Cryptologic Network Warfare Specialist
E-8 to E-9 (Senior NCO) · Army
First Sergeant of an MI company at the 780th MI Brigade, the 706th MI Battalion, the INSCOM major subordinates, or a USAICoE / Cyber Center of Excellence training company is where the MI company commander, the brigade CSM, and the team chief at NSA stop being able to run the company without you — 90-130 cryptologic / cyber operators, analysts, signals soldiers, the SCIF footprint, the orderly room, the supply room, the security clearances, the polygraph re-scope tracker, and the readiness reporting under operational tempo. Master Sergeant on the staff track is the parallel E-8 path. Sergeant Major and Command Sergeant Major (E-9) are the apex enlisted ranks of the cryptologic / cyber community. USASMA at Fort Bliss is the institutional gate to SGM. Beyond E-9 there is no rank, only positions and the post-service market — and the 35Q IC-civilian conversion market at NSA-CSS / DIA / CIA / USCYBERCOM is the strongest enlisted post-service pipeline in the Army.
- 01E-8 pin-on: post-MLC at NCOLCoE Fort Bliss, post-centralized HRC MSG / 1SG board selection, post-CSM-confirmed 1SG slate (if 1SG track).
- 02First Sergeant diamond tour at an MI company with a cryptologic / cyber mission set — 780th MI Brigade at Fort Meade, 706th MI Battalion at the Cyber Center of Excellence at Fort Eisenhower, INSCOM major subordinates (902nd MI Group, NGIC, other INSCOM ops), or USAICoE / Cyber Center of Excellence training company (running the 334th MI Battalion AIT pipeline at NIOC Corry Station, USAICoE OSUT/AIT companies at Fort Huachuca, or Cyber Center of Excellence training companies at Fort Eisenhower). 24-36 months.
- 03Or MSG staff track — brigade S-2 NCOIC at MSG, CMF team senior enlisted billet, INSCOM operations sergeant, joint-duty senior NCO at NSA-CSS / DIA / CIA / USCYBERCOM / JCS J2 / Pentagon, ARCYBER senior MI NCO at Fort Eisenhower, USAICoE / Cyber Center of Excellence senior cadre, USASMA preparatory faculty.
- 04U.S. Army Sergeants Major Academy (USASMA) at Fort Bliss — 10 months of senior NCO institutional development. The STEP gate for SGM.
- 05E-9 pin-on: SGM (staff) or CSM (command) — separated by the assignment slate, not the pin-on board.
- 06Battalion CSM at an MI battalion at the 780th MI Brigade or the 706th MI Battalion, then brigade CSM at the 780th MI Brigade (apex slate for the cryptologic / cyber senior CSM community) or 902nd MI Group, then potentially division-level senior intel CSM, INSCOM senior CSM, USAICoE / Cyber Center of Excellence CSM, ARCYBER senior MI CSM, or joint-duty senior enlisted billet at NSA-CSS / DIA / CIA / USCYBERCOM / JCS J2 / Pentagon.
- 07Retirement at 24-30 years TIS — full pension under BRS, TSP compounded, post-service market entry at the strongest enlisted post-service pipeline in the Army (GG-14 / GG-15 IC civilian conversion at NSA-CSS / DIA / CIA / USCYBERCOM, senior cleared-contractor program-manager / partner tier at Leidos / Booz Allen / MITRE / CACI / ManTech / SAIC at $200-300K, consulting / advisory partner-director tier).
- ×DUI / Article 15 / fraternization / drug pop / financial issue surfacing on the SF-86 reinvestigation at this rank — terminal in nearly every case, and structurally more terminal in the cryptologic / cyber community than in the line-MOS community because the clearance reinvestigation cycle reads any of these as derogatory information that pulls the TS/SCI with polygraph. The senior NCO who cannot pass the integrity test cannot pin SGM regardless of board score; the brigade CSM and HRC G-1 pull the slate immediately. The senior cryptologic / cyber NCO community is small; the read propagates inside the community within a quarter through the senior NCO network at INSCOM, ARCYBER, the 780th MI Brigade, the 706th MI Battalion, and the IC-detail billets. The collateral damage is real: the soldiers the compromised senior NCO mentored carry the read at the next clearance-reinvestigation cycle, and the IC-civilian conversion path is closed for the senior NCO permanently.
- ×Phoning the 1SG diamond tour at an MI company. The brigade CSM at the 780th MI Brigade or the BCT S2 OIC and the brigade S2 SGM are watching the company's climate, the UCMJ rate, the retention rate, the SHARP / EO findings, the SCIF accreditation result under ICD 705, the IC IT compliance result under ICD 503, the DoDM 8140 workforce qualification audit result, the warrant officer accession rate, and the clearance-reinvestigation flag rate. A 1SG who lets any of these slide does not pin MSG promotable on the staff track and loses the brigade CSM's defense at the next senior NCO slate.
- ×Missing USASMA / Sergeants Major Academy slot at Fort Bliss. No SGM pin-on through the line-CSM track without USASMA; the institutional gate is real and slot availability narrows as the year-group approaches the SGM zone. The senior cryptologic / cyber NCOs who treat USASMA as optional do not pin SGM through the regular slate; the brigade CSM at the 780th MI Brigade reads USASMA as the institutional gate to the senior cryptologic / cyber CSM slate, and the senior NCO who pinned MSG without USASMA pins SGM via the non-resident path at a structurally lower tier of slate access.
- ×Public disagreement with the CO, BN CSM, BCT S2 OIC, team chief at NSA, or senior IC-civilian advisor at NSA-CSS. Senior NCOs disagree in the office and walk out aligned in public. The senior cryptologic / cyber NCO who breaks this is the senior NCO who loses the brigade CSM's defense at the next slate. At the cryptologic / cyber community scale, the read propagates fast through the brigade CSM bench at the 780th MI Brigade and the senior NCO network at INSCOM, ARCYBER, USCYBERCOM, and the IC-detail billets — the slate read at the next senior cryptologic / cyber NCO board catches the gap inside a quarter.
- ×Underestimating the IC-specific post-service market planning window. The senior 35Q NCOs who landed the best post-service careers planned 24-36 months ahead — TS/SCI with polygraph maintained through retirement, Foundry senior catalog and Strategic Intel Course at USAICoE completed, joint-duty credit at NSA-CSS / DIA / CIA / USCYBERCOM / JCS J2 / Pentagon, IC contractor relationship building at AFCEA / INSA / IC industry conferences (the cyber-intelligence and threat-intelligence consulting markets specifically), federal civil service / GS billet conversion conversations with INSCOM / NGIC / NSA / DIA HR, direct IC civilian conversion conversations with NSA / DIA / CIA / USCYBERCOM HR. The senior NCO who waits until retirement-orders date to start the conversation lands in the lower tier of available billets — and the 35Q market has tiers that don't exist for line-MOS senior NCOs, so the SFC / MSG / SGM who plans early lands at the GG-14 / GG-15 IC civilian conversion tier or the senior cleared-contractor program-manager / partner tier, and the one who doesn't lands at the senior analyst or program-manager tier.
A Day in the Life
- 0500Wake. PT uniform on. Phone check — overnight company / brigade emergencies. Soldier in jail? Family deathgram? CO emergency? Team chief at NSA needs a 0530 SITREP on the overnight CMF operational tempo event? Brigade S2 SGM needs a back-brief on the warrant officer accession board results that dropped overnight? Clearance-reinvestigation flag on a senior soldier needing the SSO and senior officer chain coordinated by 0700? Polygraph re-scope finding on a SFC needing the senior officer chain coordinated? You are the senior cryptologic / cyber NCO the entire MI company or brigade staff looks to first. The CO hears about it as you walk into the orderly room.
- 0530PT formation. You report company accountability to the CO and the BN CSM. The brigade CSM at the 780th MI Brigade or the BCT CSM occasionally walks the formation; he reads the cryptologic / cyber MI company or brigade S2 staff by reading the 1SG / MSG / SGM.
- 0545-0700Unit PT. You run the company's plan with the CO, or you run the brigade staff senior NCOs through the brigade-level PT plan. You walk the formation, check on soldiers from the last sensing session, adjust the SFC platoon sergeants as the day evolves. The 35Q PT culture problem is real at the senior NCO level — the senior cryptologic / cyber NCO who runs serious PT is the senior NCO the brigade CSM names; the one who skates is the senior NCO whose company's ACFT pass rate is below brigade average and visible to the BCT CDR.
- 0700-0900Hygiene, breakfast, change to OCPs or appropriate access-uniform. You spend 20 minutes with the CO — the day's priorities, the BN BUB items, the BCT S2 OIC's overnight items, the BCT CSM's items, the brigade S2 SGM's items, the team chief at NSA's items if the company is on a CMF tasking. The SCIF opens at 0700-0800; the section watch NCOs are already in.
- 0900First formation. The CO addresses the company; you stand behind him. The SFC platoon sergeants translate the company's tasks to their platoons or sections. You verify execution during the morning walk-around through the SCIF, the orderly room, the supply room, the company arms room.
- 0915-1130Battalion / brigade-level work. You are at the BN BUB with the CO, at the BCT S2 OIC's office reviewing the morning's cryptologic / cyber products, at brigade HQ for a 1SG council meeting with the BCT CSM and the other 1SGs, at the brigade S2 SGM's office for the monthly SGM-bench conversation if applicable. RFI dialogue with the supporting CMF team chief at NSA or the parent INSCOM detachment runs in this window. Warrant officer accession board MILPERs review with the SFC bench candidates in the company. SCIF accreditation under ICD 705 prep cycle reviews with the SSO. DoDM 8140 workforce qualification audit prep with the senior signal NCO and the ISSO.
- 1130-1300Chow. You eat with the BN command team — the CO, the BN CO, the BN CSM if he stops in, the other 1SGs from the brigade. Conversation is battalion- and brigade-level: training, slates, brigade CSM read, climate. The brigade S2 SGM occasionally joins; senior CW3 / CW4 352N warrant officers from the brigade S2 shop or senior CW3 / CW4 170A Cyber Warfare Technicians occasionally join the senior NCO table.
- 1300-1500Afternoon work. NCOER drafting (you write your four-to-five SFC platoon sergeants' NCOERs and review the company-level NCOER profile for the SSG / SGT bench input). Climate-survey results review with the CO. Soldier-in-crisis intervention if needed — the 35Q-specific clearance-reinvestigation crisis is the recurring senior cryptologic / cyber NCO call that line-MOS senior NCOs face at lower rates; the polygraph re-scope finding intervention is the 35Q-specific call. Warrant officer packet mentorship calls with the SFC pipeline candidates; 17A commissioning packet mentorship calls with the SSG / SFC bench candidates.
- 1500-1630Final formation. The CO briefs; you brief company-level adjustments; your SFCs brief their platoons or sections. Sensitive items, end-of-day accountability, classified material sign-out / sign-in audit, SCIF closure protocols with the SSO and the senior signal NCO. The CO and you walk the line on critical end items.
- 1630-1800Company release. You stay 60-90 minutes with the CO — AAR on the day, prep for tomorrow, BN CSM coordination if needed, BCT S2 OIC coordination if the day had a brigade-level analytic or operational event, team chief at NSA coordination if the company is on a CMF tasking. The 1SG who closes out the day with the CO is the 1SG whose CO does not surprise the BN CO or the brigade S2 SGM.
- 1800-2000Personal time. Married 1SGs: family. Single 1SGs (rare at this rank): gym, study, USASMA fellowship packet build if SGM-track. If you are 18-24 months out from the centralized SGM board, you are reviewing past board results and bullet patterns with senior cryptologic / cyber NCO mentors. If you are 12 months out from retirement, you are running the post-service market conversation — Leidos / Booz Allen Hamilton / MITRE / CACI / ManTech / SAIC senior recruiters at the principal-analyst / program-manager / partner tier, federal civil service GS-13 / GS-14 / GS-15 USAJOBS pipeline, IC civilian conversion conversations with NSA-CSS / DIA / CIA / USCYBERCOM HR (the highest-tier path with SES inflection over 5-10 years for the senior cohort), AFCEA / INSA conference networking, the cyber-intelligence and threat-intelligence consulting firm partner-tier conversations.
- 2000-2200After-hours coordination with the CO, the SFCs, or a soldier in crisis. The 1SG's phone is always on. Family-emergency calls, after-duty Article 15 notifications, casualty-notification preparation, clearance-reinvestigation crisis intervention, polygraph re-scope finding intervention, CI compromise response coordination with the 902nd MI Group at Fort Meade. The 1SG who lets the phone go to voicemail at this rank stops being the 1SG the CO trusts.
- 2200Lights out.
- Operational tempo / real-world contingencyThe clock collapses. You are the senior enlisted face of the company / brigade staff / CMF team Army-side enlisted component during a contested operational tempo event, a brigade-level cyber exercise, a JRTC / NTC / JMRC / JPMRC rotation supporting another brigade with cryptologic / cyber augmentation, or a real-world contingency tasking. The OC/T evaluator at the CTC writes the company's or brigade's grade. The brigade CSM at the 780th MI Brigade reads it. The slate at the next senior NCO board reads it.
Weekly Cadence
Key Skills — How to Drill Each
- 01Run an MI company, brigade, or CMF team enlisted readiness picture — JQR currency, IAT-II/III, language proficiency (DLPT) where applicable, work-role qualification, polygraph re-scope tracker — and defend it at the brigade CDR, INSCOM CG, team-chief, or COCOM J2 level.The senior cryptologic / cyber NCO at 1SG / MSG / SGM owns the unit-roll-up at the institutional level. As 1SG of an MI company at the 780th MI Brigade or the 706th MI Battalion you own the company-level certified-soldier roster, the work-role qualification pass rate by soldier and by section, the Foundry catalog utilization rate, the DoDM 8140 workforce qualification audit result, the IAT-II / IAT-III credential currency rate, the polygraph re-scope tracker output, the language proficiency posture (DLPT scores for the foreign-language-coded soldiers where applicable), the warrant officer accession pipeline output. As MSG at brigade S2 NCOIC or CMF team senior enlisted billet, you own the brigade-level or team-level rollup. As SGM at INSCOM / the 780th MI Brigade / NSA-CSS / DIA / CIA / USCYBERCOM you own the higher-echelon rollup. Brief it to the BCT CDR, the brigade CDR at the 780th MI Brigade, the INSCOM CG, the team chief at NSA, the senior IC-civilian advisor at NSA-CSS, the J2 of a JTF or COCOM in language the senior officer can defend at the next higher echelon. The senior NCO who can make the senior officer say it back correctly at the next echelon is the senior NCO the division CSM and the SMA-bench network read.
- 02Mentor a 352N warrant-officer-technician slate and a 17A Cyber Warfare Officer commissioning slate at brigade or higher staff level — and produce 1+ selected candidate per year out of the unit.The 35Q warrant officer accession pipeline (352N SIGINT Analysis Technician where applicable) and the 17A Cyber Warfare Officer commissioning pipeline are the senior cryptologic / cyber NCO's most consequential institutional contributions. At brigade or higher staff you are the senior mentor for the SSG / SFC bench through the packet build. Quarterly counseling on the packet timeline; senior officer endorsement coordination with the brigade S2 OIC and the warrant officer recruiting team at Fort Knox; NCOER bullet review for the rated soldier in the pipeline; honest selection-rate conversations (sub-50% in some cohorts per the published HRC accession board results); family-separation cost analysis for WOCS at Fort Novosel and technician WOBC at Fort Huachuca; post-service market analysis for the warrant-track tier vs the enlisted-track-with-IC-conversion tier. The senior cryptologic / cyber NCO whose unit pipeline produces 1+ selected warrant officer or 17A commissioning candidate per year is the senior NCO the brigade CSM at the 780th MI Brigade names in the senior cryptologic / cyber NCO slate read.
- 03Brief the BCT, brigade CDR at the 780th MI Brigade, INSCOM, ARCYBER, USCYBERCOM, division CG, or COCOM J2 on enlisted cryptologic / cyber readiness in language the senior officer can defend at the next higher echelon.The 90-second BUB brief or 5-minute senior staff brief. Build the analogy library that scales from MI company to brigade to division to INSCOM to USCYBERCOM to COCOM J2 — workforce certification posture (DoDM 8140 work-role qualification rate, IAT-II/III credential currency, Foundry catalog completion rate), warrant officer / 17A commissioning accession rate, SSG / SFC bench depth (SLC graduate rate at the Cyber Center of Excellence, MLC packet pipeline status at NCOLCoE Fort Bliss), SCIF accreditation posture under ICD 705, IC IT compliance posture under ICD 503, clearance-reinvestigation flag rate, polygraph re-scope cycle status, DLPT language proficiency posture for the language-coded soldiers, joint-duty credit posture for the senior NCO bench. The senior cryptologic / cyber NCO who can deliver the brief at every echelon without losing the analytic precision is the senior NCO the division CSM, the brigade CSM at the 780th MI Brigade, and the SMA-bench network read.
- 04Run a SCIF accreditation cycle (ICD 705), an IC IT compliance cycle (ICD 503), and a DoDM 8140 workforce-qualification audit end-to-end without senior-NCO-attributable CAT-1 findings.ICD 705 governs SCIF physical security accreditation; ICD 503 governs IC IT systems security risk management; DoDM 8140 governs the cyber workforce qualification framework. At the senior cryptologic / cyber NCO level you are not running the artifact work (the SSO and the GS-13 ISSO and the SFC senior signal NCO and the section NCOICs do that), but you are signing the unit's compliance posture, you are briefing the BCT CO or the brigade CDR at the 780th MI Brigade or the team chief at NSA on the SCIF accreditation status, the IC IT compliance status, and the DoDM 8140 workforce qualification audit status, and you are accountable for the audit finding. Quarterly internal inspections against the same checklist the external inspectors use; closure of findings before the external inspection; brigade S2 OIC and senior officer sign-off on closure documents; SSO partnership throughout. The senior cryptologic / cyber NCO whose tenure includes a CAT-1 finding on the unit's SCIF accreditation, IC IT compliance, or DoDM 8140 workforce qualification audit carries that finding into the next NCOER's senior rater commentary and into the slate read at the next senior NCO board.
- 05Translate the Army Intelligence Enterprise / INSCOM / ARCYBER / USCYBERCOM strategy into enlisted-talent decisions at the unit — slots, schools, assignments, retention bonuses, polygraph re-scope sequencing, language-program coordination.The senior cryptologic / cyber NCO at brigade and higher echelons is the institutional translator between the Army Intelligence Enterprise strategy (the INSCOM strategy, the ARCYBER strategy, the USCYBERCOM senior staff communications, the USAICoE and Cyber Center of Excellence pipeline updates, the SMA-bench MI senior NCO communications) and the unit-level enlisted talent decisions. Foundry senior catalog slot allocation, USAICoE / Cyber Center of Excellence seat sequencing (SLC for the SSG bench, MLC packet timing for the SFC bench, USASMA fellowship for the MSG bench), 352N warrant officer pipeline allocation, 17A commissioning pipeline allocation, language-program coordination with DLI Monterey for the foreign-language-coded soldiers where applicable, retention bonus targeting (the MOS-specific retention bonuses for 35Q published in the current SRB MILPERs, with the bonus tier varying by retention tier and time in service), polygraph re-scope sequencing (the 5-year reinvestigation cycle managed at the company / brigade level to minimize operational impact), assignment-slate input to HRC for the SSG / SFC / MSG bench. The senior cryptologic / cyber NCO who translates the strategy into senior enlisted talent decisions is the senior NCO the brigade CSM at the 780th MI Brigade and the SMA-bench network read.
- 06Run a casualty notification, clearance-reinvestigation crisis, CI compromise response, or insider-threat referral inside a closed-access workforce with the dignity and discretion the population and the mission require.Casualty notification protocol is in AR 638-8. The casualty notification team is a senior NCO (often the 1SG) plus a chaplain. You wear Class A; you knock; you deliver the message verbatim from the SECARMY-approved script. You stay until the family is ready for you to leave. The 35Q-specific addition: in a closed-access workforce, the family knows the soldier worked in a SCIF and may not know the details — discretion on the mission specifics is the discipline. The clearance-reinvestigation crisis (a soldier whose SF-86 reinvestigation surfaces a financial issue, foreign contact, or unreported foreign travel that pulls the TS/SCI with polygraph) is the 35Q-specific senior NCO call — coordinate with the SSO, the brigade S2 OIC, the SF-86 reinvestigator at the CCF (Central Clearance Facility) or the IC equivalent, and the soldier's chain of command; the senior NCO walks the soldier through the appeal process or the clearance-loss separation process with the same dignity as the casualty notification. The CI compromise response (a soldier whose access surfaces in a CI investigation) is the rare but real senior cryptologic / cyber NCO call — coordinate with the 902nd MI Group CI investigators at Fort Meade, the SSO, the brigade S2 OIC, and the senior officer chain; never freelance. The insider-threat referral (a soldier whose behavior surfaces a TARP indicator under AR 381-12) runs through the same chain.
Manuals & References — What Chapters Matter
- AR 600-20 — Army Command Policy; AR 27-10 — Military Justice.You and the CO own the regulation together. SHARP (chapter 7), EO (chapter 4), anti-extremism (chapter 5), military justice (chapter 6) — your name is on every initial company-level report. AR 27-10 is the military justice reg; you are in the room when an Article 15 packet runs through the BN CSM's office. Re-read both annually; they change. In the cryptologic / cyber community, the SHARP / EO / climate-survey response is structurally heavier than in line-MOS communities because the closed-access workforce dynamics create reporting friction the senior NCO has to actively counter — the 24/7 watch cycle in the SCIF concentrates the section-level senior NCO authority in ways that require active SHARP / EO climate monitoring at the company level.
- AR 381-10 — US Army Intelligence Activities; AR 381-12 — Threat Awareness and Reporting Program (TARP); AR 380-5 — Information Security; AR 25-2 — Army Cybersecurity.The Army-side compliance regs the unit lives under. AR 381-10 is the US persons / intelligence activities reg — the one the IG inspects against in cryptologic / cyber units, and the senior NCO at 1SG / MSG / SGM signs the unit's compliance posture. AR 381-12 is the TARP indicator-and-warning reporting requirement (the senior NCO is in the chain when a TARP indicator surfaces on a soldier). AR 380-5 is the classified material handling reg; AR 25-2 is the Army's cybersecurity reg. The 35Q-specific senior NCO owns the unit's compliance roll-up under the senior officer's signature, with the SSO and the senior signal NCO as the artifact-work partners.
- ICD 503 — IC IT Risk Management; ICD 705 — SCIF Accreditation; ICD 203 / 206 / 208 — Analytic Standards (you teach these now).The IC-level standards the unit runs under. ICD 705 governs SCIF accreditation — physical security, TEMPEST, access control. ICD 503 governs IC IT systems security risk management — the cybersecurity framework the classified IT footprint runs under. ICD 203 / 206 / 208 are the analytic-tradecraft standards; at the senior NCO level you teach these to the SFC / SSG bench and grade against them in the NCOER bullet review. Senior cryptologic / cyber NCOs at 1SG / MSG / SGM quote these documents by paragraph in the senior staff briefings and the senior officer chain reads the unit's posture through the senior NCO's signature.
- JP 2-0 — Joint Intelligence; JP 2-01 — Joint and National Intelligence Support to Military Operations; JP 3-12 — Cyberspace Operations; INSCOM / ARCYBER / USCYBERCOM / DIA / NSA-CSS issued FRAGOs and ALARACTs.The strategic context the senior cryptologic / cyber NCO is on the distribution for. JP 2-0 / JP 2-01 are the joint-side reading the J2 of a JTF and the J2 of a COCOM quote from. JP 3-12 is the joint cyberspace operations doctrine the team chief at NSA and the senior officer chain at USCYBERCOM quote in the operational planning cycles. INSCOM ALARACTs are the Army's senior MI command operational tasking; ARCYBER ALARACTs affect the cryptologic / cyber community's cyber-readiness posture; USCYBERCOM senior staff communications affect the joint cyber-mission force tasking; DIA and NSA-CSS-issued tasking and policy memos affect the cryptologic / cyber community's IC-detail billets. At SGM / CSM level you are not just on the distribution — you are quoted by the senior cryptologic / cyber NCO bench when the strategic context changes.
- AR 638-8 — Army Casualty Program.Every senior NCO must know this. The casualty notification, casualty assistance, line-of-duty determinations, and survivor benefits programs run through AR 638-8. The 1SG / SGM / CSM walks the family through some of the worst days of their lives; the reg is the procedural anchor. In the cryptologic / cyber community the closed-access-workforce dynamic adds discretion requirements that the line-MOS 1SG doesn't face — the family knows the soldier was in a SCIF and may not know the details, and the senior NCO walks the line between the dignity the family deserves and the mission-specifics discretion the IC requires.
- DoDM 5105.21-series — Sensitive Compartmented Information Administrative Security Manual; DoDM 8140 — Cyberspace Workforce Qualification and Management.The DoD-level manuals that govern the unit's SCI administrative security posture and the cyber workforce qualification posture for the unit's IAT-II / IAT-III / CSSP-credentialed soldiers. At the senior cryptologic / cyber NCO level you sign the unit's compliance roll-up alongside the SSO and the senior signal NCO chain. DoDM 8140 specifically is the framework the senior NCO at 1SG / MSG / SGM defends the unit's readiness against in the audit cycle; the senior NCO quotes it by paragraph in the senior staff briefings.
- The 1SG Course / USASMA / SGM-A reading list; USAICoE / Cyber Center of Excellence senior leader publications.You are expected to consume doctrine and translate it down. The 1SG Course at the USASMA preparatory level; USASMA itself at Fort Bliss (10 months for SGM-track senior NCOs); the SMA-published professional reading list (updated annually); the USAICoE senior leader publications (the MI Corps' senior-leader doctrine and pipeline updates); the Cyber Center of Excellence senior leader publications (the cyber-aligned career field's senior-leader doctrine). These are the institutional development products the brigade CSM at the 780th MI Brigade and the SGM-bench mentors quote.
Standards — How to Hit Each
- USASMA / SGM-Academy completion before competing for command CSM slate.The Sergeant Major Course is the 10-month resident program at the USASMA at Fort Bliss. Selection-based via the SMA-selected fellowship list. The brigade CSM nominates; the SMA confirms. Plan the packet 24-36 months out from SGM-board eligibility; the institutional credentials (MLC at NCOLCoE Fort Bliss, joint duty at NSA-CSS / DIA / CIA / USCYBERCOM / JCS J2 / Pentagon, brigade-level senior cryptologic / cyber NCO tour at the 780th MI Brigade or the 706th MI Battalion or the INSCOM major subordinates), NCOER profile, and senior rater commentary all compound into the nomination decision. Without USASMA, no CSM slate consideration through the regular HRC slate process for the line-CSM track at the 780th MI Brigade or the senior MI battalion CSM slate.
- Brigade-level SCIF accreditation pass under ICD 705 and DoDM 8140 workforce qualification audit pass without senior-NCO-attributable CAT-1 findings during your tenure.The senior cryptologic / cyber NCO at 1SG / MSG / SGM owns the unit's SCIF accreditation posture and DoDM 8140 workforce qualification audit posture rolled up to the senior staff. The senior NCO whose tenure includes a CAT-1 finding on either carries that finding into the next NCOER's senior rater commentary and into the slate read at the next senior NCO board. The fix is the deliberate inspection cycle — quarterly internal inspections against the same checklist the external inspectors use, closure of findings before the external inspection, brigade S2 OIC and BCT CO sign-off on the closure documents, SSO partnership throughout, senior signal NCO and ISSO partnership on the IT compliance side.
- 352N / 17A commissioning pipeline producing 1+ selected per year from your unit or section.Mentor 2-3 SSG / SFC packets per fiscal year. The HRC warrant officer accession board reads paper twice yearly (Active and Reserve / National Guard cycles, with the board windows published in the warrant officer recruiting MILPERs). The 17A commissioning programs (Green-to-Gold, OCS, direct commissioning) run on their respective annual cycles. The senior cryptologic / cyber NCO whose pipeline produces 1+ selected warrant officer or 17A commissioning candidate per year is the senior NCO whose institutional contribution is on the slate read at MSG / 1SG / SGM / CSM level. The 35Q-specific institutional contribution is one of the most consequential measures of senior NCO performance — the cryptologic / cyber warrant officer and officer accession pipelines are smaller in absolute numbers than the line-MI pipelines, and the institutional contribution reads heavy.
- NCOER profile that the senior rater can defend at brigade, division, INSCOM, ARCYBER, USCYBERCOM, and team-chief-equivalent staff — your rated NCOs are picking up 1SG / SGM chevrons on schedule.The senior rater profile at this rank is judged by whether the SFCs you rated as Top Block / Most Qualified actually got selected at their respective boards. If your SFCs are not pinning MSG at the rates your NCOER profile implied, the brigade CSM at the 780th MI Brigade and the HRC G-1 pull back on your defense. The way to keep the profile defensible is honest writing — write to AR 623-3, not to inflation. The senior cryptologic / cyber NCO whose rated soldiers' selection rate matches the senior rater profile is the senior NCO whose institutional credibility compounds at the SGM / CSM slate read.
- Zero senior-NCO-level integrity, financial, fraternization, OPSEC, polygraph-falsification, or CI incidents. One ends the career permanently — and at this rank, in this MOS, also threatens the clearance of everyone you mentored.Senior NCO integrity is binary at this level, and the 35Q-specific addition is that the senior NCO whose clearance gets pulled creates collateral damage across the soldiers he rated and mentored — the clearance-reinvestigation cycle re-reads every soldier the compromised senior NCO had access-overlap with, and the polygraph re-scope process surfaces the read in a way that the IC-civilian conversion path closes for the affected soldiers. Financial mismanagement (debt the CO has to counsel you about, garnishments at senior NCO pay grade, unreported foreign-asset issue on the SF-86), fraternization findings (relationships across the NCO/officer line or with subordinates), OPSEC violations (the senior NCO who posts unit information that surfaces in the brigade IG report or, worse, on social media that gets picked up by the OSINT cell), polygraph-falsification (the rare but career-terminating finding when the polygrapher catches a deliberate falsification on the re-scope), CI compromise (a foreign-contact issue, an unreported foreign travel issue, an unreported financial relationship with a foreign national) — any one is terminal. The CSM and the brigade commander do not protect senior NCOs through integrity failures at this rank, and the clearance system does not protect them either.
Technical Mistakes — Concrete Consequences
- Pretending to be the senior technical voice on a work-role you have been off of for years.Senior cryptologic / cyber NCOs lose authority by faking depth — the warrants and the GS-13 / GS-14 IC civilians will catch you the first week. The cert and credential stack you built at SSG / SFC is 5-15 years old at the 1SG / SGM rank; the SSGs in the shop are touching newer NSA-tasked tools, newer analytic platforms, newer ICD updates, newer DoDM 8140 work-role qualification frameworks, newer USAICoE / Cyber Center of Excellence doctrine cycles. The fix is honest self-assessment and deliberate continuing-education — Foundry senior catalog continuing seats, Strategic Intel Course refresher at USAICoE, ICD update reads, USAICoE / Cyber Center of Excellence senior leader publications consumed quarterly, AFCEA / INSA tradecraft workshop attendance when the slot opens. The senior cryptologic / cyber NCO who tries to bluff technical depth in front of the SFC bench or the 352N / CW3-CW4 warrant officer chain or the GS-13 / GS-14 senior IC-civilian advisor at NSA-CSS is the senior NCO whose institutional credibility erodes inside the shop the first week.
- Letting a 1SG-led MI company drift on SCIF accreditation, DoDM 8140 workforce qualification, or insider-threat reporting because 'the SSO will catch it.'You own it; the SSO is your partner, not your replacement. The 1SG of an MI company is accountable for the company's SCIF accreditation posture under ICD 705 alongside the company commander; the brigade CSM at the 780th MI Brigade reads the company's ICD 705 accreditation result, the ICD 503 IC IT compliance result, and the DoDM 8140 workforce qualification audit result through the 1SG's signature. The 1SG who delegates the SCIF compliance to the SSO and the senior officer chain is the 1SG whose company's accreditation finding is on the senior rater commentary. The fix is monthly SCIF readiness review with the CO, the SSO, the senior signal NCO, and the ISSO; quarterly internal audit against the external inspection checklist; immediate closure of findings.
- Treating the 352N / 17A commissioning slate conversation as transactional.The 352N warrant officer career and the 17A Cyber Warfare Officer career are among the most consequential technical careers in the Army; mentor them like it is. The senior cryptologic / cyber NCO who pitches the packet without the honest selection-rate conversation (sub-50% in some cohorts), the family-separation cost analysis (WOCS at Fort Novosel + technician WOBC at Fort Huachuca for 352N = months of family separation; 17A path varies by accession route), and the post-service market analysis (the warrant officer career compounds over 20-30 years; the 17A career compounds in a different vector; the enlisted-track-with-IC-conversion path compounds in a third vector), is the senior NCO who burns soldier-trust when the SFC who built an 18-month packet does not get selected. The fix is the honest mentor conversation — the packet is worthwhile because the cert stack and the NCOER bullets compound either way, but selection is not guaranteed, and the alternate path (stay enlisted and target MSG / SGM / CSM with the IC-civilian conversion at retirement) is also valid.
- Going public with disagreement over a CO's operational call, an NSA-CSS-civilian senior's analytic line, or a J2's targeting decision.Take it in the office. Walk out aligned, or push back in writing through the right echelon. The senior cryptologic / cyber NCO who goes public with disagreement undermines the CO's authority, the team chief's authority, the senior IC-civilian advisor's authority, and the senior NCO's own institutional credibility simultaneously. In the 35Q community where the senior NCO bench is small and tight, the read propagates inside a quarter through the brigade CSM network at the 780th MI Brigade and the senior cryptologic / cyber NCO chain at INSCOM, ARCYBER, USCYBERCOM, and the IC-detail billets. The slate read at the next senior NCO board hits the gap. The fix is one private apology and a year of rebuilding; sometimes the year does not work.
- Confusing seniority with current relevance.The cryptologic and cyber fields move fast — the SSG sitting today's position is closer to the truth than the CSM who has not driven a work-role tool in five years. The senior cryptologic / cyber NCO who treats his rank as the analytic / operational authority instead of his current cert-stack and current threat-portfolio fluency is the senior NCO whose institutional credibility erodes the day he briefs the J2 of a JTF and gets caught on an out-of-date analytic frame or operational vocabulary. The fix is the deliberate continuing-education discipline — read raw traffic weekly even at SGM level where the access still permits it, consume USAICoE / Cyber Center of Excellence senior leader publications, attend AFCEA / INSA / IC industry threat-intel conferences, maintain the cert-stack continuing-education load (IAT-III continuing education, the senior tier credentials at the institutional level).
Career Decisions at This Rank
- 1SG diamond track (MI company at the 780th MI Brigade, 706th MI Battalion, INSCOM major subordinates, or USAICoE / Cyber Center of Excellence training company) vs MSG staff track (brigade S2 NCOIC at MSG, CMF team senior enlisted billet, INSCOM operations sergeant, joint-duty senior NCO at NSA-CSS / DIA / CIA / USCYBERCOM / JCS J2 / Pentagon, ARCYBER senior MI NCO at Fort Eisenhower).The 1SG diamond at an MI company is the CSM-tracked enlisted path. You run a 90-130 soldier MI company, the orderly room, the supply room, the training calendar, the SCIF footprint, the company-level readiness reporting, the polygraph re-scope tracker. The MSG staff track is brigade S2 NCOIC at MSG, CMF team senior enlisted billet, INSCOM operations sergeant, joint-duty senior NCO at the IC-detail billets, USAICoE / Cyber Center of Excellence senior cadre, USASMA preparatory faculty. Both pay; the line-CSM slate at SGM at the 780th MI Brigade prefers the 1SG-track senior NCO, but the staff track at the IC-detail level produces equally strong senior NCO candidates because the joint-duty credit and the IC-fluency credential compound at the senior NCO slate read. The decision is whether you are a leader (1SG) or a planner / analyst-deep institutional voice (MSG ops or staff senior NCO).
- USASMA / Sergeants Major Academy fellowship.The 10-month resident SGM-A program at Fort Bliss is selection-based via the SMA-selected fellowship list. The brigade CSM nominates; the SMA confirms. Without USASMA, no SGM pin-on through the regular HRC slate at the line-CSM track for the 780th MI Brigade or the senior MI battalion CSM slate. Build the packet 24-36 months out (institutional credentials, NCOER profile, joint duty if applicable, brigade-level senior cryptologic / cyber NCO tour), accept the 10-month family-separation cost, and compete for the fellowship. The senior cryptologic / cyber NCO who declines the fellowship can still pin SGM via the non-resident path, but the line-CSM slate at the 780th MI Brigade prefers SGM-A graduates and the senior cryptologic / cyber CSM bench is no exception.
- Joint duty / IC-detail assignment — JTF J2, COCOM J2, USCYBERCOM senior MI NCO, NSA-CSS / DIA / CIA senior enlisted detail, JCS J2 senior MI NCO at the Pentagon, ARCYBER senior MI NCO at Fort Eisenhower.Joint duty and IC-detail are the broadening assignments the SGM-A board and the senior NCO slate read at SGM / CSM level. The JTF J2 senior MI NCO, the COCOM J2 senior MI NCO (the COCOM J2 senior enlisted billets at EUCOM, AFRICOM, INDOPACOM, SOUTHCOM, NORTHCOM, CENTCOM, SOCOM, USTRANSCOM, STRATCOM, USCYBERCOM, SPACECOM), the USCYBERCOM senior MI NCO seat at Fort Meade, the Pentagon / NSA-CSS / DIA / CIA senior enlisted detail, the ARCYBER senior MI NCO seat at Fort Eisenhower are 2-3 year tours out of the line-brigade or 780th MI Brigade / 706th MI Battalion track. The cost is the time out of the BCT-NCO or the 780th MI Brigade senior rater pipeline; the upside is the institutional credential, the joint-duty credit on the record brief, and the post-service market value of the joint-duty / IC-detail experience. The 35Q-specific structural advantage is that the joint-duty / IC-detail tour is structurally easier to secure than for line-MI senior NCOs because the cryptologic / cyber workforce is the joint workforce; the senior cryptologic / cyber NCOs who land the strongest post-service careers usually have at least one joint-duty / IC-detail tour on the record, and often two.
- Retirement timing — 20-year mark vs 24-30 years.At 1SG / MSG with 20-24 years TIS, the retirement decision is the most consequential financial decision of the career. Under BRS, the multiplier is 2.0% per year of service (40% at 20, 50% at 25, 60% at 30). The TSP match offsetting; the continuation pay window past; the next financial inflection is retirement timing itself. Senior cryptologic / cyber NCOs who retire at 20 years enter the post-service market with strong leverage (TS/SCI with polygraph maintained, Foundry / Strategic Intel Course credentials, USASMA fellowship if completed, brigade S2 NCOIC or CMF team senior enlisted experience). Senior NCOs who stay for 24-30 retire at higher base + pension but face a smaller post-service market window. The 35Q-specific structural advantage is the IC-portability; both timing paths land at the strongest enlisted post-service inflection in the Army, but the planned timing path lands at the higher tier (GG-14 / GG-15 IC civilian conversion at NSA-CSS / DIA / CIA / USCYBERCOM, senior cleared-contractor program-manager / partner tier, consulting partner tier) and the unplanned path lands at the senior analyst tier. The financial counselor and retention NCO conversations at this rank are structural senior-NCO retirement-planning gates.
- Post-service market planning — IC contractor, direct IC civilian conversion, federal civil service, consulting / advisory.Senior 35Q NCOs with TS/SCI with polygraph, USASMA credentials, the IC-fluency credential stack (3-4 work-role qualifications across the career, IAT-III current at the senior tier, Foundry senior catalog, Strategic Intel Course at USAICoE, ICD 203 / 206 / 208 fluency demonstrated through portfolio, language proficiency where applicable, joint-duty credit), and a clean 1SG / SGM record are valuable to defense industry on day one out the gate. Companies hiring at this profile: Leidos, Booz Allen Hamilton, MITRE, CACI, ManTech, SAIC, the long tail of cleared contractors at the principal-analyst / program-manager / senior-advisor / partner tier ($200-300K base). Federal civil service (DA Intel GG-12 / GG-13 / GG-14 entry tracks at INSCOM and NGIC) is the alternate path. Direct IC civilian conversion (senior cryptologic / cyber NCOs converting to GG-14 / GG-15 IC civilian analyst / principal analyst / senior advisor billets at NSA-CSS / DIA / CIA / USCYBERCOM with USASMA credentials and joint-duty credit, with SES inflection over 5-10 years for the senior CSM cohort) is the highest-tier path and the 35Q-specific structural advantage. Consulting / advisory (the cyber-intelligence and threat-intelligence consulting markets value the senior 35Q NCO at the partner / director tier) is the boutique path. The decision is timing and target: which market, when, with what relationship-building lead time. The senior NCOs who landed the best post-service careers planned 24-36 months ahead — clearance currency, credential continuing-education, AFCEA / INSA conference networking, IC civilian conversion conversations with HR at the IC agencies.
How the Seat Varies by Unit Type
- MI Company 1SG at the 780th MI Brigade (Cyber-Aligned) at Fort MeadeThe 780th MI Brigade is the Army's cyber-aligned MI brigade — the senior cryptologic / cyber NCO bench for the cyber-intel community. The 780th MI Brigade MI company 1SG runs an Army-side MI company supporting USCYBERCOM and NSA-tasked missions; the company is 90-130 soldiers — cryptologic / cyber operators, analysts, signals soldiers, the SCIF footprint and the closed-access workforce dynamics that come with it. The OPTEMPO is contested-network operational. The senior NCO trajectory at this billet runs through the brigade CSM at the 780th MI Brigade (the apex slate for the cryptologic / cyber senior CSM community) and the INSCOM senior NCO chain. The brigade CSM at the 780th is the senior cryptologic / cyber CSM — the apex slate for the cyber-intel community on the Army side.
- MI Battalion Company 1SG at the 706th MI Battalion at the Cyber Center of Excellence at Fort EisenhowerThe 706th MI Battalion supports the cyber-intel mission set and is aligned with the Cyber Center of Excellence at Fort Eisenhower (co-located with the SLC schoolhouse for the 35-series and 17-series career fields). The 706th MI Battalion company 1SG runs an Army-side MI company inside a workforce that interfaces directly with the Cyber Center of Excellence cadre and the senior cyber-NCO bench. The OPTEMPO is operational with an institutional adjacency; the institutional credential of a 706th tour reads heavy at the SGM slot conversation and the line-CSM slate.
- MI Battalion Company 1SG at INSCOM major subordinates (902nd MI Group at Fort Meade for CI / security-investigations adjacency, NGIC at Charlottesville for technical intel adjacency, other INSCOM ops subordinates)INSCOM's operational subordinates each run distinct mission sets. The 902nd MI Group at Fort Meade runs Army CI and security investigations; NGIC at Charlottesville runs the technical intel mission; the other INSCOM ops subordinates run their respective mission sets. The 1SG at any of these runs a 90-130 soldier MI company inside the INSCOM operational structure. The senior NCO trajectory at these billets runs through the INSCOM senior NCO chain at Fort Belvoir and the joint-duty / IC-detail senior NCO pipeline. TS/SCI with polygraph is universal; the credential stack is the heavier credential than the line-BCT experience.
- MI Training Company 1SG at USAICoE / Cyber Center of Excellence (334th MI Battalion AIT cadre at NIOC Corry Station running the 35Q AIT pipeline, USAICoE OSUT/AIT companies at Fort Huachuca for the broader 35-series, Cyber Center of Excellence training companies at Fort Eisenhower for the 17-series and cyber-aligned 35-series)The USAICoE / Cyber Center of Excellence training company 1SG runs the institutional pipeline that produces every cryptologic / cyber operator in the Army. The 334th MI Battalion at NIOC Corry Station in Pensacola is the joint cryptologic schoolhouse (Army, Navy, Air Force, Marines) where 35Q AIT runs; the institutional cadre 1SG seat at this billet is rare but real. The OPTEMPO is the OSUT / AIT training cycle — back-to-back classes, brutal during cycles, predictable. The institutional credential (the X4 Drill Sergeant ASI for the OSUT companies, the institutional cadre ASI for the AIT companies) is on the record brief and reads heavy at the centralized MSG / 1SG board.
- MI Battalion CSM / 780th MI Brigade CSM (the line-CSM slate at the cryptologic / cyber community apex)The CSM diamond (with the trefoil) is the command-team senior enlisted billet. Battalion CSM at an MI battalion at the 780th MI Brigade or the 706th MI Battalion or a BEB-with-cryptologic-MICO, then brigade CSM at the 780th MI Brigade (the senior cryptologic / cyber CSM in the brigade's command team — apex slate for the cyber-intel community on the Army side), 902nd MI Group CSM at Fort Meade, INSCOM senior CSM at Fort Belvoir, USAICoE CSM at Fort Huachuca, Cyber Center of Excellence CSM at Fort Eisenhower, ARCYBER senior MI CSM. The slate is the most competitive in the senior cryptologic / cyber NCO inventory; the brigade CSM at the 780th MI Brigade is the apex slate for the senior cryptologic / cyber CSM community. The CSM tour shapes the post-service market materially — CSMs at the 780th MI Brigade and the senior MI battalions have post-service options at the GG-15 / SES / IC civilian principal analyst / senior cleared-contractor partner-tier.
What Good Looks Like at This Rank
Preview — The Next Rank
35Q E8-E9 — Frequently Asked Questions
Q01What does a E8-E9 35Q (Cryptologic Network Warfare Specialist) actually do?
Q02What's the most important thing to know as a E8-E9 35Q?
Q03What does a typical day look like for a E8-E9 35Q?
Q04What mistakes get E8-E9 35Q soldiers fired or relieved?
Q05What career decisions matter most at the E8-E9 35Q rank tier?
Q06What's next after E8-E9 for a 35Q (Cryptologic Network Warfare Specialist) in the Army?
Q07What manuals and regulations does a E8-E9 35Q need to know cold?
This playbook has no tips yet. Be the first to share what you know.