Signals Intelligence Analyst
E-1 to E-3 (Junior Enlisted) · Army
Your TS/SCI with the CI polygraph is the most valuable thing in your wall locker, and it is on probation every day for the next twenty years. One personal electronic into the SCIF, one unreported foreign contact, one shared password on NSANet or JWICS, one careless comment in the parking lot at Fort Meade or Fort Eisenhower — and you are out of the building. The Goodfellow pipeline is done; the work-role pipeline is just starting. Two non-negotiables before pin-on E-4: keep the TS/SCI with the polygraph clean, and close out the JQR / OJT signoff book on your first work-role inside the team's published timeline. Everything else is recoverable; those two are not.
- 01BCT (one of the Army's BCT installations).
- 02AIT at Goodfellow AFB, TX — joint cryptologic schoolhouse, 17th Training Wing hosting, Army host battalion under the 312th Training Squadron's joint construct; ~25+ weeks depending on follow-on track.
- 03TS/SCI with CI polygraph adjudicated through DoD CAF — the gate to every assignment in the MOS; FS poly for some compartments downstream.
- 04First duty station: 706th MI Group at Fort Meade, 470th / 500th / 501st / 66th theater intel BDE, 780th MI BDE at Fort Eisenhower (formerly Fort Gordon — renamed 2023), CMF team detached to NSA-Hawaii / NSA-Texas / NSA-Colorado, or national-detail seat.
- 05Month 0-6: in-process the team, SCI read-on through SSO, NSANet / JWICS / SIPR account activation, JQR / OJT signoff book started, IAT-II (Sec+ CE typical) credential in motion through Army Credentialing Assistance.
- 06Month 6-12: shadowing certified analyst on assigned work-role, JQR half-complete, first polygraph re-scope if SEAD 3 / CV cycle drives one, NCS (National Cryptologic School at Fort Meade) entry-catalog seats consumed.
- 07Month 12-18: unsupervised work-role qualification signed off, second position under JQR or in trainer, IFPC (Intelligence Fundamentals Professional Certification) attempt window opens.
- 08Month 6 TIS: E-2 (automatic per AR 600-8-19); Month ~12 TIS: E-3 / PFC (4 mo TIG, waivable). E-4 board prep begins in second half of first contract; BLC packet conversation opens with section sergeant 12 months before SGT-window TIS/TIG hits.
- ×Bringing a personal electronic device into the SCIF — phone, smart watch, fitness tracker, wireless earbuds. Even once. SSO suspends access that afternoon; the security incident report runs months; DCSA reviews; the file sits on your security record forever and reads at every clearance reinvestigation. The seat sits empty for weeks or months while the inquiry runs.
- ×Failing to self-report a foreign contact, foreign travel, marriage to a foreign national, or a financial event under AR 381-12 (TARP) and SEAD 3 inside the published windows. Continuous Vetting under SEAD 6 will surface it before you do, and the conversation moves from SSO administrative review to CI investigative under AR 381-20.
- ×DUI / drug pop / off-post arrest with a TS/SCI + polygraph on the line. SEAD 4 Adjudicative Guidelines (G alcohol, H drug, E personal conduct, I criminal) apply immediately; clearance suspension is the default; AR 635-200 chapter 14 separation paperwork runs in parallel. You leave the SCIF the same afternoon and the access never comes back.
- ×Talking shop off-post — to a girlfriend, a roommate, a bartender, the squad at the bar in Augusta or Laurel. Classified discussion outside the rated space is a security incident under AR 380-5 regardless of who was listening. The SSO writes the report; the senior NCO writes the counseling; the next CV review reads it.
- ×Posting OPSEC-relevant content on social media — unit patch, building photos, 'first day at NSA' selfies, LinkedIn that names programs by code or target sets by label. Foreign collection against the SCC workforce is real; the brigade S2 OIC runs OPSEC reviews of cleared-workforce social media; the SGM hears your name on the non-compliance roll.
- ×Letting the IAT-II credential (Security+ CE typical) lapse on the DoDM 8140 schedule. The audit pulls you off the position the day it expires; the team is short an analyst until you re-test; the senior NCO who backfills your seat reads the gap as a discipline failure.
A Day in the Life
- 0500Wake. Coffee. Quick phone check — accountability OK, no soldier emergencies, no overnight team chat from the senior NCO. Phone goes back in the kitchen drawer because it is not going anywhere near the SCIF. PT uniform on, badge in pocket.
- 0530PT formation at the company area or the team's designated PT pad. Cryptologic / MI companies often run PT on a slightly delayed schedule to align with the team's SCIF rhythm. Accountability to the section sergeant; the senior NCO reads the formation.
- 0545-0700Unit PT — rotates through cardio days, strength days, recovery-mobility days. The cryptologic workforce has a PT reputation to fight; the cherry who shows up at the front of the run is the cherry the senior NCO notices.
- 0700-0830Hygiene, breakfast at the DFAC or in the barracks if you are still in the BEQ, change into the uniform of the day. OCPs typically; some NSA-detail seats run a different uniform standard — the senior NCO walks you through it.
- 0830In-process the SCIF. Badge swipe, SF 702 sign, lock all personal electronics in the entry container, walk to your position. The senior analyst on the floor reads the previous watch log and briefs the picture.
- 0830-1130Shadow shift on the assigned work-role. The senior analyst drives the position; you sit next to him, you read the traffic alongside him, you walk through the tooling, you ask questions during the slow moments rather than during the active ones. You also work on your JQR signoff line items — each task you can demonstrate is a signoff to drive.
- 1130-1300Chow. You eat with the team at the on-post DFAC or in the team space if your facility supports it. The senior NCO read of you forms around that table; the senior analyst may pull you aside for a five-minute mentor conversation about the morning's traffic.
- 1300-1500Afternoon shadow shift continues. You may rotate to a second work-role for an hour to begin building the second JQR. The senior analyst redlines a BLUF you drafted in the morning; you take the redline as a teaching moment rather than as a personal hit.
- 1500-1600Compliance and admin block. IAT-II credential study if your test date is approaching; annual SAEDA / TARP / cyber-awareness / OPSEC / insider-threat training if a module is due; classified destruction log entries if your section is on rotation; SF 701 end-of-day SCIF checklist support if your section closes the spaces.
- 1600-1630Section huddle with the senior NCO. The senior NCO walks the team's rollup for the day, names tomorrow's priorities, confirms watch coverage, and reads anyone who is on a deadline (BLC packet, IAT-II test date, polygraph re-scope, JQR milestone, NCS slot).
- 1630Out-process the SCIF. Lock workstations, sign SF 702, secure containers, walk out. Released. Some days the watch cycle keeps the section in longer; the team chief will tell you when that day comes.
- 1700-2000Personal time. If studying for IAT-II, this is the block. If chasing an ACFT score the senior NCO will respect, this is the gym block. Married soldiers get family time; single soldiers in the BEQ rotate between the gym, the books, and the chow hall. Smart cherries study on their own time; average ones do not.
- 2000-2200Wind-down. The cherry 35N schedule is not as compressed as a line-MOS schedule at this rank — the watch rhythm and the SCIF day are bounded. The cherry who uses the evening to study and to PT is the cherry the senior NCO reads as serious about the career.
- 2200Lights out. Tomorrow starts at 0500.
- Watch / shift rotationSome teams run 24-hour watches during exercises or real-world contingencies. As a shadow you sit on the watch shift the senior analyst sits — the night shift is your shift if he is the night-shift senior. The clock breaks; you sleep when the watch hands off; the morning brief is briefed by whoever has the picture at the agreed time.
Weekly Cadence
Key Skills — How to Drill Each
- 01Operate inside an NSA-tasked SCIF to AR 380-5, AR 380-67, DoDM 5105.21, and ICD 705 standards — badge discipline, two-person integrity, classified discussion only inside spaces rated for it.The SCIF is not a metaphor; it is a physical space accredited by the cognizant security authority under ICD 705 with a specific authorized-use envelope and a Special Security Officer (SSO) who inspects against the accreditation. Badge worn inside, badge in the pocket outside the spaces, badge never on a guard-gate photo on Instagram. Two-person integrity means two people with their own credentials, their own awareness of what is happening — not 'my buddy is in the building somewhere.' Classified discussion stays inside the rated space; the hallway, the smoke pit, the gym, the carpool, and the chow hall all count as outside, even if every person present is cleared. The SF 700 (container info), SF 701 (end-of-day SCIF walk), SF 702 (container open/close log), and SF 153 (classified destruction / transfer) trail you sign tells the truth about whether the spaces were closed correctly. The senior analyst tells you within the first month who the SSO is, which space is rated to which level, and which doors you do not push without permission.
- 02Read SIGINT product traffic on JWICS, SIPR, and NSANet — COMINT, ELINT, FISINT — and write a one-paragraph BLUF a senior analyst can put in front of the watch chief without rewriting.The BLUF (Bottom Line Up Front) is the discipline of leading with the answer, then the confidence, then the sourcing. Three sentences max for a shadow product at your level: what does the traffic say, how confident are you, where is the citation. Apply ICD 203 (Analytic Standards) and ICD 206 (Sourcing) from day one — even at the trainee level. The senior analyst on the position redlines your first ten BLUFs hard; by the fourth or fifth he is signing them through with minor edits; by the tenth he is asking you to draft the BLUF on his product because your habits are cleaner than his. The cherry-analyst mistake is over-writing — five sentences when three would do, qualifiers stacked because you do not yet trust your own confidence call. Read for two hours, write for fifteen minutes. The senior NCO and the team chief notice the cherry whose first ten BLUFs were redlined hard and whose next ten were clean.
- 03Drive the basic analyst tooling on the cryptologic enterprise — query, pivot, plot, log every action, never run on someone else's credentials.The work-role-specific tooling is taught at Goodfellow and re-taught at the team because every team's stack is slightly different. The discipline that does not change: every query, every pivot, every action is logged under your credentials and is auditable. The audit log finds account-sharing; the audit log finds credential reuse; the audit log finds the 'I was just helping' moment when a senior analyst stepped away from his workstation and you pressed the key under his login. Two-person integrity in tooling means each person logs in as themselves. The senior analyst who lets you 'just finish this query' under his credentials is teaching you the wrong lesson — politely log out and log back in under your own. The CCRI (Command Cyber Readiness Inspection) and the quarterly cyber audit close accounts found sharing credentials.
- 04Apply the analytic standards from ICD 203 (sourcing, confidence, alternative analysis) and ICD 206 (sourcing requirements) to anything you produce, even at the trainee level.ICD 203 is the IC-wide analytic tradecraft standard — the five elements grade objectivity, independence of political consideration, timeliness, all-sourcing, and the tradecraft tells (source description, expression and explanation of uncertainty, distinguishing assessment from underlying information, alternative analysis where warranted, customer relevance). ICD 206 governs how you cite the sources behind the assessment. At the trainee level three things matter: cite your sources by enclave and date, name your confidence honestly (low / moderate / high with the analytic basis), mention alternative explanations when the data could support more than one read. The senior analyst and the team chief grade on these before they grade on technical content. Print the five ICD 203 standards; keep them at the position; the cherry whose BLUFs read like ICD standards from day one is the cherry whose products move forward without rewriting.
- 05Sit a position under qualification — shadow the certified analyst, run the JQR / OJT signoff book, ask the question before you press the key, not after.Position qualification is the formal process by which you move from shadow to unsupervised operator. The JQR (Job Qualification Record) book and the OJT (On-the-Job Training) signoff book are the formal record. Each line item is a specific task the certified analyst has watched you do, signed off on, and dated. The book is inspected by the team chief monthly and by the brigade or supported command quality officer periodically. The discipline: do not sign for what you have not done, do not let the senior analyst sign for what he has not watched, treat each signoff as a contract. The audit catches falsified JQR entries faster than most cherries expect, and the team's training authority gets pulled when it is found. Build the habit of asking for signoffs after specific tasks you have demonstrated, not in bulk at the end of a quarter — and keep your own copy of the JQR tracker so you know which line items remain.
- 06Pass the IAT-II prerequisites — DoDM 8140 (Cyberspace Workforce Qualification) gates every position you are trying to qualify on.DoDM 8140 (current edition — verify; the manual succeeded the older 8570 framework and aligned to the NIST NICE workforce model) governs cyberspace workforce qualification. Most 35N positions inside the cryptologic enterprise require IAT-II baseline; CompTIA Security+ CE is the most common funded entry credential. Army Credentialing Assistance via the GoArmyEd / ArmyIgnitED portal (verify the current portal name) funds the voucher and prep materials. Study the official CompTIA exam objectives, work through a prep guide, take practice tests. Plan to test within the first 6 months at your team. The team's IAT compliance officer or the SSO walks you through the credential reporting once you pass. The day the IAT-II deadline passes without you certified, the DoDM 8140 audit pulls you off the position until you re-test — and the senior NCO read of you tracks who needs reminding and who self-drives.
Manuals & References — What Chapters Matter
- ATP 2-22.6 — Signals Intelligence TechniquesThe Army's keystone doctrine for the SIGINT discipline. Read it cover-to-cover your first quarter — the SIGINT framework, COMINT / ELINT / FISINT breakdown, the cryptologic enterprise architecture, tactical SIGINT and theater SIGINT, the relationship between the Army SIGINT workforce and the NSA / CSS enterprise. The senior analyst on the position quotes from ATP 2-22.6 when explaining the discipline; the team chief expects you to know the chapter and section he is referencing.
- FM 2-0 — Intelligence; ADP 2-0 — IntelligenceThe Army's doctrine spine for the intelligence warfighting function. Read FM 2-0 chapters 1-3 your first month — the intelligence warfighting function, the operations process and intelligence integration, the intelligence disciplines. ADP 2-0 is the principles-level companion. The senior rater quotes from these in NCOER block-reads; the BCT or theater intel brigade S2 OIC references them when describing how SIGINT fits inside the broader intelligence enterprise.
- EO 12333 — US Intelligence Activities; DoDD 5240.01 — DoD Intelligence ActivitiesEO 12333 is the executive-order architecture framing every collection authority and oversight requirement you operate under. DoDD 5240.01 is the DoD implementation. AR 381-10 (US Army Intelligence Activities) is the Army implementation with the Procedures 1-15 oversight rules. Read them once at trainee level. The senior analyst, the warrant officer, and the team chief will reference them when explaining why a specific collection or report falls inside or outside the authority envelope. The cherry analyst who freelances outside the envelope is the cherry analyst the CI office sees.
- USSID-series — United States Signals Intelligence DirectivesThe cryptologic enterprise rulebook — the directives governing what your team can collect, exploit, and disseminate. Volumes are FOUO; the senior analyst briefs you on the specific volumes that apply to your work-role. Do not freelance on USSID-governed work; the cost of a USSID violation is a CI inquiry, not a counseling. The discipline at trainee level is to ask 'what USSID covers this' before pressing the key on a borderline action.
- AR 380-5 — Information Security Program; AR 381-10 — US Army Intelligence Activities; AR 381-12 — TARP; AR 380-67 — Personnel SecurityAR 380-5 governs day-to-day classified handling — material classification, marking, handling, storage, transmission, destruction (SF 700 / 701 / 702 / 153). The SSO inspects against AR 380-5. AR 381-10 is the governing reg for Army intelligence activities including Procedures 1-15 (collection on US persons). AR 381-12 is your TARP self-reporting obligation — foreign contacts, foreign travel, suspicious behavior, attempted elicitation, insider-threat indicators inside the published 24-hour / 72-hour windows. AR 380-67 governs personnel security including the SSBI / TS/SCI continuous-evaluation framework.
- ICD 203 — Analytic Standards; ICD 206 — Sourcing Requirements; ICD 705 — SCIF Standards; DoDM 5105.21 — SCI Administrative Security ManualICD 203 governs analytic tradecraft (your BLUFs and products are graded against it). ICD 206 governs sourcing on disseminated products. ICD 705 governs SCIF accreditation — the standard the rooms you work in are built to. DoDM 5105.21 is the SCI Administrative Security Manual — the practical playbook the SSO works from for read-on, read-off, visit certs, and the operational discipline of running an SCI program. Print the ICD 203 standards; keep them at the position.
Standards — How to Hit Each
- STP 34-35N task signoffs and JQR / OJT first-position qualification inside the published timeline — most teams expect first position qualification inside 12-18 months.STP 34-35N (Soldier Training Publication for MOS 35N) is the Army's task-level standard publication for your MOS. The JQR / OJT book is the team's local position-qualification record built on top. Each STP task and each JQR line item is signed by the certified analyst, dated, and inspected by the team chief monthly. Build the habit of asking for signoffs after specific tasks you have demonstrated, not bulk at quarter's end. Keep your own copy of the tracker. The senior analyst who watches you sit a position for a year without driving the signoff book is not the person you blame — that is the cherry's signoff to drive.
- IAT-II baseline credential on the DoDM 8140 list (Security+ CE typical, funded by Army Credentialing Assistance) inside the published window. NCS (National Cryptologic School at Fort Meade) entry-catalog seats consumed as the team slots them.Most teams give cherries 6-12 months from arrival to test for IAT-II. Army Credentialing Assistance through the current portal funds the voucher and prep materials. Study early; test once ready; do not let the deadline slide because the senior NCO did not personally remind you. The NCS at Fort Meade is the IC's training center for cryptologic skills — entry-catalog seats fill from the soldier who asks first. Ask the section sergeant about NCS catalog availability at month six; the cherry who asks is the cherry who fills slots.
- TS/SCI with appropriate polygraph (CI minimum; FS for some compartments) maintained without a derogatory flag — one mishandling incident or one personal-conduct flag and the SSO pulls access that afternoon.Clearance maintenance runs through Continuous Vetting (SEAD 6) and periodic polygraph re-scope cycles. Self-report under AR 381-12 (TARP) and SEAD 3 inside the published windows — foreign contact, foreign travel, name changes, marriage to a foreign national, unexplained affluence, attempted elicitation, suspicious cyber activity, drug or alcohol incidents. The polygraph re-scope cycle is published by your unit's polygraph branch. Live like the clearance matters — because at this rank, in this MOS, it is the credential that carries forward into the rest of the career.
- ACFT 500+ floor — NSA-detail work is sedentary by design; the Army standard does not move.500 is the bare minimum to be left alone; 540+ is where senior NCOs stop reading you as a PT problem. Lift heavy three days a week, run intervals two days a week, focus on grip and core. The 2-mile run is the score-killer in a sedentary MOS — pull your time below 16:30 and you can afford to score moderately on the lifts. The senior NCO and the team chief read the ACFT score as the discipline metric for the rest of the seat. The cryptologic community has worked hard to shed the 'soft' stereotype; do not put it back on the section.
- Annual SAEDA / TARP / cyber awareness / OPSEC / insider-threat / USSID-compliance training complete before suspense — your name on the brigade non-compliance roll is the wrong way to be noticed.The training cycle is published by the brigade S2 / SSO / cyber-awareness shop through JKO / ALMS / unit-specific compliance trackers — verify which one your team uses. Complete each module before the suspense; print or screenshot certificates; send to the training NCO if the team requires manual confirmation. Set calendar reminders 30 days out. Do the trainings on a Wednesday afternoon when the section is quiet, not the Friday before suspense. The cherry analyst whose name lands on the non-compliance roll is the cherry whose next NCS / Foundry seat is the next one revoked.
Technical Mistakes — Concrete Consequences
- Taking a personal electronic device — phone, smart watch, fitness tracker, wireless earbuds — into the SCIF.SSO pulls access that afternoon; CI inquiry under AR 381-20 / DoD 5240.06 runs; AR 380-5 incident report runs months. The file lives on your security record forever and reads at every clearance reinvestigation. The team chief explains the gap to the brigade S2 OIC or the supported command; your seat sits empty for weeks or months. The 30 seconds it takes to lock the device in the entry container is the 30 seconds that protects the rest of the career.
- Logging into a JWICS, SIPR, or NSANet terminal under another analyst's credentials because 'they were right here.'Account sharing is auditable. The audit closes your access permanently and the senior analyst's access for as long as the inquiry runs. The team chief writes a counseling statement; the SSO writes an incident report; the cyber-incident reporting chain under AR 25-2 puts the event on the brigade S6 / S2 incident dashboard. The senior analyst who let you log in under his credentials is in the counseling chain too — and the team's training authority pays through the inquiry window.
- Talking shop in the hallway, the smoke pit, the gym, the carpool, the chow hall, or the BEQ — even shorthand, even to another cleared soldier.Classified discussion outside the rated space is a security incident under AR 380-5 regardless of whether anyone outside the cleared workforce was present. The SSO writes the incident report; the senior NCO writes the counseling statement; the clearance review reads the incident in the next CV cycle. Foreign collection against the cryptologic workforce is real — open-source overhearing happens, and the senior NCOs have stories. The discipline: where you work, what you target, who you support do not leave the SCIF.
- Posting OPSEC-relevant content on social media — unit patch, 'first day at Fort Meade' photo, LinkedIn bullets that name programs by code or target sets.The brigade S2 OIC runs OPSEC reviews of cleared-workforce social media periodically. Your name surfaces on the non-compliance review; the senior NCO and the SSO have a conversation you do not want; the post comes down; and the incident lives in the security file. Foreign collection scrapes LinkedIn and social media for cleared-workforce names — the discipline is operational reality, not paranoia. Set LinkedIn to private, scrub the BCT-graduation Instagram, and do not let the next post happen.
- Pressing a key on a position you are not signed-off on because 'the senior analyst stepped out.'Unsupervised operator action without qualification gets the team's authority pulled and your career ends before E-4. The audit log catches it; the senior analyst is in the counseling chain; the team chief explains the gap to the brigade and supported command. The discipline: if the senior analyst stepped out and the position needs action, call the next certified analyst on the watch bill or tell the senior analyst the team needs to backfill the position. You do not press the key.
Career Decisions at This Rank
- BLC packet timing and slot pursuit.BLC (Basic Leader Course) is the prerequisite to pin SGT and the first NCO Academy gate under STEP per AR 600-8-19. For 35N soldiers the BLC slot is harder to get than line-MOS peers expect because the senior NCOs at your team are reluctant to release you for 22 days when you are sitting an unsupervised position the team spent 18 months qualifying you on. Open the packet conversation with your section sergeant 12 months before you need the slot. The trade-off is real: you lose three weeks of position time and the team backfills the seat; the team chief reads whether the packet was driven by you or chased by the senior NCO. Do not skip BLC because the timing is hard — the SGT board moves regardless of your readiness, and the soldier without BLC at cutoff is the soldier who sits in zone.
- IAT-II credential study and timing — Security+ CE typically.The IAT-II baseline credential is the DoDM 8140 gate to most 35N positions. Most teams give cherries 6-12 months to test. Army Credentialing Assistance funds the voucher and prep materials. Study early — the cherry who treats the credential as a Year One priority is the cherry whose JQR pipeline does not stall when the audit window approaches. Once Sec+ CE is on the wall, the next conversation is the IAT-III credential (CASP+, CISSP-Associate, or platform-specific equivalents on the DoDM 8140 list); for most cherries that conversation is at E-4 or E-5, but the soldier who tests early earns currency with the team and the senior NCO. The trap: failing the test and not retesting promptly. The team chief and senior NCO read the gap; do not let one failure become a six-month delay.
- First re-enlistment window — SRB, CSRB, follow-on assignment, ETS, or Active to Reserve.The first re-enlistment window typically opens 12-18 months before your first contract ends. The Selective Reenlistment Bonus (SRB) per the current HRC SRB MILPER and the Critical Skills Retention Bonus (CSRB) for specific cryptologic / SIGINT skill identifiers vary by MOS, re-up zone, shortage indicator, and follow-on assignment. Pull both current MILPERs before signing. 35N soldiers are often on the CSRB schedule because the MOS is a Critical Skill and experienced-analyst inventory is tighter than cherry-analyst inventory. The trap: signing a 6-year contract to maximize the bonus, then deciding 18 months later you want out. Run the math twice. Talk to your spouse if you have one. Talk to a senior NCO who has been through the re-enlistment cycle. If the re-up math does not work without the bonus, the re-up does not work.
- JQR pace — push for first qualification fast or build depth slowly.Some cherries push hard to clear first work-role qualification inside 9-12 months; some take 15-18 months and build broader technical depth in the shadow phase. The senior NCO and team chief will tell you which pace fits the team. Pushing fast earns currency and gets you to unsupervised position sooner; building slowly earns broader technical credibility but risks the team chief reading you as not driving. There is no universal right answer — it is team-dependent. Ask the senior analyst on your work-role directly: "What pace do you want me at, and how do I know when I am ready to drive an unsupervised position." Then match the pace.
- Marriage / BAH / housing / family-care planning during the first enlistment.Getting married as a junior 35N changes BAH status (barracks-rate to with-dependents) and introduces family-care-plan paperwork, EFMP enrollment if applicable, spouse employment, child care, and the complications of a clearance reinvestigation that now reads marriage status. Marriage to a foreign national is a separate, more involved conversation that requires AR 381-12 and SEAD 3 self-reporting and additional CI / SSO coordination — the foreign-influence Adjudicative Guideline A under SEAD 4 applies. The financial math is real (BAH bump, dependent allocations); the logistical math is also real (family-care plan, Tricare, on-post or off-post housing, spouse employment in a high-clearance community at Meade or Eisenhower). Talk to S1 and ACS in the first week of any major family change. If you are getting married for the BAH bump alone, you and your spouse will be in legal aid within two years. If you are getting married because the relationship is real, the Army's family infrastructure makes it workable.
How the Seat Varies by Unit Type
- 706th MI Group (Fort Meade) — Army element co-located with NSA-WashingtonThe 706th MI Group is the Army element at NSA / CSS Washington at Fort Meade — the largest Army cryptologic concentration outside Fort Eisenhower. As a cherry 35N at the 706th, you sit on an NSA-tasked analytic line alongside Navy CTRs, Air Force 1Ns, Marines, NSA civilians, and contractors. The technical work is SIGINT-deep; the joint workforce density is the highest in the MOS; the senior NCO and warrant bench is deep. The cost: Fort Meade BAH is high, the cost of living in the DMV is high, and the commute inside the NSA campus is real.
- INSCOM theater intelligence brigade — 470th (JBSA-Fort Sam Houston), 500th (Schofield Barracks), 501st (Korea), 66th (Wiesbaden Germany)Theater intel brigades are operational-strategic seats supporting CCMD J2s — 470th supports SOUTHCOM / CENTCOM-adjacent SIGINT problems, 500th supports INDOPACOM, 501st supports the Korea theater, 66th supports EUCOM. The shop is bigger than a BCT MICO, the products travel further (CCMD J2 audience, IC-wide dissemination), and the analytic standards are applied at the source-level standard the IC publishes. The 207th MI BDE (Africa) is the AFRICOM-aligned counterpart. Cherry seats at theater intel brigades typically come with specific work-role assignment matching brigade need.
- 780th MI Brigade (Fort Eisenhower) — Army cyber brigade, cyber-SIGINT fusion floorThe 780th is the Army's cyber brigade at Fort Eisenhower (renamed from Fort Gordon in 2023). The 781st MI Battalion (Vanguard) and 782nd MI Battalion (Cerberus) sit under the 780th. The brigade runs Army-side Cyber Mission Force teams alongside USCYBERCOM and the joint cyber enterprise. The cyber-SIGINT fusion line is where 35N analytic work integrates with 35Q and 17C operations work. The OPTEMPO is high; the senior NCO and warrant bench (350F, 353-series, 170A) is deep. Fort Eisenhower also hosts ARCYBER and the Cyber Center of Excellence.
- Cyber Mission Force team detached to NSA-Hawaii (Kunia) / NSA-Texas (San Antonio) / NSA-Colorado (Aurora)CMF teams are joint formations detached to NSA Cryptologic Centers at named locations. The Army NCO chain runs through the parent brigade (often the 706th or 780th); the daily operational chain runs through the team chief at the NSA-co-located site. The work is mission-set-specific to the team and the supported COCOM. Hawaii is paradise with brutal cost of living; Texas is San Antonio with the BAMC / Fort Sam Houston military density; Colorado is altitude and proximity to USNORTHCOM. The cherry experience is more compartmented than at a brigade.
- National detail — NSA enterprise team alongside civilian analystsA small number of cherry 35Ns land on national detail seats — embedded on an NSA enterprise team with civilian analysts (GS-12 / 13 / 14) and contractors. The technical work is IC-wide; the team may have one or two Army uniformed soldiers and a much larger civilian bench. The cherry experience is unusual — you are the junior member of an analytic line grading itself against ICD 203 every day, and the senior civilian analyst is your senior analyst in practice. The Army NCO chain feels distant; the team chief at NSA is your daily reality. Most cherries on national detail go through a training-and-mentorship cycle before sitting unsupervised positions.
What Good Looks Like at This Rank
Preview — The Next Rank
35N E1-E3 — Frequently Asked Questions
Q01What does a E1-E3 35N (Signals Intelligence Analyst) actually do?
Q02What's the most important thing to know as a E1-E3 35N?
Q03What does a typical day look like for a E1-E3 35N?
Q04What mistakes get E1-E3 35N soldiers fired or relieved?
Q05What career decisions matter most at the E1-E3 35N rank tier?
Q06What's next after E1-E3 for a 35N (Signals Intelligence Analyst) in the Army?
Q07What manuals and regulations does a E1-E3 35N need to know cold?
This playbook has no tips yet. Be the first to share what you know.