalion structure, plus the regional signal brigades — 7th SB-T in Korea, 5th SB-T in Europe, 11th SB at Fort Hood/Cavazos, etc.), BCT S-6 sections (you're the brigade's IT shop, supporting the maneuver elements), Cyber Brigade slots at Fort Eisenhower for those who scored well in AIT and the right slots opened, MEDCOM / NETCOM / strategic signal billets, COCOM J-6 sections for joint assignments later. The job content varies dramatically: a BCT S-6 25B does field-deployable tactical networks (cell-on-wheels, tactical Wi-Fi, deployable VTC); a NETCOM enterprise 25B does Tier-1 / Tier-2 helpdesk and Active Directory admin on a fixed installation. Both are 25B. The career outcomes are different. Promotion to E-2 is automatic at 6 mo TIS per AR 600-8-19; E-3 at 12 mo TIS / 4 mo TIG. E-4 at 24 mo / 6 mo. The 25B advantage that doesn't show up in the recruiter pitch: the certification stack you accumulate during your enlistment is the most civilian-marketable credential bundle in the Army enlisted system. Sec+, Net+, A+, plus whatever vendor-specific certs (Cisco CCNA, Microsoft, Red Hat) your unit funds, plus a clearance (the minimum for 25B is SECRET; TOP SECRET clearances open up for those assigned to higher-headquarters or cyber billets) — that combination is hireable into a $70K-$120K civilian IT job in most metros immediately on ETS. The clearance alone, in the DC / NoVA / Tampa / Colorado Springs labor markets, is worth $15K-$25K/year over the equivalent uncleared role. The trap: it is easy to coast in a TDA / garrison 25B assignment. Helpdesk work, ticket queue, Active Directory password resets, printer support. That experience builds tenure but doesn't build the skills your post-service career will pay for. Volunteer for the deployable signal element, the tactical network, the cyber-leaning slot, the SCIF — the harder assignments compound differently.
Career Arc
  • 01BCT → AIT at Fort Eisenhower (Cyber Center of Excellence / Signal School), ~20 weeks.
  • 02CompTIA Security+ certification during AIT — DoD 8140.03 baseline, civilian-portable.
  • 03First assignment: Signal Battalion, BCT S-6, NETCOM/Cyber Brigade, or strategic signal billet.
  • 04Clearance investigation completes: SECRET baseline, TS for higher-HQ/cyber billets.
  • 05Month ~6 TIS: E-2.
  • 06Month ~12 TIS: E-3.
  • 07First volunteer cert stack: Net+, A+, vendor certs (CCNA, Microsoft, RedHat) — unit-funded where possible.
Common Screwups
  • ×Letting Security+ lapse. Recertification is required every 3 years (or via Continuing Education Units); a lapsed Sec+ removes you from DoD 8140-compliant billets.
  • ×Coasting on garrison helpdesk work. The ticket-queue experience doesn't compound the way tactical-network or cyber-adjacent experience does.
  • ×Clearance behaviors: financial irresponsibility (delinquent debts), undisclosed foreign contacts, drug use, security-incident reports — clearance issues at E-3/E-4 follow you for the entire career.
  • ×Skipping civilian cert stacking during the slack windows. CompTIA, Cisco, Microsoft, vendor certs are funded under Army Credentialing Assistance — leaving free certs on the table is leaving post-service salary on the table.
  • ×DUI / drug pop — separation under AR 635-200 ch.14 and clearance-revocation cascades.

A Day in the Life

  • 0500Wake up. Quick coffee. Phone check for any overnight alerts from the on-call rotation if the unit runs one — most BCT S-6 shops do not, but signal battalions and tactical comm sections do.
  • 0530PT formation. Same as every other soldier in the brigade — you are a 25B but you are an infantry-attached soldier on the platoon roster at the BCT S-6. The privates in the shop run with the headquarters company.
  • 0545-0700Unit PT. Rotates through cardio, strength, and recovery days. The S-6 shop typically falls in with HHC or has a designated PT block — the SSG sets the pace.
  • 0700-0900Hygiene, DFAC or barracks breakfast, change into OCPs. Walk to the S-6 shop — the brigade headquarters building, usually adjacent to or attached to the BCT TOC.
  • 0900First formation. The S-6 OIC or senior NCO gives the day brief — ticket priorities, outages, IAVA status, any cyber incidents from overnight, the day's critical user-impacting work.
  • 0915-1130Ticket queue work. You take the tier-1 queue — CAC resets, password resets, printer mappings, workstation reimages, VTC setups for the day's briefings. The SSG passes you any escalation he wants you to learn from.
  • 1130-1300Chow. The S-6 shop typically rotates lunch coverage — at least one soldier on the queue at all times. You eat fast because the queue does not pause.
  • 1300-1500Afternoon queue + project work. If you are out of tickets the SSG hands you a project — STIG remediation on a batch of workstations, GPO testing in the lab OU, asset inventory in DPAS, prep for the next IAVA cycle.
  • 1500-1630Final formation. Hand-receipt reconciliation if you signed for anything during the day — laptops, VTC kit, KVMs. Sensitive items (CACs, classified media) checked in.
  • 1630Released, most days. If the brigade has an evening brief that needs VTC coverage, you stay for the codec checks and the brief itself.
  • 1700-2000Personal time. Gym, study (Sec+ / Net+ / CCNA prep), correspondence courses for promotion points, college courses funded under TA. The cert stack compounds the most for soldiers who use the evening hours.
  • 2000-2200Down time. If you are single in the barracks, study time or social time. If you live off-post (less common at E-3), family time. The shop does not run an after-hours on-call expectation for E-3s — that is the senior tech's problem.
  • 2200Lights out. Tomorrow starts at 0500.
  • Field rotation (CTC / FTX)Different rhythm entirely. The S-6 element deploys with the brigade to the field problem. You are running tactical network setup, VSAT or SATCOM uplinks, tactical Wi-Fi, JBC-P / JCR sustainment, generator-powered switches in tents. Sleep is in shifts; the network has to stay up for the BUB. A 14-day rotation is the formative experience — the SSG watches who can sustain the network at hour 200.

Weekly Cadence

The week in a BCT S-6 shop is queue-driven Monday through Wednesday and project-driven Thursday and Friday — that is the default cadence in a garrison cycle when the brigade is not in a train-up. Monday morning is heavy on the password resets and CAC issues from the weekend, plus whatever broke during the weekend on-call. The senior tech and the SSG triage the week's priorities in the 0900 stand-up; you take the tier-1 work that frees the senior soldiers for the harder tickets and the project work. Tuesday and Wednesday are typically the heaviest VTC days because the brigade and battalion command teams hold their working groups and BUBs midweek — you will run pre-brief codec checks, audio walks, and content-share verifications for at least one brief per day. Thursday is usually slower on the user-impacting queue and heavier on the project side: STIG remediation on a workstation batch, GPO testing in the lab OU, asset reconciliation in DPAS, prep work for the next IAVA cycle. Friday is the company-level event (PT, awards formation, possibly a 1SG inspection of the shop area) and release — the SSG releases the shop early when the queue is clean. The week's other rhythm is administrative. Cyber awareness training compliance is checked monthly through ATCTS — your name on a non-compliant list is the SSG's problem to fix and his counseling material on you. Promotion-point work (the Sec+ study, the ACA cert request, the correspondence course completions) is your evening and weekend project; the SSG does not schedule study time into the duty day. The senior 25Bs in the shop will tell you the same thing every senior 25B has told every cherry for 20 years: the soldiers who use the off-duty hours to stack certs are the ones who pin E-4 on time, get the harder assignments, and walk into a $70K civilian IT job on ETS day. The soldiers who do not use the off-duty hours coast through E-3, take E-4 late, and walk into a $40K helpdesk role on the civilian side.

Key Skills — How to Drill Each

  1. 01
    CAC enrollment, PIN reset, and DEERS lookup workflow in your sleep — this is 30% of your weekly tickets.
    Sit at the RAPIDS / CAC station for a full duty day with the senior tech and watch the workflow end to end before you touch it. Memorize the path through DEERS for the three soldier-class cases (lost CAC, expired CAC, locked PIN) and the order-of-operations for a dependent CAC. When the brigade CSM walks in with a locked card 12 minutes before the BUB, you reset it in front of him without paging the SSG — that is the moment the shop's read on you flips from cherry to useful.
  2. 02
    Image a workstation off the Army Gold Master (AGM) image and rejoin it to the domain without breaking GPOs.
    The AGM workflow is documented in the unit's S6 SOP — read it twice, then watch a senior soldier walk through one full image-and-join cycle before you run your first. Validate post-image that the workstation pulled the brigade OU's GPOs (run gpresult /r and read the output) before you push the laptop to a user. If you skip that step, the user calls you back at 1500 because their printer mappings did not push and the SSG's read on you takes a hit you do not need.
  3. 03
    Read and trace a CAT-5 run from the wall jack to the patch panel to the switch port — punch down a 568B if you have to.
    Carry your own toner / tracer in your kit. When a user calls in about a dead jack, do not assume — tone the cable end-to-end before you blame the switch. Practice the 568B punchdown pattern on scrap cable in the shop on slow days; the first time you do it for a real run on a Friday afternoon is not the time to be learning. Label every patch you make — date, ticket number, initials — on the panel with a sharpie or a label printer.
  4. 04
    Operate the unit's VTC stack — DVS-G, Cisco TelePresence, Polycom — and run pre-brief checks 30 minutes early, every time.
    Build a personal VTC checklist on an index card: power, network, codec dial test, mic and camera, content share, far-end confirmation. Run it 30 minutes before the brief is scheduled to start. The O-6 who walks into a VTC that does not work is not going to ask for your name — your 1SG will know by the time you walk out of the room. The 30-minute buffer exists precisely because the first dial test is the one that fails.
  5. 05
    Open, work, and close a Remedy/ServiceNow ticket cleanly — categorization, resolution notes, customer signoff.
    The ticket is the legal record — the SSG's NCOER bullet on you and the brigade S6 metrics roll up from ticket queue data. Categorize correctly the first time (incident vs request vs problem), write the resolution note as if a CCRI auditor will read it, and confirm with the user before you close. Sloppy resolution notes ('fixed it') get reopened by senior officers as 'you did nothing' the next morning with cc to your 1SG.
  6. 06
    Lock down a workstation per the DISA STIG checklist before you push it to a user.
    The DISA STIGs for Windows 10/11 and Office are on public.cyber.mil — download the most current checklist for the OS you image. Run through the high-severity (CAT-I) items as a hardening pass on every machine before it leaves the imaging bench. The CCRI / CORA inspection auditors run STIG Viewer against random workstations during the inspection week — the workstation with your initials on the asset tag is the one that goes in the report.

Manuals & References — What Chapters Matter

  • AR 25-1 — Army Information Technology; AR 25-2 — Army Cybersecurity
    AR 25-1 is the policy roof for everything you touch — authorities, governance, IT investment. AR 25-2 is the cyber side: account management, incident reporting timelines, training requirements. You will be quoted out of both during your first CCRI prep — at minimum read the table of contents in each so you know which document the answer lives in.
  • DoDM 8140 — Cyberspace Workforce Management (replacing the older DoD 8570.01-M)
    This is the workforce-qualification chart that gates which billet you are allowed to hold. IAT-II for the systems-admin work you will do at E-4; IAT-III for the senior tech roles. Without the right cert on the chart, the position is not yours to sit. Read enough of the manual to know which IAT level your billet maps to.
  • DISA STIGs (public.cyber.mil) — Windows 10/11, Active Directory, Cisco IOS
    The STIG is the hardening checklist the inspection auditor reads against your machines. Download the STIG Viewer tool from public.cyber.mil and run a checklist against a test workstation early in your time at the unit — you want to know what a finding looks like before the inspection week makes it official.
  • CompTIA Security+ exam objectives — the SY0-701 study set
    Sec+ is the DoD 8140 IAT-II baseline — the test you will sit by your one-year mark. The official CompTIA objectives PDF is the syllabus the test is written from. Read it during dead hours on staff duty; the test rewards breadth more than depth and the objectives list tells you exactly what to study.
  • ATP 6-02.71 — Techniques for Department of the Army Information Network Operations
    The doctrinal spine for tactical and garrison Army information networks. You will not be quoted out of it as an E-3, but the staff sergeant and the brigade S6 will — and reading it once means you understand the architecture context behind the tickets you close.
  • Unit S6 SOP / local enclave documentation
    Every brigade S6 maintains a local SOP covering account creation, GPO scope, VLAN scheme, ticket categorization, and on-call procedures. The local SOP is what the SSG actually quotes when he corrects you. Read it your first week, screenshot the important pages to your government phone, refer to it weekly. The brigade-specific procedures matter more than the Army-wide regs at this rank.

Standards — How to Hit Each

  • CompTIA Security+ certification by your one-year mark in the unit (the IAT-II floor for 25B jobs).
    Start the study during AIT or your first 60 days — sooner is better because the test fee is funded under Army Credentialing Assistance (ACA). Use Professor Messer's free YouTube series + the official CompTIA objectives PDF as your spine; sit a practice test before you schedule the real one. The unit's senior 25Bs will quiz you on the weak areas if you ask. Pass it inside the first year and the SSG starts assigning you the IAT-II billet work.
  • A+ and Network+ if you do not arrive with them — the Army Credentialing Assistance program pays for the voucher.
    Submit the ACA request through ArmyIgnitED for the exam voucher; pacing one cert every 4-6 months is realistic during a normal duty cycle. Net+ before Sec+ is the easier ramp — it is more technical and less compliance-heavy. A+ is the lowest-leverage of the three for active duty but matters if you ETS into a desktop-support civilian role.
  • Ticket SLA: tier-1 issues closed inside 24 hours, escalations documented with the time, action, and outcome.
    Open the ticket within 15 minutes of taking the call. Document each action with a timestamp — 'PIN reset complete, user verified login, ticket closed' beats 'fixed it' every time. When you escalate, the escalation note tells the senior tech what you have already tried — do not make him repeat your steps. The S6 metrics roll up monthly; a sub-24-hour close rate is visible at brigade level.
  • Zero 'lost laptops.' Every device you touch is signed in and signed out of the property book.
    The hand-receipt is your legal protection. Sign for the device in DPAS / GCSS-Army before you walk it to the user; sign it back in when it returns. If a device disappears, your name on the hand-receipt is what the FLIPL investigating officer reads. Build the habit early — the senior soldiers do not chase you on this; they let the FLIPL teach you.
  • Annual cyber awareness training (DoD CYBER AWARENESS) completed before the deadline.
    ATCTS tracks the completion date for the whole brigade; a soldier whose training expires locks the brigade's IATC numbers. Set a calendar reminder 30 days before your training expires. The training itself is roughly 90 minutes through the DoD Cyber Awareness Challenge — do it on staff duty or during a slow afternoon. The cost of missing the deadline is your 1SG's phone call from the brigade S6.

Technical Mistakes — Concrete Consequences

  • Plugging a personal USB into a government workstation.
    The endpoint monitoring catches the device-class violation in the next pull. You will be in the SAC commander's office that afternoon for a security incident report; if the USB had any flagged content, the matter is now a CI referral and your TS adjudication restarts from zero. The cleanup paperwork lives in your security folder for the rest of your career.
  • Sharing a CAC PIN over the phone or in chat. Even once.
    PIN sharing is a non-repudiation violation under AR 25-2 — once the PIN leaves your control, every action signed by your CAC is no longer attributable to you. The OPSEC office runs spot checks; the consequence is a counseling at minimum, a security incident in the moderate case, and clearance review in the worst case. The SSG's read on you is set for the rest of the rotation.
  • Closing a ticket as 'resolved' without confirming with the user.
    The senior officer reopens it at 0600 the next morning as 'you did nothing,' with cc to your 1SG, your platoon sergeant, and the brigade S6 OIC. The ticket reopens, the S6 metrics roll up a 'reopened ticket' count, and the SSG asks the company commander why the brigade's IT metrics took a hit this week. One ticket of habit-bad documentation undoes three months of clean queue work.
  • Imaging a machine off a personal USB stick instead of the AGM.
    The trust-level mismatch causes a STIG failure on the next IAVA audit — the auditor pulls a random workstation, runs STIG Viewer, and sees the wrong baseline. The finding rolls up to the brigade S6 OIC's slide for the next cyber inspection brief. The corrective action is a full rebuild of every machine you imaged off the bad stick, plus a counseling that lives in your file.
  • Telling a senior officer 'I cannot do that' without offering the workaround.
    Senior officers do not need to hear 'cannot.' They need to hear 'the request requires X approval and I have already opened the ticket — here is the workaround until then.' The officer who hears 'cannot' walks to the SSG and the SSG walks to you with a counseling about customer service. The fix is one sentence of preparation: always have the next step ready.

Career Decisions at This Rank

  • Sec+ first or Net+ first
    Sec+ is the DoD 8140 IAT-II baseline — without it you cannot administer the systems the unit needs you to administer at E-4. Most 25Bs sit Sec+ first because it is the gate. Net+ is the more technical exam and easier to absorb if your AIT was strong on the networking content; some soldiers find Net+ a better warm-up because the content overlaps with the Sec+ networking domain. Default is Sec+ first, but if your AIT performance was strong on networking and weak on compliance, flip the order. ACA pays for both — the question is sequencing, not affordability.
  • Volunteer for the tactical-network slot vs the garrison helpdesk
    The BCT S-6 has both — a garrison helpdesk team that runs the brigade's fixed IT footprint, and a tactical element that deploys with the brigade for FTXs and CTC rotations. The tactical element is harder, less predictable, and physically more demanding (you are in tents on generator power for two weeks at JRTC, not in an air-conditioned shop). The career payoff is real: the tactical-network experience is what the post-service defense contractor market and the warrant officer (255A) packet both weight. The garrison helpdesk experience is tenure without the same skill compounding. Default: volunteer for the tactical slot when it opens.
  • Pursue 17C (Cyber Operations Specialist) reclass at first opportunity
    The Army has been actively recruiting 25-series soldiers into 17C since the MOS stood up — the cyber-warfare operator path. TS/SCI clearance is required, the school pipeline at Fort Eisenhower runs 6+ months, and the post-service market for 17C-trained operators is materially stronger than for general 25B. Most 17C reclasses happen at E-4 or E-5 because the chain wants you to have basic 25B competence first, but you can express interest as an E-3. The honest test: are you genuinely interested in offensive cyber and defensive cyber operations, or are you chasing the cooler MOS name? The school is hard and the wash rate is real.
  • Start the college packet (TA / community college) early
    Tuition Assistance funds college courses up to the published annual cap (the cap has moved year over year — pull the current TA MILPER). Community college credits in IT, networking, and general education compound for the DA 3355 promotion-point worksheet later (max 110 promotion points for 60+ semester hours of college credit). The trap: starting and not finishing — incomplete courses or withdrawals after the drop window cost the soldier the TA repayment. Pace the load at 1-2 courses per term; the shop's SSG will work with you on the schedule if the academic load does not interfere with the duty day.

How the Seat Varies by Unit Type

  • BCT S-6 (organic brigade IT shop in any BCT — IBCT / SBCT / ABCT)
    The most common first assignment. You support a 4,000-soldier brigade through one S-6 OIC (typically an O-3 captain), one or two warrant officers (255A network technician, 255N network management), and an enlisted bench of 8-15 25Bs across the grades. Garrison work is helpdesk + project work; field work is tactical-network deployment during FTXs and CTC rotations. The work is broad but not deep — you touch every system the brigade owns but rarely become the deep SME on any one of them.
  • Expeditionary Signal Battalion (ESB) / Theater Signal Brigade slots
    A different rhythm. ESBs (the Army's deployable signal force) are split into companies that field tactical SATCOM, line-of-sight microwave, JTRS networks, and the deployable network architecture for joint task forces. The 11th SB at Fort Cavazos, 7th SB-T in Korea, 5th SB-T in Europe — these units rotate often, train hard, and produce 25Bs with deeper tactical-network skill than the BCT S-6 path produces. Career-distinguishing for those who want the technical depth track.
  • NETCOM Enterprise (NEC — Network Enterprise Center) at a fixed installation
    The garrison-IT track. You are running Tier-1 / Tier-2 helpdesk and Active Directory admin on a fixed installation — Fort Cavazos, Fort Bragg, Fort Carson, etc. The work is steady, the hours are predictable, the deployment cycle is minimal. The post-service translation is straight to civilian enterprise IT (helpdesk, sysadmin, Active Directory admin). Less career-distinguishing for active duty progression but materially more family-friendly than the deployable signal force.
  • Cyber Brigade / Cyber Center of Excellence (Fort Eisenhower)
    The technical elite track — 780th MI Brigade, 781st MI Battalion, the Cyber Protection Brigade. TS/SCI required, mission work is offensive and defensive cyber operations. Most 25Bs do not arrive directly into a Cyber Brigade slot as E-3; the typical path is BCT S-6 → strong performance → 17C reclass or Cyber Brigade levy at E-4 or E-5. If you land the slot as an E-3, recognize that you are on the development bench for the cyber community — the senior NCOs there are mentoring you toward 17C, 35Q SIGINT analyst, or warrant officer (170A cyber warrant) track.
  • COCOM J-6 / strategic signal billet (CENTCOM, EUCOM, INDOPACOM, etc.)
    Uncommon at E-3 but possible. These are joint headquarters IT shops — the joint task force's communications backbone. Work is high-OPSEC, the standards are exacting, and the joint duty exposure compounds early in a career. If the slot is offered, the chain considers it career-shaping; the question is whether you are ready for the joint environment as a junior soldier or whether the BCT-level fundamentals are still the better foundation.

What Good Looks Like at This Rank

The good 25B cherry is the soldier the staff sergeant deliberately sends to the brigade CO's laptop problem because the SSG knows it comes back fixed and the CO will not bring it up at the BUB. By month nine the soldier has Sec+ on the wall — passed on the first sit because she put in the study during dead hours on staff duty and ran practice tests with the senior tech in the shop. By month eighteen she is running a help-desk rotation and the new privates ask her, not the SSG, the procedure questions on tickets. She does not announce herself. She closes tickets with resolution notes that read like an incident report — timestamped actions, customer verification, clean categorization. She runs the VTC pre-brief checklist 30 minutes early without anyone asking, and the O-6's brief starts on time because the codec dialed clean. When the brigade S6 walks the shop, he names her by first name and asks if she has the CCNA packet started — and she does, because she put the ACA request in two months ago. The technical bench in the S6 has noticed. The senior signal NCO is already thinking about her for the tactical-network rotation at the next CTC train-up — the slot that compounds toward E-5 in a way the helpdesk queue does not. She will be on that team, and the team will come back from JRTC with a clean network and a name the brigade CO remembers.

Preview — The Next Rank

Specialist 25B (E-4) is the rank where the cert stack stops being aspirational and starts being your career profile. The garrison helpdesk path and the deployable-network path produce visibly different soldiers by the time both are E-4s, and the difference compounds for the rest of the career. At E-4 you are still the technical worker — but you are also the first-line technical lead for the new privates in the shop, and the SSG will start trusting you with the projects that hurt: WSUS / SCCM patch cycles, Active Directory user and group administration in a delegated OU, the GPO push that touches every workstation in the brigade. The promotion math to SGT (E-5) runs through the semi-centralized AR 600-8-19 system — 36 months TIS, 8 months TIG (waivable in some cases), DA 3355 worksheet at max 800 points, monthly HRC cutoff, chain release. BLC (Basic Leader Course, 22 academic days) is the STEP gate for SGT — without BLC complete, no pin-on regardless of points. The cert stack you build now is what feeds your promotion points later: Sec+ is the IAT-II floor, but CCNA, Network+, CompTIA CySA+, and the vendor stack (Microsoft, AWS, Red Hat) all compound for the worksheet. The soldiers who pin E-5 on time use the E-3 / E-4 evenings to stack certs. The other E-4 reality: this is the rank where the 17C (Cyber Operations Specialist) reclass packet becomes a serious conversation, where the TOP SECRET clearance gets adjudicated if you are tracking toward a higher-headquarters or Cyber Brigade billet, and where the chain starts looking at you for a school slot (Air Assault, Airborne, or the cyber-leaning slots) that visibly shapes your senior-NCO trajectory. The SSG you are working for now is writing your initial NCOER input — the bullets the centralized board will eventually read. Make the bullets easy to write: clean tickets, project completions, cert sittings, no security incidents, no clearance flags.
FAQ

25B E1-E3 — Frequently Asked Questions

Q01What does a E1-E3 25B (Information Technology Specialist) actually do?
You reimage workstations, reset CAC PINs, plug in CAT-5, and close tickets in Remedy or ServiceNow.
Q02What's the most important thing to know as a E1-E3 25B?
25B AIT at Fort Eisenhower (the renamed Fort Gordon, GA) runs around 20 weeks under the Cyber Center of Excellence.
Q03What does a typical day look like for a E1-E3 25B?
Time-blocked day at the E1-E3 25B rank tier: 0500 Wake up. Quick coffee. Phone check for any overnight alerts from the on-call rotation if the unit runs one — most BCT S-6 shops do not, but signal battalions and tactical comm sections do, 0530 PT formation. Same as every other soldier in the brigade — you are a 25B but you are an infantry-attached soldier on the platoon roster at the BCT S-6. The privates in the shop run with the headquarters company, 0545-0700 Unit PT. Rotates through cardio, strength, and recovery days.…
Q04What mistakes get E1-E3 25B soldiers fired or relieved?
Letting Security+ lapse. Recertification is required every 3 years (or via Continuing Education Units); a lapsed Sec+ removes you from DoD 8140-compliant billets; Coasting on garrison helpdesk work. The ticket-queue experience doesn't compound the way tactical-network or cyber-adjacent experience does; Clearance behaviors: financial irresponsibility (delinquent debts), undisclosed foreign contacts, drug use, security-incident reports — clearance issues at E-3/E-4 follow you for the entire career
Q05What career decisions matter most at the E1-E3 25B rank tier?
Sec+ first or Net+ first — Sec+ is the DoD 8140 IAT-II baseline — without it you cannot administer the systems the unit needs you to administer at E-4. Most 25Bs sit Sec+ first because it is the gate. Net+ is the more technical exam and easier to absorb if your AIT was strong on the networking content; some soldiers find Net+ a better warm-up because the content overlaps with the Sec+ networking domain. Default is Sec+ first, but if your AIT performance was strong on networking and weak on compliance, flip the order. ACA pays for both — the question is sequencing, not affordability;…
Q06What's next after E1-E3 for a 25B (Information Technology Specialist) in the Army?
Specialist 25B (E-4) is the rank where the cert stack stops being aspirational and starts being your career profile.
Q07What manuals and regulations does a E1-E3 25B need to know cold?
AR 25-1 — Army Information Technology; AR 25-2 — Army Cybersecurity (read both, even if you only ever read them once).; DoD 8570.01-M / DoDM 8140 — Cyberspace Workforce Management (this is the chart that gates your IAT-II/III billet).; DISA STIGs for Windows / Active Directory / Cisco IOS (public.cyber.mil).

Based on 29 tips from 0 contributors

Published by the Honest MOS Editorial DeskVerified against DoD/.gov sourcesUpdated May 2026Editorial standards