Skip to main content
HonestMOS
InvestigationsCongress made VA disability claims free to file. An entire industry charges veterans anyway — and nobody can stop them.
Back to 35T Military Intelligence (MI) Systems Maintainer/Integrator — overview, pay, training, civilian translation, reviews
35TE4

Military Intelligence (MI) Systems Maintainer/Integrator

E-4 (Specialist/Corporal) · Army

HEADS UP

Specialist 35T is where the JQR stack converts to a maintainer profile and the trajectory diverges. The garrison-SCIF 35T and the tactical-SIGINT 35T are both E-4s; the difference compounds for the rest of the career. BLC is the STEP gate for SGT. The IAT-II credential is mandatory and the IAT-III path is open — the certification money is funded under unit training and Army Credentialing Assistance, and using it (or not) is the single most consequential mid-junior-enlisted decision in this MOS.

The Honest MOS Read
You pinned E-4 Specialist (or pinned E-4 Corporal if the chain put you in a team-leader-equivalent maintenance billet before BLC). Either way: you are now the rank the BCT MICO maintenance bench or the brigade S2 systems cell actually runs on. The captain and the warrant officer set the technical lane; the SSG NCOIC runs the section; the SPC turns the wrench on the iron. The Army's tolerance for figuring-it-out dropped when you pinned SPC, and the senior maintainer's expectations moved from "can he image a workstation off the baseline" to "can he close an IAVA closure cycle on the MI enclave inside the published timeline without breaking the analytic line." The promotion math for E-5 SGT runs through the semi-centralized AR 600-8-19 system — 36 months TIS / 8 months TIG (waivable to 18/6 in some cases), DA 3355 promotion-point worksheet, max 800 points, monthly MOS-specific cutoff. BLC (Basic Leader Course) is the hard STEP gate; you must graduate BLC before you can pin SGT, no waivers. BLC slots run through the regional NCO Academy and are allocated by chain priority — get your name on the BLC roster 12 months before your TIS / TIG hits the SGT window. For 35T specifically, the cutoff moves with intel / cyber inventory and BCT readiness cycles; pull the current HRC SELCONT MILPER monthly. The points worksheet rewards the cert stack you build at E-4 — Foundry / vendor schools, IAT credentials, college credit, correspondence (DLC, structured self-development). The job content at SPC in a BCT MICO maintenance section or brigade S2 systems cell is "qualified maintainer with a defined slice." You administer a slice of the MI enclave — a DCGS-A node (query tier, ingest tier, or federation), the SCIF's domain controllers and Active Directory delegated OU, the storage array the analysts hate when it gets slow, the COMSEC sub-account at the section level under AR 380-40, the tactical comms fit on a Prophet Enhanced shelter, or the cabling and switch fabric for the BCT analytic line. You support the SIGINT analysts (35N) and signals collectors (35S) on the floor; you cross-talk with the cryptologic linguists (35P) when language-routing breaks at the platform layer; you brief the all-source analysts (35F) on system status when the COP drops. You drive DCGS-A at the integrator level — service start / stop, log scrape, query-tier vs ingest-tier troubleshooting, escalation to the vendor field-service rep with a clean repro and timeline. You run the IAVA closure cycle on systems you administer, push the STIG-compliance patches, and you are the bench when the SSG NCOIC has to leave the shop for sick call, appointments, or SLC. You will also draw the Prophet, the Trojan strategic-SIGINT family at the brigade or theater level, or the BCT's tactical SIGINT extension package for a field problem and you will sign for hundreds of thousands of dollars of MI gear under AR 710-2 (Supply Policy) and AR 735-5 (Property Accountability). The DoDM 8140 (Cyber Workforce Qualification) standards step up at E-4. IAT-II compliance is mandatory and continuous — Sec+ CE is the entry credential, maintained through CEUs or re-test on a 3-year cycle. IAT-III is the next level (CCNP-Security, CASP+, or CISSP on the DoDM 8140 list) and is in motion for the SPC tracking toward a senior-systems billet. The brigade S6 OIC and the senior maintainer audit the unit's IAT compliance roll-up quarterly; the SPC whose credential lapses is the SPC the OIC pulls from the billet that afternoon. The Army Credentialing Assistance (ACA) program funds the exam fees, vouchers, and in many cases the training courses up to the published annual cap (per the current ACA MILPER — the cap moves year over year, and the Army has tightened it during budget cycles). The vendor stack is where post-service economic value compounds — Cisco CCNA (industry-standard networking, ACA-funded), Microsoft Azure Fundamentals / AZ-104, Red Hat RHCSA (the platform credential for the Red Hat half of the MI enclave), AWS Cloud Practitioner / Solutions Architect Associate. The SPC who stacks Sec+ → Net+ → CCNA → Azure / Red Hat by the end of E-4 is the SPC walking into a $90K-$120K civilian IC contractor sysadmin or network-engineer role on ETS day. The clearance reality at SPC. TS/SCI with CI poly is by now routine — and routine is exactly when the second mistake happens. Continuous Vetting under SEAD 4 keeps running in the background; the CV alerts the section will see most often at this rank are financial (delinquencies, large unexplained deposits, foreign financial entanglements), lifestyle (foreign contacts, foreign travel, romantic relationships with foreign nationals, social-media OPSEC violations), and behavioral (off-post arrests, civilian-court matters). Self-report under AR 381-12 (TARP) and SEAD 3 inside the published reporting windows. The CI poly cycle for the seat — typically a re-poly every five years, sooner if the seat moves or an incident triggers — is the gate that catches what self-reporting did not. The senior 35Ts in the shop are the ones who built the habit of reporting first and asking questions later. The reclass / warrant officer conversations open at SPC. The 35Q (Cryptologic Cyberspace Intelligence Collector) and 17C (Cyber Operations Specialist) reclass packets become approachable for the SPC who is clear on the cyber-operator arc — TS/SCI is in place, the school pipelines at Fort Eisenhower (the renamed Fort Gordon, formerly known as Fort Gordon prior to 2023) and Fort Huachuca run several months, and the post-service market for 17C and 35Q is materially stronger than for general 35T. The warrant officer track for senior 35T-grade soldiers runs through several MOS family lanes — 255S (Information Services Technician), 255A (Network Management Technician), 255N (Network Operations Technician) on the signal-systems side; 352-series military intelligence technicians (verify the current 35T-feeding 352 MOS designators with your career manager and the latest HRC warrant officer packet guidance, as the 352-series MOS family has been restructured in recent years) for the MI-systems track. The chain's recommendation is the leading indicator on any of these conversations. Talk to the warrant in your shop honestly. The reenlistment math at first-term ETS. The Selective Retention Bonus (SRB) for 35T and the Critical Skills Retention Bonus (CSRB) for specific cyber / MI skill identifiers are published in the current HRC SRB and CSRB MILPER messages and vary year over year with the MOS retention math. RETAIN-eligible soldiers (E-4 with chain support and BLC complete or near complete) can lock in reenlistment options — duty station, MOS conversion, school slot — that are not available to non-RETAIN soldiers. The trap: signing a 6-year option for the bonus when the family situation cannot sustain six more years. Run the math with your spouse; read the current MILPER before signing; consider the indefinite-status path conversation for the cyber-MI-track soldier who plans a 20-year career.
Career Arc
  • 01E-4 SPC pin-on (typically ~24 mo TIS, automatic if not flagged; CPL by lateral if the chain puts you in a team-leader-equivalent maintenance billet).
  • 02First 90 days as a qualified maintainer with a defined slice — DCGS-A node, AD delegated OU, COMSEC sub-account, Prophet Enhanced field fit, or BCT switch fabric owned end-to-end.
  • 03JQR / OJT signoff on second work-role under STP 34-35T; first work-role qualification current.
  • 04IAT-II maintained (Sec+ CE); IAT-III voucher in motion (CCNP-Security, CASP+, or CISSP depending on platform mix and billet code).
  • 05BLC slot built and locked 12 months before SGT board eligibility — STEP gate, no waivers.
  • 06Cert stack acceleration: Net+, A+, CCNA, vendor certs (Azure / AWS / Red Hat) — funded under ACA / unit training.
  • 07First CTC rotation as a qualified maintainer — Prophet field install, tactical SIGINT extension sustainment, BCT TOC SCIF stand-up under contested conditions.
  • 0835Q / 17C reclass conversation OR warrant officer (255S / 352-series) packet candidacy conversation with the shop warrant.
  • 09Reenlistment decision at first-term ETS — SRB / CSRB / RETAIN options against the current HRC MILPER.
Common Screwups
  • ×Skipping the BLC slot acceptance because the timing was not right. STEP is a hard gate under AR 600-8-19; no BLC, no SGT pin. The SPC who declined the slot is the SPC who sits in zone for an extra year while a peer pins.
  • ×Letting an IAT-II credential (Sec+ CE) lapse during a busy field cycle. Recert via CEUs or re-test is procedural, but a lapse removes you from the IAT-II billet that afternoon — the senior maintainer pulls you from the work the team needs done.
  • ×Coasting on garrison enclave work and skipping the ACA-funded cert stack. The ticket queue compounds tenure, not skill — the cert stack is what the post-service market actually pays for and what the WO / 35Q / 17C packets look at.
  • ×Clearance behaviors at SPC: financial irresponsibility (delinquent debts visible in CV), undisclosed foreign contacts (common with dating apps and social media), drug use (recreational use in a residence is a TARP / SEAD 3 reporting matter regardless of who is using), security incident reports — clearance issues at E-4 follow the entire career and the CI poly cycle catches what self-reporting did not.
  • ×DUI / drug pop / off-post arrest — separation under AR 635-200 chapter 14, clearance revocation cascade, end of the 35Q / 17C conversion option, end of the warrant officer packet conversation, end of the senior-cert ACA funding pipeline.

A Day in the Life

  • 0500Wake. Coffee. Phone check for any overnight alerts dashboard — patch failures, server health, any IAVA notifications that dropped after hours. The on-call rotation in a BCT MICO maintenance section typically falls to the senior maintainer or the SSG NCOIC, but as an SPC you check the alerts as a habit.
  • 0530PT formation. MICO or HHC PT block; the senior maintainer or warrant sets the run pace.
  • 0545-0700Unit PT. The MI maintenance shop tends to be slightly below the BCT line-company average on PT; an SPC who runs a strong 2-mile stands out at the brigade S2 SGM's read.
  • 0700-0900Hygiene, DFAC or barracks breakfast, change into OCPs. Walk to the SCIF systems room or the MICO maintenance bay. Sergeants and senior specialists typically arrive 15 minutes before first formation to clear the inbox and check overnight tickets.
  • 0900Morning stand-up. The senior maintainer or SSG NCOIC walks the previous day's ticket close rate, the patch-cycle status, the IAVA queue, any cyber or COMSEC incidents from overnight. You brief your project status if you are leading something.
  • 0915-1130Project work. WSUS / SCCM patch cycle preparation on the MI enclave, AD cleanup in your delegated OU, GPO testing in the lab OU, STIG remediation on a workstation batch, DCGS-A node service-health check, tactical-kit inventory if you are on the deployable team. Mentor the privates on tier-1 maintenance work — you are now the maintainer the new soldiers ask.
  • 1130-1300Chow. The shop rotates lunch coverage — at this rank you eat with the other SPCs in the maintenance bench or with the SGTs depending on the day.
  • 1300-1500Afternoon work. JQR signoff drills for the next work-role; CCNA / Azure / Red Hat study packet if you have a sit coming up; counseling work if you have any of the privates rated under you yet. Project work continues; COMSEC sub-account inventory checks fall in this window.
  • 1500-1630Final huddle. SF 702 walk-around begins; SF 701 end-of-day SCIF checklist starts. Sensitive items, classified materials, COMSEC containers all accounted for before lights down on the section. Hand-receipt reconciliation, sensitive items checked in.
  • 1630Released, most days. If the brigade has an evening brief that needs senior-maintainer coverage, you stay.
  • 1700-2000Personal time. Gym, cert study (CCNA is the typical E-4 study target, CCNP-Security / CASP+ for the IAT-III track), college courses funded under TA, BLC packet prep if your slot is in motion. The cert stack at E-4 is the single highest-leverage off-duty investment.
  • 2000-2200Down time. Family time if you are married (BAH-with-dependents at E-4 typically means off-post housing). Single soldiers in the barracks split between gym, study, and social time.
  • 2200Lights out. Tomorrow starts at 0500.
  • Field rotation (JRTC / NTC / JMRC / contested-network exercise)Different rhythm entirely. The MICO maintenance section deploys with the brigade. You run tactical SIGINT install and sustainment — Prophet Enhanced shelter rack-and-stack, antenna alignment, receiver-to-processor signal flow, network bridge to JWICS / NSANet, generator-powered switches in tents. Sleep is in shifts; the DCGS-A node and the SIGINT processor cannot drop because the brigade COP is on it. The senior maintainer and the warrant watch who can sustain the iron at hour 200 of a 14-day rotation — that read sets the next year of school slots, assignments, and packet candidacy conversations.

Weekly Cadence

The week in a BCT MICO maintenance section or brigade S2 systems cell at the E-4 level shifts toward project work and away from pure ticket work. Monday is the heaviest planning day — you build out the week's work in the morning stand-up: which workstations need patching, which AD cleanup is on the calendar, which DCGS-A nodes need a service-health pass, which projects need to move. The senior maintainer and the warrant hand you the priority projects in the stand-up; the privates in the shop run the tier-1 ticket work that frees you for the senior-tech tasks. Tuesday through Thursday are typically the project-heavy days. Patch deployments fall on planned maintenance windows (often Tuesday night or Wednesday after-hours), AD cleanup and GPO testing happen during business hours in your delegated OU, STIG remediation is queued through the week, COMSEC sub-account inventory checks fall on the same weekly cadence. The senior tech in the shop is now you or one rank up — the privates come to you with the harder tickets and your ability to answer or escalate cleanly is the senior maintainer's read on whether you are NCO-ready. The warrant will pull you through a structured drill on a system you are signed off on (federation handshake on DCGS-A, key load on COMSEC, GPO push test in the lab OU) if the week's pace allows. Friday is the company-level event and release; the shop tries to clear the queue and close the IAVA tickets by Friday EOD. The week's other rhythm at E-4 is the cert and promotion-point work. Sec+ recertification (or CCNA-Security as the IAT-II maintenance path) runs on a 3-year cycle; CCNA sittings are a 6-month commitment; CCNP-Security / CASP+ / CISSP are 6-12 month commitments at this rank; college courses through TA are typically 1-2 per term. The DA 3355 worksheet is the SSG NCOIC's quarterly conversation with you — what you have, what you can still stack, what the chain is releasing for. The senior 35Ts in the shop are watching whether you are using the E-4 window to stack the senior credentials (CCNP-Security, CySA+, CASP+, AWS / Azure / Red Hat architect-level) or whether you are coasting on Sec+ and waiting for the cutoff. The soldiers who stack the senior credentials at E-4 pin SSG on time; the soldiers who coast pin SSG late or do not pin at all. CTC train-ups and rotations collapse the week's rhythm. When the brigade is in a train-up cycle, the maintenance bay runs at high-tempo for weeks — Prophet Enhanced rehearsals, BCT TOC SCIF stand-up drills, contested-network exercises, vendor field-service rep visits. Garrison rhythm rebuilds on the back side, but the read the rotation left in the senior maintainer's head does not. The contractor sitting across the SCIF has been watching too — the IC contractor market (Booz, Leidos, SAIC, CACI, MITRE, Accenture Federal, ManTech) is constantly recruiting cleared maintainers, and the SPC who handles a CTC rotation well is the SPC whose card the contractor asks for at the end of the rotation.

Key Skills — How to Drill Each

  1. 01
    Administer the SCIF's Active Directory at the delegated OU level — user, group, GPO, account hygiene — without taking a domain-admin shortcut the audit will catch.
    Work within the OU your unit S6 / G2 delegated to you and stay there — do not push changes outside your scope, even when a senior officer asks. Use security groups for permissions, distribution groups for email; never combine the two. When you nest groups, document the chain (a one-page diagram in the SOP folder) — the next 35T who inherits your OU will not understand your nesting structure if you do not write it down. Every AD change is logged on the domain controller; the security audit reads who-touched-what. The DoDM 8140 audit, the brigade CCRI inspection, and the IG cyber readiness review all sample AD logs.
  2. 02
    Run a SCCM / Tanium / WSUS patch deployment cycle on the MI enclave on a published schedule with reporting back to the senior maintainer and the brigade S6 / S2 OIC.
    The patch cycle runs on the monthly Microsoft Patch Tuesday rhythm plus emergency out-of-band patches when an IAVA drops. Build a test ring (a small set of test workstations and one test server in the lab OU) and push to the test ring 48-72 hours before the production push — the test ring catches the broken patch before it bricks the analytic line. Publish the deployment window on the section calendar; the analysts do not get to be surprised by a DCGS-A reboot during the morning brief. Pull the compliance report after the cycle and walk the gaps to closure — the IAVA scorecard rolls up to the brigade S2 OIC and the senior maintainer at the next AAR.
  3. 03
    Drive DCGS-A at the integrator level — service start / stop, log scrape, query-tier vs ingest-tier troubleshooting, escalation to the vendor field-service rep with a clean repro and timeline.
    DCGS-A is the platform; the skill at SPC is being the maintainer who can answer where in the stack the problem lives, not just that it is broken. Take the Foundry DCGS-A intermediate or operator-advanced courses in your first 12 months as SPC. Build a personal runbook for the services your section owns — restart order, log paths, the queries you run to confirm the service is back. When the analyst pages at 0200, your first move is to confirm the service state and check the log timestamps; the second move is to scrape the relevant logs into a clean repro for the vendor escalation; the third move is to call the senior maintainer if you are above your work-role. Vendor field-service reps will pull you off the call quickly if the timeline and the repro are clean; they will keep you on the call for hours if the call is who-knows-what-broke.
  4. 04
    Stand up the tactical MI fit on a Prophet Enhanced platform, the Trojan family at the brigade or theater level, or a BCT SIGINT extension — antenna, receiver, processor, network bridge to JWICS / NSANet — to the unit's Mission Essential Task List standard.
    The site survey is the most important hour you spend at the field site. Walk the ground with the section, identify the antenna line-of-sight and the SATCOM uplink geometry, place the processing equipment in a shelter with reliable power, plan cable runs that will not be cut by HMMWV or M-ATV traffic. Print the IP plan and the antenna-to-receiver-to-processor signal flow on weather-resistant paper; laminate if you can. The Prophet Enhanced shelter is the brigade's SIGINT brick — when you take leave or get pulled to brigade, the soldier who relieves you can read the diagram and sustain the system without paging you on the J-3 net. The senior maintainer and the warrant watch how clean your install is in the first 24 hours of the rotation; that read sets the rest of the year.
  5. 05
    Drive cross-domain hygiene — NIPR, SIPR, JWICS, NSANet — without spillage. One spillage rolls up to Army CI and the SSO closes terminals for a week.
    Cross-domain handling is the operational discipline that separates the SPC who can be trusted with a multi-enclave product from the SPC who works on one enclave only. The rules: data flows from low to high (NIPR → SIPR → JWICS → NSANet) through the approved cross-domain solution your enclave uses; data does not flow high to low without sanitization, tear-line, and a release authority signature. Build a habit of pausing before every paste between enclaves — read what is on the clipboard, read the destination enclave's classification banner, ask if the marking transfers. The SSO and the senior maintainer both inspect on this. The CI report on a spillage incident is automatic and the SSO walks you out of the SCIF that afternoon while the damage assessment runs.
  6. 06
    Run COMSEC at the user / sub-account level under AR 380-40 — EKMS / KMI key load, the LCMS / DTD workflow, the destruction line, the semi-annual inventory inspection-ready.
    COMSEC at SPC is no longer second-position on key loads — you are signing the log, witnessing the junior soldier's actions, and running the destruction line on your section's rotation. AR 380-40 violations are the line nobody in this MOS gets to cross twice. The semi-annual COMSEC inventory inspection is the event the senior NCO loses sleep over; build the daily log discipline now so that the inspection finds nothing. Page-count, signature, witness signature, log entry, container locked, SF 702 stamped — the same five steps every time. The SSO and the unit COMSEC custodian inspect on every log entry; the SPC who treats every daily entry like it is going to be audited is the SPC who never has to explain a finding.

Manuals & References — What Chapters Matter

  • AR 25-2 — Army Cybersecurity (own it, do not just refer to it)
    At SPC you are the soldier executing the controls AR 25-2 specifies — account management, incident reporting timelines, system authorization, training compliance. Print the table of contents and tab the chapters you use most. When the senior maintainer asks you to defend a procedure, the answer cites the paragraph in AR 25-2. The CCRI auditor will quote chapter and section; the answer is the one in the reg, not the one you improvise.
  • AR 380-5 — Information Security; AR 380-40 — COMSEC; AR 380-67 — Personnel Security Program
    AR 380-5 governs your daily classified-handling life; the storage and accountability chapter is what the SSO inspects on every quarterly walk. AR 380-40 is your COMSEC operating manual — the semi-annual inventory inspection is run from this reg. AR 380-67 governs your continued eligibility to remain in the SCIF — the periodic reinvestigation and CI poly cycle live here. Read AR 380-40 cover-to-cover by your second year; reread the inventory and destruction chapters quarterly.
  • AR 381-10 — US Army Intelligence Activities; AR 381-12 — Threat Awareness and Reporting Program; DoDD 5240.01 — DoD Intelligence Activities; EO 12333
    AR 381-10 governs Army intelligence activities and the Procedures 1-15 oversight rules that the Army Intelligence Enterprise operates under — read enough to understand the boundary your systems support. AR 381-12 (TARP) is the self-reporting reg — what to report, when, to whom. DoDD 5240.01 is the DoD-level governing directive; EO 12333 is the executive-order baseline. The CI office, the SSO, and the IG inspect on all of these.
  • ICD 503 — IC IT Systems Security Risk Management; ICD 705 — SCIF Accreditation Standards; DoDM 5105.21 — SCI Administrative Security Manual
    ICD 503 is the IC-wide IT compliance standard — the CCRI / CORA grading framework maps to it. ICD 705 is the physical-security standard for the SCIF — construction, access control, alarm systems, TEMPEST considerations. DoDM 5105.21 is the day-to-day SCI administrative-security plumbing. The SSO and the cognizant authority re-accredit the SCIF on a published cycle; the SPC who knows where the diagrams live is the SPC the SSO calls when the inspector walks in.
  • DoDM 8140 — Cyberspace Workforce Qualification (replacing DoD 8570.01-M)
    The workforce-qualification chart that gates which IAT-coded billet you are allowed to sit. IAT-II for the maintainer work you do; IAT-III for the senior integrator roles in motion. Know which IAT level your billet maps to and which credentials satisfy each level. The DoDM 8140 audit at brigade level is the audit that pulls a non-compliant SPC off the position the day the cert lapses.
  • DISA STIGs (Windows, Server, Active Directory, Cisco IOS, Red Hat, Office 365) and NIST SP 800-53 / 800-171
    DISA STIGs are the hardening checklists the CCRI auditor reads against your systems — pull the current checklist from public.cyber.mil for every platform you administer and run STIG Viewer against your machines quarterly. NIST SP 800-53 is the parent control set under every Army cyber reg; NIST 800-171 covers CUI in nonfederal systems and intersects with the contractor side of the enterprise. Familiarity with the control numbering is what differentiates a competent SPC from a senior-tech-ready SPC.

Standards — How to Hit Each

  • JQR / OJT signoff current on first work-role; second work-role under JQR per STP 34-35T.
    The JQR pipeline at SPC is the senior maintainer's gate to the IAT-II billet work the team needs done. Carry the signoff book; ask for the next opportunity when the senior maintainer is running the task. Be honest about what you do not yet know — the senior maintainer would rather sign you when you are actually ready than re-sign you when you broke something you should not have touched. The first work-role qualification opens the door to the priority work; the second work-role opens the door to the watch-NCO rotation when the SSG is at SLC.
  • IAT-II baseline maintained (Sec+ CE typical); IAT-III in motion if the billet requires it (CCNP-Security, CASP+, or CISSP on the DoDM 8140 list).
    Sec+ is a 3-year credential — maintain via Continuing Education Units (CEUs earned through other certs, training, or activity) or re-sit the exam before expiration. Track the expiration date in ATCTS; the brigade S6 / S2 reports IAT compliance roll-ups quarterly. IAT-III is the senior IT cert floor and the credential the warrant and the SSG NCOIC will start asking you about at SPC — CCNP-Security and CASP+ are 3-6 months of study each; CISSP requires endorsed experience and is a multi-month commitment. ACA funds the exam fees through ArmyIgnitED.
  • BLC graduate; promotion points stacked through vendor certs (Network+, CCNA, AZ-104 / RHCSA depending on platform mix), Foundry seats, college credit, and correspondence.
    BLC slot requests run through ATRRS via your S-1 / S-3 — submit the request as soon as the chain recommends you (typically 6-12 months before promotion zone). 22 academic days at the regional NCO Academy. Promotion points stack across categories on the DA 3355 worksheet: college credit (110 pt ceiling for 60+ semester hours), awards, MOS competency (weapons quals, cert credit), correspondence (DLC, structured self-development). The SSG NCOIC's quarterly conversation is the worksheet review — what you have, what you can still stack, what the chain is releasing for.
  • ACFT 540+ floor — the brigade S2 SGM reads the slide and the MI enclave does not get to skip the test.
    ACFT 540 is above the BCT-S2-shop average and is the SPC floor that keeps you out of trouble at the SGT board. Build it with lift days (deadlift, hex-bar carry, push-up volume), interval runs (the 2-mile is the score-killer — pull it under 16:30), and grip/core work. The MICO 1SG and the brigade S2 SGM both notice the maintainer who out-PTs the line-platoon SPCs of the same rank. The intel / cyber community has worked hard to shed the soft-soldier stereotype; do not put it back on your section.
  • Zero CAT-1 STIG findings on systems you personally administer during the next CCRI / CORA / cyber inspection.
    Run STIG Viewer against your systems monthly, not just before the inspection. CAT-1 findings are the high-severity items that auditors lead with; CAT-2 and CAT-3 are softer but still feed the score. The closure-plan-with-milestone is acceptable for findings you cannot remediate immediately (some require approved waivers or POAMs through the brigade ISSM); the unaddressed CAT-1 is what gets the brigade S2 OIC called into the BCT CO's office. Your name on the asset tag is what gets named.

Technical Mistakes — Concrete Consequences

  • Using a shared admin account on a domain controller, a DCGS-A server, or a Cisco appliance.
    Every action on the system is logged with a username and timestamp. A shared admin account means nobody can be attributed to a specific change, which is a non-repudiation violation under AR 25-2 and a CAT-1 finding under most CCRI checklists. The cleanup is full provisioning of named admin accounts, a security incident report, and a brigade S2 / S6 OIC counseling that lives in your file. Ownership-by-shared-account ends careers at warrant officer or SFC selection.
  • Patching outside an approved maintenance window.
    You bricked the brigade's analytic line in the middle of a live BUB. The BCT CO is briefing the division CG on the JWICS COP; the SIPR enclave you just patched takes 45 minutes to recover; the analytic line has nothing to push. By 1500 your name is in the senior maintainer's line and the warrant is on the phone with the vendor before you finish the rollback. The published change-management process becomes the next month's mandatory training, with your shortcut as the example in the deck.
  • Letting an IAT-II or IAT-III credential lapse without the recert cycle in motion.
    DoDM 8140 audit at brigade pulls you off the IAT-coded position the day the cert expires. The team is short a maintainer until you re-test; the work you were doing falls on the senior maintainer; the section's IAVA closure rate takes a hit; the SSG NCOIC has the conversation with you about the gap. ACA may not fund a re-test inside the same fiscal year if you let it lapse — the bill becomes yours.
  • Telling a senior analyst or staff officer I cannot do that without offering the workaround or the escalation.
    Senior analysts and senior officers do not need to hear cannot. They need to hear the request requires X approval and I have already opened the ticket; here is the workaround until then. The officer who hears cannot walks to the SSG and the SSG walks to you with a counseling about customer service. The next echelon up reads the ticket, and the read on you flips from useful maintainer to wall to be routed around.
  • Bypassing the change-management board because it is just a quick fix in the SCIF.
    The S6 / S2 audit catches the unauthorized change in the next configuration baseline review. If the audit misses it, the next CCRI inspector finds it. The quick fix becomes a CAT-1 finding in the brigade's cyber posture, the warrant asks you why you bypassed the published process, and the next 18 months of change-management training in the unit is the lesson learned from your shortcut. The SSO writes the finding; the SSG writes a counseling; your record carries the audit hit.

Career Decisions at This Rank

  • CCNA vs CCNP-Security vs CASP+ vs CISSP as the second-tier cert.
    CCNA is the depth networking credential — the most respected of the four by the warrant officer community and the senior signal NCO bench, and the gateway to CCNP-Security at IAT-III. CCNP-Security is the senior networking-security cert — DoDM 8140 IAT-III compliant and the credential the brigade S6 / S2 OIC quotes for the senior-systems-NCO billet. CASP+ is the CompTIA senior cert — IAT-III compliant, broader than CCNP-Security on the compliance side, and good for the soldier who is generalist-track rather than networking-deep. CISSP is the executive-track credential — endorsed experience required, multi-month commitment, but the strongest civilian-market signal for the cleared senior-IT job market. Default: CCNA at SPC if you are tracking toward warrant officer (255S / 255A / 255N) or senior tactical-network NCO work; CASP+ at SPC if you are tracking toward 35Q / 17C reclass or generalist-track senior systems; CCNP-Security at SGT once CCNA is on the wall; CISSP at SSG or later. Stacking two at SPC is realistic with ACA funding.
  • 35Q (Cryptologic Cyberspace Intelligence Collector) or 17C (Cyber Operations Specialist) reclass at SPC vs SGT.
    Both reclass paths are approachable at SPC for the 35T with strong technical fundamentals and a clean clearance profile. 35Q is the cryptologic-cyber collector arc — the school pipeline at Fort Eisenhower (the renamed Fort Gordon, 2023) runs several months, post-school assignments are NSA / CSS-co-located cryptologic units and ARCYBER formations. 17C is the cyber-warfare operator arc — the school pipeline at Fort Eisenhower runs 6+ months, post-school assignments are Cyber Mission Force teams, the 780th MI Brigade, ARCYBER operational units, joint cyber commands. Reclassing at SPC puts you into the school pipeline as a junior soldier and gives you the longest post-school operator career arc; reclassing at SGT means you go through the school as an NCO with leadership credentials on top of the technical training. The chain's recommendation is the leading indicator; talk to the senior maintainer, the warrant, and any senior 35Q / 17C NCOs in your unit. The wash rates are real; the soldiers who succeed are the ones with strong networking fundamentals and self-discipline. The honest test: are you interested in the operator side, or are you chasing the cooler MOS name?
  • Warrant officer (255S Information Services / 255A Network Management / 255N Network Operations / 352-series MI Technician) packet conversation.
    The warrant officer path for a senior 35T runs through several MOS family lanes on the signal-systems side (255 family) and the MI-systems side (352-series, restructured in recent years — verify the current 35T-feeding 352 designators with your career manager and the latest HRC warrant officer packet guidance). The packet (DA 61, command recommendation, ASB, board file, technical-skill documentation) is approachable at SPC with strong chain support, but most warrant officer accessions in this family pin at senior SGT or SSG. The school pipeline runs WOCS at Fort Novosel followed by the MOS-specific WOBC at Fort Eisenhower or Fort Huachuca, several months total. The post-school role is the brigade S6 / S2 / MICO technical bench officer — the technical SME on the staff. The honest test: are you the soldier who keeps asking why the architecture is built the way it is built? If yes, the warrant path is where you belong. The 255S / 352-series WO is the most respected technical position in the MI / signal-systems community at the brigade and theater level. Talk to the warrant in your shop early; the SPCs who track requirements at E-4 are the soldiers who submit clean packets at SGT or SSG.
  • BLC slot timing — early vs late in the E-4 zone.
    BLC is the STEP gate for E-5 — no SGT pin-on without it. Slot availability tightens as the year-group moves into the promotion zone; soldiers who request the slot early (12-18 months before zone) typically get a more flexible schedule. The trade-off is missing the slot you wanted because the chain wanted you on a project, a CTC rotation, or a contested-network exercise. Talk to the SSG NCOIC about the chain's preferred timing; the answer is usually 12 months before you go board-eligible. 22 academic days at the regional NCO Academy. Phone it in at BLC and the brigade S2 SGM will hear about it from the NCO Academy CSM; show up at standard PT, with a clean uniform, with the squad-leader-time habits already built, and the Commandant's List bullet is a promotion-points line.
  • First-term reenlistment — SRB / CSRB / RETAIN / option year / indefinite-status conversation.
    The SRB (Selective Retention Bonus) for 35T and the CSRB (Critical Skills Retention Bonus) for specific cyber / MI skill identifiers are published in the current HRC SRB and CSRB MILPER messages and vary year over year with the MOS retention math. RETAIN-eligible soldiers (E-4 with chain support and BLC complete or near complete) can lock in reenlistment options — duty station, MOS conversion (35Q / 17C), school slot — that are not available to non-RETAIN soldiers. The trap: signing a 6-year option for the bonus when the family situation cannot sustain six more years. Run the math with your spouse; read the current MILPER before signing; consider the indefinite-status path conversation (per AR 601-280, available at SSG) for the cyber-MI-track soldier who plans a 20-year career. The cleared-contractor market post-service is the comparison set — a $90K-$120K civilian sysadmin job vs the active-duty re-up package with bonus and benefits. Run both numbers.

How the Seat Varies by Unit Type

  • BCT MICO maintenance section / brigade S2 systems cell (IBCT, SBCT, ABCT)
    The most common SPC assignment. The MICO maintenance bench and the brigade S2 systems cell run the brigade's MI enclave in garrison and the tactical MI fit in the field. At SPC you are the maintainer the privates come to and the project lead the SSG NCOIC hands the patch cycle, the AD cleanup, the DCGS-A query-tier work, and the Prophet Enhanced field install to. The work is broad: SCIF enclave, tactical SIGINT, JBC-P (when the BCT runs a joint mounted picture), VTC, project work. The deployable element is where the visible career capital lives. The senior maintainer, the warrant, and the brigade S2 OIC are the leaders watching your read.
  • Divisional MI battalion / MEB MI element
    A deeper bench than the BCT. The divisional MI battalion supports the division G2 across the brigades and runs the divisional Trojan / DCGS-A footprint; the MEB MI element covers a different operational slice. SPCs in a divisional MI battalion see more variety in the iron and more competition for the priority work. The senior maintainer bench is deeper, the warrant has more soldiers to choose from, and the JQR signoff opportunities are broader.
  • Theater MI Brigade (470th JBSA / SOUTHCOM, 500th Schofield / INDOPACOM, 501st Korea, 66th Wiesbaden / EUCOM, 513th Fort Eisenhower / CENTCOM, 207th Africa)
    The operational-strategic seat for an SPC. You work theater-level MI systems for a CCMD J2 — Trojan strategic-SIGINT family, theater DCGS-A integration, federated query infrastructure to national agencies, COCOM-level cross-domain solutions. The OPTEMPO is different from a BCT (less tactical, more sustained operational), the family quality-of-life is materially better than a BCT in many cases, and the post-service career arc weights theater experience for the technician and senior-NCO tracks. Less common as a first-tour SPC assignment but possible with the right cert stack or skill identifier.
  • 780th MI Brigade at Fort Eisenhower (the renamed Fort Gordon, 2023) / Cyber Protection Brigade
    The cyber-MI elite track. SPCs in a 780th MI Brigade slot are on the development bench for the cyber community — the senior NCOs there are mentoring toward 17C reclass, 35Q reclass, or warrant officer (170A cyber warrant) track. TS/SCI with CI poly required; mission work is offensive and defensive cyber operations. Different career math than the BCT MICO path; the post-service market for cyber operators is materially stronger than for general 35T. Selection into a 780th slot at SPC is competitive; the chain's recommendation and the cert stack are both leading indicators.
  • 706th MI Group at Fort Meade (NSA / CSS-adjacent) / INSCOM HQ at Fort Belvoir / national detail (NSA, DIA, CIA, FBI)
    The national-strategic seat. The 706th MI Group operates alongside NSA / CSS infrastructure at Fort Meade and supports the cryptologic enterprise; INSCOM HQ runs the above-brigade Army MI architecture. National details at NSA, DIA, CIA, or FBI put an Army SPC on an IC-wide systems problem alongside civilian engineers and contractors. The work is closed-access in ways a BCT shop is not — you may have an access list of three people who can know what you actually work on. Career-defining for the 35T on a national-IC track; the post-service market into NSA / DIA / CIA / FBI civilian roles and into the IC contractor market (Booz, Leidos, SAIC, CACI, MITRE, Accenture Federal, ManTech) is materially stronger than for the BCT-track maintainer. Less common as a first-tour SPC assignment; typically requires skill identifier, language, or HRC-directed slot.

What Good Looks Like at This Rank

The good Specialist 35T is the maintainer the SSG NCOIC puts on the brigade CG's SCIF VTC problem and the rotation's Prophet Enhanced field install in the same week, because both come back working and the SGM does not have to ask twice. He has CCNA on the wall already — passed at month 18 of his enlistment, paid for through ACA, studied through three months of evening packet-tracer labs. He has a 35Q reclass packet in his folder if he wants the cryptologic-cyber arc, with the warrant's recommendation already signed; he has a 255S / 352-series WO packet conversation in motion if he wants the technician arc. The contractor sitting across the SCIF has already asked when his ETS window opens. In the shop he runs the WSUS / SCCM patch cycle on the published schedule and the compliance report he sends up to the brigade S2 OIC reads like a junior NCO wrote it. He owns a delegated OU in Active Directory and the senior maintainer does not have to second-guess his group structure. He has written two PowerShell or Bash scripts that are now in the shop's standard procedure — a daily AD locked-accounts report, a STIG compliance check that walks the workstations in his OU — and the warrant quotes them at the weekly stand-up. He runs his COMSEC sub-account so cleanly that the semi-annual inventory inspection clears without a finding. In the field he runs the Prophet Enhanced shelter install in six hours instead of twelve because he rehearsed the rack-and-stack in garrison. The DCGS-A node at the BCT TOC does not drop because he validated the runbook before the rotation started. The brigade BUB happens on time on day three because his cabling stayed up overnight on generator power and the SSG sleeping in the back of the shelter did not have to be woken up. The senior maintainer's read on him at hour 200 of the rotation is what sets the next year of school slots — BLC submission, the warrant officer packet conversation, the 35Q reclass timing, the brigade-level project the warrant trusts him with next quarter. The chain is already positioning him for the next step. The BLC slot is in motion; the warrant has him on the short list for the next contested-network exercise; the 35Q / 17C / WO conversations are happening every quarter as real possibilities, not hypotheticals. His NCOER input from the SSG NCOIC reads in specific deliverables — closed 14 critical IAVAs inside the published window with 100% compliance, led 240-workstation Windows 11 migration with zero unscheduled outages on the analytic line, sustained Prophet Enhanced uplink through 14-day JRTC rotation with 99.6% uptime — not the generic filler that gets generic NCOER blocks. When the centralized E-5 cutoff drops next month, he is sitting above the line on points and the chain is releasing him without hesitation.

Preview — The Next Rank

Sergeant 35T (E-5) is the integration rank — military leadership now stacks on top of the maintainer credential stack, and the junior 35Ts you supervise are doing the line work you were doing at E-4. As a 35T SGT in a BCT MICO maintenance section or brigade S2 systems cell, you are typically the team leader for a 3-5 soldier element handling a specific section of the brigade's MI footprint — DCGS-A administration, the Prophet Enhanced field-fit team, the SCIF networking and storage line, the COMSEC sub-account, tactical comms vehicle support. You own shift uptime, IAVA compliance, STIG hardening, COMSEC custodianship at section level, and the NCOER input on your 3-5 soldiers. The first operational deployment cycle as SGT — tactical MI vehicle / shelter system support or NSA / COCOM rotation — is the formative read the senior maintainer and the warrant will use to slate you for the SSG bench. The promotion math for E-6 SSG runs through the same AR 600-8-19 framework — 48 months TIS / 10 months TIG (waivable), DA 3355 worksheet at max 800 points, monthly HRC cutoff (pull the current 35T cutoff MILPER monthly), chain release. ALC (Advanced Leader Course) is the STEP gate — 35T ALC at the Signal NCO Academy or USAICoE NCO Academy depending on the cohort, several weeks academic. Without ALC complete, no SSG pin-on regardless of points. The cert stack maturation at E-5 is where senior IT and IA credentials become realistic. CCNP-Security (the IAT-III networking-security cert), CASP+ (the CompTIA senior cert), CISSP (the executive-track credential — endorsed experience required), the SANS / GIAC family (GSEC, GCIH, GCIA — industry-recognized cyber/SOC analyst credentials, expensive but ACA-funded for select roles), AWS / Azure / Red Hat architect-level. The senior cert stack at E-5 / E-6 plus a TS/SCI with CI poly is a $100K-$160K+ civilian cyber-IT job in the DC / NoVA / Fort Meade / Colorado Springs market on day one out the gate. The 35Q / 17C reclass conversation is still open; the warrant officer (255S / 255A / 255N / 352-series MI technician) packet conversation gets serious. Plan the ALC slot 6-12 months after pinning SGT — ALC is the STEP gate for SSG (E-6) and slot availability tightens as the year-group moves into the zone.
FAQ

35T E4 — Frequently Asked Questions

Q01What does a E4 35T (Military Intelligence (MI) Systems Maintainer/Integrator) actually do?
You are signed off on at least one work-role under the joint MI / cyber workforce framework, and you are reading toward the next one.
Q02What's the most important thing to know as a E4 35T?
Specialist 35T is where the JQR stack converts to a maintainer profile and the trajectory diverges.
Q03What does a typical day look like for a E4 35T?
Time-blocked day at the E4 35T rank tier: 0500 Wake. Coffee. Phone check for any overnight alerts dashboard — patch failures, server health, any IAVA notifications that dropped after hours. The on-call rotation in a BCT MICO maintenance section typically falls to the senior maintainer or the SSG NCOIC, but as an SPC you check the alerts as a habit, 0530 PT formation. MICO or HHC PT block; the senior maintainer or warrant sets the run pace, 0545-0700 Unit PT. The MI maintenance shop tends to be slightly below the BCT line-company average on PT;…
Q04What mistakes get E4 35T soldiers fired or relieved?
Skipping the BLC slot acceptance because the timing was not right. STEP is a hard gate under AR 600-8-19; no BLC, no SGT pin. The SPC who declined the slot is the SPC who sits in zone for an extra year while a peer pins; Letting an IAT-II credential (Sec+ CE) lapse during a busy field cycle. Recert via CEUs or re-test is procedural, but a lapse removes you from the IAT-II billet that afternoon — the senior maintainer pulls you from the work the team needs done;…
Q05What career decisions matter most at the E4 35T rank tier?
CCNA vs CCNP-Security vs CASP+ vs CISSP as the second-tier cert — CCNA is the depth networking credential — the most respected of the four by the warrant officer community and the senior signal NCO bench, and the gateway to CCNP-Security at IAT-III. CCNP-Security is the senior networking-security cert — DoDM 8140 IAT-III compliant and the credential the brigade S6 / S2 OIC quotes for the senior-systems-NCO billet. CASP+ is the CompTIA senior cert — IAT-III compliant, broader than CCNP-Security on the compliance side,…
Q06What's next after E4 for a 35T (Military Intelligence (MI) Systems Maintainer/Integrator) in the Army?
Sergeant 35T (E-5) is the integration rank — military leadership now stacks on top of the maintainer credential stack, and the junior 35Ts you supervise are doing the line work you were doing at E-4.
Q07What manuals and regulations does a E4 35T need to know cold?
AR 25-2 — Army Cybersecurity (own it, do not just refer to it).; AR 380-5 — Information Security; AR 380-40 — COMSEC; AR 380-67 — Personnel Security Program.; AR 381-10 — US Army Intelligence Activities; AR 381-12 — TARP; DoDD 5240.01 — DoD Intelligence Activities; EO 12333.

This playbook has no tips yet. Be the first to share what you know.

Published by the Honest MOS Editorial DeskVerified against DoD/.gov sourcesUpdated May 2026Editorial standards