Skip to main content
HonestMOS
InvestigationsCongress made VA disability claims free to file. An entire industry charges veterans anyway — and nobody can stop them.
Back to 35T Military Intelligence (MI) Systems Maintainer/Integrator — overview, pay, training, civilian translation, reviews
35TE5

Military Intelligence (MI) Systems Maintainer/Integrator

E-5 (Sergeant) · Army

HEADS UP

Sergeant 35T is the rank where you stop being the maintainer who turns the wrench and start being the NCO who signs for the iron the section runs. You own a 3-5 soldier shift, the IAVA compliance against the published timeline, the STIG hardening on the systems your team administers, and the COMSEC custodianship at the section level under AR 380-40. ALC is the STEP gate for E-6. The first 90 days as SGT 35T is the steepest leadership curve in the MI-systems community — the SCIF will not pause for you to catch up. The warrant officer (255S / 352-series) packet candidacy conversation gets serious at SGT; build the ALC slot and the packet on the same calendar.

The Honest MOS Read
Sergeant 35T is the integration rank — military leadership now stacks on top of the maintainer credential stack, and the junior 35Ts you supervise are doing the line work you were doing at E-4. As a 35T SGT in a BCT MICO maintenance section or brigade S2 systems cell, you are typically the team leader for a 3-5 soldier element handling a specific section of the brigade's MI footprint — DCGS-A administration, the Prophet Enhanced field-fit team, the SCIF networking and storage line, the COMSEC sub-account, tactical comms vehicle support, BCT TOC SCIF infrastructure. In an enterprise NETCOM-equivalent role at a divisional MI battalion or a theater MI brigade you lead a team in a fixed-installation enclave — Trojan strategic-SIGINT family maintenance, divisional Active Directory enclave, theater cross-domain solution administration. In a 780th MI Brigade slot at Fort Eisenhower (renamed from Fort Gordon in 2023) or a 706th MI Group seat at Fort Meade, you are a junior NCO on a cyber-MI mission force team or NSA / CSS-adjacent infrastructure team with a more specialized skill profile. The first three months as an E-5 35T are the steepest leadership learning curve in the MI-systems community. You went from being responsible for your specific work-role on the iron to being responsible for a 3-5 soldier maintainer section that has its own marriages, debts, custody issues, Continuous Vetting flags, security-clearance reinvestigations, and Article 15 risk on top of the system uptime the BCT runs on. Your team leader job description per ATP 6-22.1 and ADP 6-22 is mission first, soldiers always; in practice it is mission first, soldier-counseling-session at 2200 always, sleep when the watch hands off. The promotion math for E-6 Staff Sergeant runs through the same semi-centralized point system as E-5 under AR 600-8-19 — 48 months TIS / 10 months TIG (waivable), DA 3355 promotion-point worksheet, max 800 points, monthly MOS-specific cutoff. The differentiator from E-4-to-E-5 is that the chain of command's recommendation carries materially more weight at this gate, and the Army's E-6 inventory math is structurally tighter than the E-5 inventory math because the SSG slate funds the section NCOIC and platoon-staff billets at the MICO, the brigade S2 systems cell, and the divisional / theater MI battalions. The Advanced Leader Course (ALC) is the next STEP gate for E-6 under the same AR 600-8-19 framework — 35T ALC runs at the Signal NCO Academy or USAICoE NCO Academy depending on the cohort and the current course assignment, several weeks academic. Without ALC complete, no SSG pin-on regardless of points or cutoff. For 35T specifically, the ALC slot windows depend on the regional NCO Academy schedule and the brigade's NCO development priorities — pull the slot 12-18 months out to lock in the school date for E-6 promotion timing; pull the current HRC SELCONT 35T MILPER monthly for the points cutoff. Your job content at SGT is "section NCOIC" or "shift NCOIC" on the maintainer side. You own a 3-5 soldier section — a shift on a DCGS-A administration team, a Prophet Enhanced maintenance bay team, a SCIF networking and storage line, a COMSEC sub-account, a tactical MI vehicle support cell. You counsel your soldiers monthly per AR 623-3 (DA Form 4856 — the legally defensible counseling that documents both the technical work and the development plan, with monthly minimum and event-driven entries on top). You write the section's input to the daily system-status SITREP, the weekly maintenance report, and the brigade's cyber-readiness push when one is required. You sit at the maintenance huddle with the senior maintainer, the warrant, and the SSG NCOIC. You defend the section's residual-risk lines under brigade S2 / S6 OIC questioning. You sign for the iron your soldiers maintain; you sign for the COMSEC at the section level under AR 380-40; you sign for the section's classified destruction line; you sign for the IAT credentials your soldiers are required to hold under DoDM 8140; you sign for the STIG compliance posture on the systems you administer. You also still turn the wrench. The SGT 35T who stops touching the iron is the SGT who signs off a STIG gap or an IAVA finding he does not actually understand — because the SPC under him saw something he did not. The good SGT 35T maintains a maintainer's hand on the systems alongside the NCOIC's hand on the section. The bad SGT 35T becomes an administrator with an NCO patch and stops being trusted with the technical line. The senior maintainer voice in the SCIF does not retire when you pin SGT; it gets sharper. The school slots become career-defining at SGT. ALC (Advanced Leader Course) is the STEP gate for SSG. The 35T-specific ALC focuses on team-leader-NCO competencies for the maintainer / integrator MOS — network architecture, IAVA / STIG cycle leadership, COMSEC custodianship at section level, IR / change-management board operations, NCOER writing and counseling cadence. The Foundry advanced catalog (DCGS-A advanced operator, intelligence systems integration, MI cross-domain solutions, cyber-defense advanced track) is the credential layer beyond MOS-school. The Cyber Center of Excellence at Fort Eisenhower offers senior-NCO offerings — the senior signal NCO and MI-systems NCO conversations both pass through Fort Eisenhower at some point in a career. CompTIA Security+ is the foundation; CCNP-Security, CASP+, and CISSP are the IAT-III credentials the warrant and the SSG NCOIC will start asking about; the SANS / GIAC family (GSEC, GCIH, GCIA, GCFA) is the industry-recognized cyber-analyst stack for soldiers tracking toward 35Q / 17C or post-service cleared cyber-operator roles. The warrant officer (255S / 255A / 255N / 352-series) packet candidacy conversation gets serious at SGT. The senior 35T warrant officer track runs through 255S (Information Services Technician) and 255A (Network Management Technician) on the signal-systems side, and the 352-series MI technicians on the MI-systems side (verify the current 35T-feeding 352 MOS designators with your career manager and the latest HRC warrant officer packet guidance; the 352-series MOS family has been restructured in recent years). The packet (DA 61, command recommendation, ASB, board file, technical-skill documentation, NCOER bullets, prior school records, cert stack) is approachable at senior SGT or junior SSG with strong chain support. Selection rates vary by cycle and by MOS family but have historically run in the 30-50% range for fully-qualified packets in the 255 family; pull the current HRC WO selection statistics before assuming. The post-school role is the brigade S6 / S2 / MICO technical bench officer — the technical SME on the staff. The honest test: are you the soldier who keeps asking why the architecture is built the way it is built? If yes, the warrant path is where you belong. The 35Z conversion conversation at SFC is on the horizon but not yet on the calendar. 35Z is the senior 35-series career management field designator — the senior-NCO bench across the MI specialties. At E-5 you are tracking the entry conditions and the prerequisite NCOERs / PME / time-in-MOS that the conversion typically requires; the actual conversion happens later. Verify the current HRC eligibility windows and the prerequisite PME / experience matrix before committing — the conversion-path rules have moved over the years and the most recent MILPER guidance is the source of truth, not what an older NCO told you.
Career Arc
  • 01E-5 SGT pin-on (post-BLC, post-cutoff, post-chain release).
  • 02Team leader / shift NCOIC assignment — 3-5 junior 35Ts at a BCT MICO maintenance section, divisional MI battalion enclave, theater MI brigade systems cell, 780th MI BDE slot, or 706th MI Group seat.
  • 03JQR / OJT third work-role signoff under STP 34-35T; mentor 2 SPCs through their first work-role qualification.
  • 04Cert stack maturation: CCNP-Security, CASP+, CISSP, GIAC family, AWS / Azure / Red Hat architect-level (ACA-funded where eligible).
  • 05TS/SCI with CI poly maintained through the full re-poly cycle; SCI compartments expanded as billet requires.
  • 06Warrant officer (255S / 352-series) packet candidacy conversation with the shop warrant and senior maintainer; packet submission typically as senior SGT or junior SSG.
  • 0735Q / 17C reclass conversation if applicable — windowed against the current HRC reclass MILPER.
  • 08ALC slot — Signal NCO Academy or USAICoE NCO Academy, several weeks academic. STEP gate for E-6.
  • 09First operational deployment cycle as SGT — tactical MI vehicle / shelter sustainment, NSA / COCOM rotation, or contested-network exercise.
  • 10Promotion to E-6: 48 mo / 10 mo + ALC + cutoff + chain release.
Common Screwups
  • ×Treating leadership and tech as separate jobs. The SGT 35T who runs the section but stops turning the wrench loses the technical credibility the SPCs follow; the SGT who runs the tech but skips the counseling cadence loses the NCOER narrative the senior rater needs to write.
  • ×Skipping the senior cert stack. CCNP-Security, CASP+, CISSP, GIAC family — the post-service salary delta between an E-6 with Sec+ / Net+ only and an E-6 with the senior IAT-III stack and a CI poly is materially real (the cleared sysadmin / network-engineer market in DC / NoVA / Fort Meade pays $90K-$160K+ for the senior credential bundle).
  • ×Missing ALC. No SSG pin-on without it; slot availability tightens as the year-group moves into the zone. The SGT who passes on the slot because the timing was not right is the SGT who watches the SSG cutoff close while a peer pins.
  • ×Clearance behaviors at SGT — financial irresponsibility, security incidents, undisclosed foreign contacts — worse propagation than at E-4 because the periodic reinvestigation cycle for TS/SCI with CI poly catches more, the CI poly itself becomes the gate the SGT cannot self-report past, and the senior NCO chain reads the SGT-level incident as a leadership-judgment problem on top of a clearance problem.
  • ×DUI / Article 15 / drug pop — separation under AR 635-200 chapter 14, clearance revocation cascade, end of the warrant officer packet conversation, end of the 35Q / 17C conversion option, end of the senior-cert ACA funding pipeline, and the 35Z conversation off the table permanently.

A Day in the Life

  • 0500Wake. Coffee. Phone check for overnight alerts, any IAVA notifications, any incident reports from the on-call rotation. At E-5 you are typically in the on-call rotation for the section — the senior maintainer the privates and SPCs page when something breaks at 0300.
  • 0530PT formation. Take accountability for your team (3-5 soldiers), report to the platoon sergeant or senior NCO. The team you brought to formation is the team the MICO or brigade sees.
  • 0545-0700Section PT. As a SGT you set the team's PT plan — rotate cardio, strength, recovery, and the targeted work for the soldiers in your diagnostic-ACFT range. The team runs at your pace; the MI / cyber community is constantly reading the maintainer section for the soft-soldier stereotype, and your section's ACFT pass rate is the slide the brigade S2 SGM reads.
  • 0700-0900Hygiene, DFAC or barracks breakfast, change into OCPs. Walk to the SCIF systems room or the MICO maintenance bay. Sergeants typically arrive 15 minutes before first formation to clear the inbox, check overnight tickets, and read the brigade S2 / S6 IAVA scorecard before the morning stand-up.
  • 0900Morning stand-up. The senior maintainer or SSG NCOIC walks the previous day's metrics and the day's priorities. You brief your section's status — DCGS-A uptime, IAVA progress, project work, any incidents, COMSEC handling rotations. The OIC or warrant assigns new work directly to you for the team.
  • 0915-1130Section work. You run the team's daily project work — patch cycle preparation, AD cleanup in the team's delegated OU, STIG remediation, IAVA closure tracking, DCGS-A service-health checks, COMSEC sub-account daily entries. The privates and specialists do the hands-on work; you supervise, escalate, witness key loads on COMSEC, cover the harder tickets they bring you.
  • 1130-1300Chow. You eat with the other SGTs in the shop — the squad-leader rule that the SGT does not sit at the soldiers' table holds here. The senior NCO conversation at the SGT table is where the shop's informal communication happens.
  • 1300-1500Afternoon work. Counseling sessions if you have monthly DA 4856s due on your team (block 30 minutes per soldier, take it seriously). NCOER input cycles. School-packet review for soldiers you are sending to BLC or vendor schools. Project work continues; COMSEC inventory check on the section rotation.
  • 1500-1630Final huddle. SF 702 walk-around begins; SF 701 end-of-day SCIF checklist; classified destruction line if it is your day on the rotation; COMSEC containers locked and logged. Hand-receipt reconciliation; sensitive items checked in. The platoon sergeant or senior maintainer gives the next day's plan; you brief your team off it.
  • 1630Released, most days. The senior tech rotation runs on you — if there is a critical evening brief or a 24-hour maintenance window, you stay or come back for it. The on-call rotation may bring you back at 0200 for a system-down page.
  • 1700-2000Personal time. Family time if you are married (BAH-with-dependents at E-5 typically means off-post housing and a real family life). Single soldiers: gym, study, social. The cert stack at E-5 is the senior credentials — CCNP-Security, CASP+, CISSP, the GIAC family, cloud architect-level. The off-duty hours are still the cert-stack hours.
  • 2000-2200After-hours soldier conversations. The SGT's after-hours job is real at this rank — financial counseling for a soldier who got into a predatory loan, marital counseling routing for a soldier whose marriage is breaking, the soldier in the barracks who needs to hear from his SGT and not from his SSG. You route, you do not solve; ACS, S-1, SJA, MFLC, the chaplain are the offices.
  • 2200Lights out. Tomorrow starts at 0500.
  • Field rotation (CTC / FTX / contested-network exercise / NSA or COCOM rotation)You are the section NCOIC for the tactical comms / MI-systems element. Your team installs and sustains the brigade's Prophet Enhanced shelter, the BCT TOC SCIF, the tactical SIGINT extension, and the DCGS-A node through the rotation. Sleep is in shifts; the DCGS-A and the SIGINT processor have to stay up; the BCT CO's BUB has to happen on time. The senior maintainer, the warrant, and the OC/T watch how you sustain the iron at hour 200 — that read sets the next year of assignments. The 14-day rotation feels like 30. For an NSA or COCOM rotation, the OPTEMPO is different — sustained operational, less tactical-physical, but the analytic and IT-compliance standards are applied with the rigor the IC publishes.

Weekly Cadence

The week at E-5 in a BCT MICO maintenance section or brigade S2 systems cell runs on two parallel rhythms: the team's technical work and the team's soldier-care work. Monday is the heaviest planning day — the morning stand-up assigns the week's priorities, you brief the team off the plan, and you triage the soldier-level items (counseling sessions due, school packets in motion, NCOER inputs needed, COMSEC inventory rotation, CV check-ins via the SSO if a CV alert needs walking through). The senior maintainer and the warrant hand you the week's critical projects in the stand-up; your team's execution is what they read on Friday. Tuesday and Wednesday are typically the work-heavy days. The team runs the daily ticket queue, the patch-cycle preparation, the AD cleanup work, the IAVA closure tracking, the DCGS-A service-health passes, the COMSEC daily log entries. As the SGT you supervise the hands-on work, witness the COMSEC key loads, cover the harder tickets the privates and specialists escalate to you, and run a structured drill on a system you and your team are signed off on (federation handshake on DCGS-A, GPO push test in the lab OU, STIG hardening verification on a workstation batch). You take one counseling session per day at minimum on Tuesday-Thursday so the monthly DA 4856 cadence does not pile up at the end of the month. Thursday is often the senior-NCO project day — the brigade S2 / S6 working group, the IAVA review board, the cyber-readiness brief preparation, the change-management board if there is a major change scheduled. Friday is the company-level event and release; the team clears the queue, closes the IAVA tickets, walks the SF 702, and you brief the OIC on the week's deliverables. The week's other rhythm at E-5 is the senior cert stack and the WO / 35Q / 17C / 35Z conversation. CCNP-Security is a 9-12 month study commitment; CASP+ is a 3-6 month commitment; CISSP requires endorsed experience and is a multi-month commitment; the SANS / GIAC family is intensive and expensive but ACA-funded for select roles. The 255S / 352-series warrant officer packet conversation typically happens at the senior maintainer and warrant level in the shop — the warrant in the unit will mentor a SGT who is showing the technical depth and the leadership profile. The 35Q / 17C reclass conversation is still open at E-5 and the chain's recommendation is the leading indicator; pull the current HRC reclass MILPER for the timing window. The 35Z conversion conversation at SFC is on the horizon but not yet on the calendar — track the entry conditions and the prerequisite PME / experience matrix; verify the current eligibility rules with your career manager. CTC train-ups and rotations collapse the week's rhythm. When the brigade is in a CTC train-up cycle, garrison time becomes preparation time and family time becomes the conversation you have with your spouse about why you were not home for dinner three nights this week. The contested-network exercises, the Prophet Enhanced field rehearsals, the BCT TOC SCIF stand-up drills — the rhythm runs hot for weeks. On the back side, the garrison rhythm rebuilds, but the read the rotation left in the senior maintainer's head and the warrant's head does not.

Key Skills — How to Drill Each

  1. 01
    Lead a 3-5 soldier maintainer section through an MI systems site survey, install, validate, and sustain cycle — for a tactical SIGINT package (Prophet Enhanced shelter, BCT SIGINT extension), a SCIF infrastructure stand-up, or a theater Trojan family fit — to the unit Mission Essential Task List standard.
    The site survey is the most consequential hour of the field cycle — you walk the ground with the section, identify antenna line-of-sight and SATCOM geometry, plan cable runs that will not be cut by HMMWV or M-ATV traffic, identify generator placement and power redundancy, and document the layout before you commit. Brief your soldiers off the diagram with the same five-paragraph order discipline an infantry SGT uses on a squad-level OPORD: situation, mission, execution, sustainment, command and signal. Rehearse the install in garrison before the field problem — the team that has rehearsed the rack-and-stack and the receiver-to-processor signal flow is the team that comes up on the network in 6 hours, not 16. The senior maintainer's read on your section is set in the first 24 hours of the rotation; the warrant's read is set by hour 200.
  2. 02
    Run an Information Assurance Vulnerability Alert (IAVA / IAV) closure cycle on the MI enclave inside the published timeline — track, patch, validate, report — and defend the residual risk to the warrant and the S2 / S6 OIC.
    When the IAVA drops, the timeline is published in the alert message. Pull the affected-systems list within the first 24 hours; build the closure plan with patch deployment windows and a test ring; push the patches on the planned windows; run STIG Viewer or the IAVA-specific validation tool to confirm; report compliance to the brigade S2 / S6 OIC and the warrant. The IAVA scorecard rolls up monthly to brigade level; a missed timeline is a finding the BCT CO sees on the slide. For findings you cannot remediate inside the window (vendor-dependent patches, mission-impact tradeoffs, ATO-bounded exceptions), document the residual risk in a POAM with a milestone — the warrant signs the POAM and the brigade ISSM endorses it.
  3. 03
    Conduct a real change-management board on an MI network — risk, rollback, validation, sign-off — without the senior maintainer rewriting your package.
    Even a small change (firewall rule, GPO update, switch config, DCGS-A service config) goes through a documented CAB process: change description, risk assessment, rollback plan, validation criteria, sign-off chain. Build the brigade S6 / S2 CAB template into the section's standard procedure. The senior NCO who runs disciplined change-management is the one whose section never causes the 0200 outage during the BUB; the senior NCO who does not is the one the brigade S6 / S2 OIC has to defend in front of the BCT CO. Test the change in the lab OU before you push to production; validate the rollback procedure on the lab side; brief the change to the warrant and the SSG NCOIC before you execute. The SPCs and PFCs in your section follow how you run the board — that discipline is what the section will carry forward when you move up.
  4. 04
    Run the COMSEC account at the section level under AR 380-40 — EKMS / KMI key handling, LCMS / DTD log discipline, destruction line, semi-annual inventory inspection-ready.
    At SGT you are signing the daily log entries, witnessing the SPCs on key loads, running the destruction line on the section's rotation, and preparing the section for the semi-annual COMSEC inventory inspection under AR 380-40. The inspection is run by the unit COMSEC custodian and the SSO; findings roll up to the brigade S2 OIC. Page-count, signature, witness signature, log entry, container locked, SF 702 stamped — every single entry, every day. The SGT 35T who treats every daily entry like it is going to be audited is the SGT whose section clears the semi-annual inventory without a finding. The SGT who cuts a corner once is the SGT whose name appears in the inventory report — and the consequences in this MOS for an AR 380-40 violation are career-defining.
  5. 05
    Onboard a new specialist or PFC and have them productive on the maintenance floor in two weeks — STIG familiarity, JQR pipeline, ticket discipline, SCIF discipline, COMSEC handling habits built.
    Build a written onboarding checklist for the section — week-one shadow rotation with the senior maintainer, week-two solo tier-1 ticket work with the SGT supervising, week-three STIG familiarization and IAVA cycle observation, week-four ticket-discipline review and JQR first-signoff push. Counsel the new soldier on initial expectations within 30 days of arrival per AR 623-3 (DA 4856, required, signed, filed). The two-week productive standard is what differentiates a SGT who builds a team from a SGT who carries a team. The SPCs and PFCs you onboard well become the SPCs and PFCs the next SGT NCOIC inherits with the work already done; the SPCs and PFCs you onboard poorly become the next SGT's problem and the read on you stays with the section.
  6. 06
    Write an incident-response report to ARCYBER / brigade S2 standard — timeline, indicators, containment, eradication, recovery, lessons learned — and brief it to the BN / brigade S2 OIC without flinching.
    The NIST SP 800-61 incident-handling framework is the spine the Army quietly maps to. When the incident happens (phishing on a senior officer, credential compromise, malware on a DCGS-A workstation, USB device-class violation, cross-domain spillage), the timeline is the most important deliverable — every action with a timestamp, every indicator with a source, every containment step with the soldier who executed it. ARCYBER's reporting timeline is short; the IR ticket is your evidence. Eradication and recovery come from the runbook; lessons learned is the section's AAR. The report is what ARCYBER reads and what the brigade S2 / S6 OIC defends in front of the BCT CO at the next BUB. Brief it cleanly — the SGT who walks the IR brief without flinching is the SGT the OIC trusts with the next incident.

Manuals & References — What Chapters Matter

  • AR 25-1 — Army IT; AR 25-2 — Army Cybersecurity; AR 380-5 — Information Security; AR 380-40 — COMSEC
    At E-5 you are now the senior maintainer defending procedures the regs specify. AR 25-2 is the cyber side — account management, incident reporting, training compliance, system authorization. AR 25-1 is the policy roof. AR 380-5 governs your daily classified-handling life. AR 380-40 governs your COMSEC custodianship at section level. You will be quoted out of all four during your CCRI / CORA prep, the SSO's quarterly walk-around, the semi-annual COMSEC inventory, and the periodic IG cyber-readiness review. Tab the paragraphs your section's procedures depend on.
  • AR 381-10 — US Army Intelligence Activities; AR 381-12 — TARP; DoDD 5240.01 — DoD Intelligence Activities; EO 12333
    AR 381-10 governs Army intelligence activities and the Procedures 1-15 oversight rules — at SGT you are responsible for ensuring your section's daily work stays inside the boundary. AR 381-12 (TARP) is the self-reporting reg you brief your SPCs and PFCs on at counseling. DoDD 5240.01 and EO 12333 are the parent governance. The CI office, the SSO, and the IG inspect on all of these; the SGT 35T whose section knows the reporting windows is the SGT whose section does not generate the CI referral.
  • ICD 503 — IC IT Systems Security Risk Management; ICD 705 — SCIF Accreditation Standards; ICD 203 — Analytic Standards
    ICD 503 is the IC-wide IT compliance standard the CCRI / CORA grading framework maps to — at SGT you are now defending the unit's posture against it. ICD 705 is the physical-security standard for the SCIF — you support the SSO and the cognizant authority through the re-accreditation cycle. ICD 203 is the analytic standards the systems you maintain support — read enough to understand how source-citation discipline and confidence-call discipline depend on the systems your section keeps running.
  • DoDM 8140 — Cyberspace Workforce Qualification (the IAT chart you sign your soldiers off against)
    At E-5 you are responsible for ensuring your team is in compliance with DoDM 8140. The brigade S2 / S6 audit reads the unit roll-up and finds the soldier who is not IAT-compliant — and finds the SGT whose section the soldier is in. Know which IAT level each of your soldiers maps to and which credentials keep them current. The audit is conducted at brigade level quarterly; the unit-level workforce-qualification roll-up is the slide the BCT CO reads.
  • DoDM 5105.21 — SCI Administrative Security Manual; AR 380-67 — Personnel Security Program
    DoDM 5105.21 is the SCI admin-security plumbing — the day-to-day inside the SCIF. AR 380-67 governs your soldiers' continued eligibility — periodic reinvestigation, CI poly, foreign contact reporting, financial responsibility, lifestyle. The SSO inspects on both. At SGT you are the first-line NCO who counsels your soldiers on AR 380-67 requirements — and you are the NCO who flags a soldier's lifestyle drift before it becomes a CV alert.
  • NIST SP 800-53 — Security and Privacy Controls; NIST SP 800-61 — Computer Security Incident Handling Guide
    NIST SP 800-53 is the parent control set under every Army cyber reg — AR 25-2 maps to it, the RMF process consumes it, every ATO authorization package is built against it. NIST SP 800-61 is the IR playbook the Army quietly maps to — the four phases (preparation, detection and analysis, containment / eradication / recovery, post-incident activity) are the four sections of every IR report you write. The next CCRI auditor will ask you to walk through them; the answer is the one in NIST 800-61, not the one you improvise.

Standards — How to Hit Each

  • IAT-II maintained; IAT-III in hand or in motion depending on the billet (CCNP-Security, CASP+, or CISSP on the DoDM 8140 list).
    IAT-III is the senior IT certification floor — DoDM 8140-compliant credentials are CCNP-Security, CASP+, CISSP, GIAC family equivalents. The 8140 chart in the unit S2 / S6 SOP lists the specific certs that map. Recertification timelines vary — CCNP is 3 years with CEU options; CASP+ is 3 years with CE; CISSP requires CPE submission. Track the expiration in ATCTS and renew before the lapse — the lapsed cert removes you from the IAT-III billet, which removes you from the work the OIC was about to assign. ACA funds the exam fees through ArmyIgnitED; submit early in the fiscal year before the annual cap fills.
  • BLC graduate; ALC slot built and ready when the schedule drops; SLC packet conversation in motion for the SGT tracking toward SSG.
    ALC slot requests run through ATRRS via your S-1 / S-3 — submit through the SSG NCOIC as soon as the chain recommends you, typically 12 months before E-6 promotion zone. 35T ALC runs at the Signal NCO Academy or USAICoE NCO Academy depending on the cohort and the current course assignment. SLC packet (for E-7) starts the moment you pin SSG — slot availability for SLC tightens faster than for ALC because the senior-NCO inventory is smaller. Phone in ALC and the brigade S2 SGM will hear about it from the NCO Academy CSM.
  • Section IAVA closure at or above 95% inside the prescribed window; zero CAT-1 unresolved past the deadline.
    Track the section's metrics weekly in the brigade S2 / S6 IAVA scorecard. The 95% floor is what the brigade reports up; your section's number is the one that drives the unit roll-up. Build the team's discipline around IAVA categorization, patch-cycle scheduling, and closure documentation. The SGT whose section runs at 95%+ is the one the warrant and the OIC name in the slide; the SGT whose section runs at 85% is the one the warrant has to defend at the brigade S2 / S6 working group.
  • NCOER bullets in action-result-impact format — patch compliance %, ticket throughput, JQR pipeline velocity, IAVA closure rate, no demonstrated outstanding performance filler.
    Write your soldiers' NCOER bullets in measurable deliverables — led IAVA closure on 14 critical patches with 100% on-time compliance, sustained Prophet Enhanced uplink through 14-day JRTC rotation with 99.6% uptime, mentored 3 specialists through Sec+ certification with 100% first-sit pass rate, managed 240-workstation Windows 11 migration with zero unscheduled outages. The senior rater will call you for clarification on bullets that describe what the soldier did, not on bullets that read like a yearbook. Specific bullets pick up promotion points; generic bullets do not.
  • ACFT 560+ as a floor — the MI guys do not get to skip the test and the SCIF gets a reputation fast.
    PT compliance is the section's problem before it is the soldier's problem. Run section PT 2-3 days per week as the team leader; identify the soldiers in the diagnostic ACFT score range who need targeted work; pair them with strong-PT soldiers in the section for accountability runs. The brigade S2 / S6 senior NCO's slide tracks ACFT pass rate by section — the SGT whose section is below the brigade average is the one the senior NCO has the conversation with. The MI / cyber community has worked hard to shed the soft-soldier stereotype; do not put it back on your section.

Technical Mistakes — Concrete Consequences

  • Letting a junior maintainer act as IAT-II or IAT-III when they are not currently certified.
    The DoDM 8140 audit catches the uncertified soldier sitting in an IAT-coded billet, and the failure is on you as the team leader who signed the soldier into the role. The cleanup is a counseling that lives in your file, a corrective-action plan submitted to the brigade S2 / S6 OIC, and the soldier off the billet until the cert is sat. The brigade-level workforce-qualification roll-up reads the gap; the BCT CO sees it on the slide.
  • Counseling soldiers verbally without DA 4856 documentation.
    AR 623-3 requires written counseling — monthly minimum and event-driven on top. If the SPC's credential lapse, property-accountability slip, or COMSEC handling error is not in writing, the senior rater cannot defend you at the next NCOER cycle and the SSG NCOIC cannot help you when the chain asks why the soldier was not corrected sooner. The SGT 35T who counsels verbally is the SGT whose soldier reaches Article 15 territory with no paper trail and the chain finds the SGT was the proximate gap.
  • Bypassing the brigade S2 / SSO on a CI / TARP / insider-threat indicator your soldier surfaced.
    AR 381-12 (TARP) is not optional. The SSO will hear about the indicator from someone else first — the CI office, the SSO's own walk-around, the next CV alert cycle — and the brigade S2 OIC reads the gap as a leadership-judgment problem on top of the original indicator. The SGT 35T who routes a TARP indicator through the right channel inside the published window is the SGT the SSO trusts with the next one. The SGT who sits on it is the SGT whose name appears in the next CI summary.
  • Accepting a verbal change request from a senior officer in the SCIF without ticketing it through the CAB.
    The change blows up at 0200, there is no paper trail, and the only person on the phone is you. The senior officer who made the request does not remember making it; the SSG NCOIC and the OIC have to reconstruct what happened from logs. The cleanup is the change-management training the brigade S6 / S2 will roll out the next month — and your name is the example in the deck. The fix is one sentence: Sir / ma'am, I will open the ticket and we will execute through the CAB.
  • Loaning MI gear (a laptop, a DTD, a serialized cable kit, a portable storage device) without a sub-hand receipt.
    Property accountability on MI-specific kit is the line the Army does not let any NCO cross twice. The unsigned-out item becomes a missing item becomes a FLIPL becomes a counseling becomes an Article 15 in the worst case. The right answer takes 30 seconds — sub-hand receipt in DPAS / GCSS-Army or the local property book equivalent, signature, witness, copy in the binder. The wrong answer is months of paperwork and a permanent mark in your file. For MI-coded gear with classified-handling implications, the wrong answer also pulls in the SSO and the CI office.

Career Decisions at This Rank

  • Warrant officer (255S Information Services Technician / 255A Network Management Technician / 255N Network Operations Technician / 352-series MI Technician) packet.
    The 255S / 255A / 255N / 352-series WO path is the highest-impact technical career in the signal and MI-systems community. The packet (DA 61, command recommendation, ASB, board file, technical-skill documentation, NCOER bullets, prior school records, cert stack) is approachable at senior SGT or junior SSG with strong chain support. Selection rates vary by cycle but have historically run in the 30-50% range for fully-qualified packets in the 255 family; the 352-series MOS family has been restructured in recent years — verify the current 35T-feeding 352 MOS designators and selection rates with your career manager and the latest HRC warrant officer packet guidance. The school pipeline (WOCS at Fort Novosel followed by the MOS-specific WOBC at Fort Eisenhower or Fort Huachuca, several months total) puts you on a different career arc. The post-school role is the brigade S6 / S2 / MICO technical bench officer — the technical SME on the staff. The honest test: are you the soldier who keeps asking why the architecture is built the way it is built? If yes, the warrant path is where you belong.
  • 35Q (Cryptologic Cyberspace Intelligence Collector) or 17C (Cyber Operations Specialist) reclass at SGT.
    Reclassing at SGT means going through the school as an NCO with leadership credentials in addition to the technical training. The 35Q school pipeline at Fort Eisenhower (the renamed Fort Gordon, 2023) and the 17C school pipeline (also at Fort Eisenhower) run several months each and the wash rates are real. Post-school, 35Q NCOs serve in NSA / CSS-co-located cryptologic units and ARCYBER formations; 17C NCOs serve in Cyber Mission Force teams, the 780th MI Brigade, ARCYBER operational units, and joint cyber commands. The post-service market for 35Q and 17C-trained NCOs is materially stronger than for general 35T — the cleared cyber-operator market in DC / NoVA / Fort Meade pays $100K-$160K+ for the senior credential bundle. The chain's recommendation is the leading indicator; talk to the senior maintainer and the warrant about whether they will support the packet. Pull the current HRC reclass MILPER for the timing window and the post-service ADSO implications.
  • ALC slot timing — early vs late in the E-5 zone.
    ALC is the STEP gate for SSG (E-6) — no SSG pin-on without it. 35T ALC runs at the Signal NCO Academy or USAICoE NCO Academy depending on the cohort and the current course assignment, several weeks academic. Slot availability tightens as the year-group moves into the promotion zone; submit through ATRRS / S-3 12 months before zone-eligibility. The trade-off is missing the slot you wanted because the chain wanted you on a project or a CTC rotation. Talk to the SSG NCOIC about the chain's preferred timing; the answer is usually 12-18 months before you go board-eligible. Show up to ALC at standard PT with the section-leader habits already built — your record at ALC follows you back to the unit.
  • Reenlistment / RETAIN / indefinite-status at second-term ETS.
    The SRB (Selective Retention Bonus) for 35T and the CSRB (Critical Skills Retention Bonus) for the 35Q / 17C / cyber-side conversions are published in the current HRC SRB and CSRB MILPER messages and vary year over year. At E-5 the conversation with the retention NCO is structured around the 6-year vs 8-year vs indefinite-status decision. Indefinite-status (per AR 601-280) is available to soldiers who pin SSG and is the path for the soldier planning to make 20 years. The cleared-contractor market post-service is the comparison set — a $100K-$160K+ civilian cleared cyber-IT job vs the active-duty re-up package. The honest math: the soldier who plans a 20-year career takes indefinite status as soon as it is offered; the soldier who is unsure takes the 6-year option with the bonus and revisits at the next ETS. The trap: signing a 6-year option for the bonus when the family situation cannot sustain six more years.
  • Special-duty / Drill Sergeant / Recruiter / Cyber NCO instructor at Fort Eisenhower or USAICoE NCO instructor at Fort Huachuca.
    TRADOC special-duty assignments are 3-year tours that age you fast and visibly differentiate your career profile. The Drill Sergeant identifier is a known check at the E-7 board; the Recruiter identifier is a different career signal. Cyber NCO instructor at Fort Eisenhower (the renamed Fort Gordon, 2023) is the cyber-side TRADOC tour — teaching the next generation of 35Ts, 35Qs, 25Bs, and 17Cs at the Cyber Center of Excellence. USAICoE NCO instructor at Fort Huachuca is the MI-side TRADOC tour — teaching the next generation of 35-series soldiers at the Intelligence Center of Excellence. The cost: family quality-of-life is brutal during a Drill Sergeant tour; Recruiter tours move you to a small civilian community where you are the Army to your neighbors. The TRADOC instructor tours are gentler on family but the academic load is real. Some careers are made by SDA / TRADOC tours; some marriages are broken by them. Talk to NCOs who have done the tour before you volunteer.

How the Seat Varies by Unit Type

  • BCT MICO maintenance section / brigade S2 systems cell (IBCT, SBCT, ABCT)
    The most common E-5 assignment. As a SGT in a BCT MICO maintenance section or brigade S2 systems cell you are a team leader (typically 3-5 soldiers) covering a specific section of the brigade's MI footprint — DCGS-A administration, the Prophet Enhanced field-fit team, the SCIF networking and storage line, the COMSEC sub-account, tactical comms vehicle support. The work is broad; the leadership profile is the standard team-leader-in-a-tactical-shop pattern. The senior maintainer, the warrant, and the brigade S2 OIC are the leaders watching your read. CTC rotations (NTC for ABCT/SBCT, JRTC at Fort Johnson for IBCT/light, JMRC at Hohenfels for Europe-stationed BCTs) are the formative readings.
  • Divisional MI battalion / MEB MI element / Theater MI Brigade (470th JBSA / SOUTHCOM, 500th Schofield / INDOPACOM, 501st Korea, 66th Wiesbaden / EUCOM, 513th Fort Eisenhower / CENTCOM, 207th Africa)
    A deeper bench than the BCT and an operational-strategic seat. Divisional MI battalions support the division G2 across the brigades; theater MI brigades support a CCMD J2 with the strategic-SIGINT family (Trojan) and theater DCGS-A integration. SGTs in these units lead teams in deeper-technical work than the BCT MICO produces — the senior maintainer bench is bigger and the warrant officer slot count is higher. The 11th SB-T equivalents on the signal-systems side feed the same career arc. The OPTEMPO is different from a BCT (less tactical, more sustained operational), the family quality-of-life is materially better in many cases, and the post-service career arc weights theater experience for the technician and senior-NCO tracks.
  • 780th MI Brigade at Fort Eisenhower (the renamed Fort Gordon, 2023) / Cyber Protection Brigade
    The cyber-MI elite track. SGTs in a 780th MI Brigade slot lead small cyber-mission-force elements with TS/SCI with CI poly clearance and offensive / defensive cyber operations as the mission. The career math is different — these SGTs are on the warrant officer (170A cyber warrant) pipeline or the 17C / 35Q senior-NCO pipeline. The post-service market for cyber-operations NCOs is materially stronger than for general 35T — the cleared cyber-operator market pays at the top of the cleared IT salary band. Selection into a 780th slot at E-5 is competitive; the chain's recommendation and the cert stack are both leading indicators.
  • 706th MI Group at Fort Meade (NSA / CSS-adjacent) / INSCOM HQ at Fort Belvoir
    The national-strategic seat. The 706th MI Group operates alongside NSA / CSS infrastructure at Fort Meade and supports the cryptologic enterprise; INSCOM HQ at Fort Belvoir runs the above-brigade Army MI architecture. SGTs in these units lead teams on the IC-wide systems problem set — federated query infrastructure to national agencies, NSA / CSS-side enclave administration, INSCOM-level cross-domain solution support. The work is closed-access in ways a BCT shop is not. Career-defining for the 35T on a national-IC track; the post-service market into NSA / DIA / CIA / FBI civilian roles and into the IC contractor market (Booz, Leidos, SAIC, CACI, MITRE, Accenture Federal, ManTech) is the strongest in the MOS.
  • Joint or coalition staff (JTF J6 / J2 systems, NATO-led headquarters, INDOPACOM J6 augmentation, EUCOM J6 augmentation) / COCOM J2 / J6 strategic signal billet
    Uncommon at E-5 but possible for the soldier with the right cert stack, clearance, and chain support. These are joint headquarters IT and MI-systems shops — the joint task force communications and MI-systems backbone, the COCOM J6 / J2 directorates. Joint duty exposure compounds early; the SFC and MSG boards weight joint time, and getting it as an E-5 puts the soldier ahead of the standard timeline. The work is high-OPSEC; the standards are exacting. The cleared post-service market for joint-experienced senior cleared IT NCOs is the strongest tier of the IC contractor market.

What Good Looks Like at This Rank

The good SGT 35T runs a section the brigade S2 OIC names without thinking — DCGS-A uptime green, IAVA green, COMSEC clean, no surprises in the BUB, soldiers stacking Sec+, CCNA, CCNP-Security, and the 35Q / 17C / WO packets if they want them. The senior warrant on the team fights for him on the slate; the senior maintainer mentors him on the technician path; the contractor on rotation already has a phone call lined up for the day he files for ETS — the IC contractor market (Booz, Leidos, SAIC, CACI, MITRE, Accenture Federal, ManTech) is the constant fallback for the cleared senior maintainer with the cert stack and the CI poly. He does not announce himself. He runs his team the way the senior 35Ts ran their teams before him — counseling on the calendar, weekly stand-up, project assignments by competence not by favoritism, NCOER bullets that read in measurable deliverables. His section knows the IAVA timeline, the change-management board cadence, the COMSEC log discipline, and the SCIF handling rules cold — because he built the muscle memory at the section level over a year of consistent practice. His SPCs are sitting Sec+ on first attempt; his PFCs are clearing the SF 702 walk without anyone asking; his COMSEC sub-account clears the semi-annual inventory inspection without a finding. In the field his section comes up on the network in 6 hours because they rehearsed the rack-and-stack in garrison. The Prophet Enhanced shelter is at operational uplink before the BCT TOC SCIF stand-up is finished — because he ran the site survey honestly the first day and the cable runs are where they belong. The DCGS-A node does not drop because he validated the runbook with the team before the rotation started. The brigade BUB happens on time on day three because his uplink stayed up overnight on generator power and the SSG NCOIC sleeping in the back of the tent did not have to be woken up. The senior maintainer's read on him at hour 200 of the rotation is what sets the next year of school slots — ALC submission, the warrant officer 255S / 352-series packet conversation, the brigade-level project the warrant trusts him with next quarter. In garrison he runs disciplined change-management — every change goes through the CAB template, every IAVA closes inside the timeline, every patch deployment has a test ring and a rollback plan. His soldiers are 100% IAT-compliant under DoDM 8140; his section ACFT pass rate is above the brigade average; his NCOER bullets on his soldiers describe what each soldier did with numbers attached. When the centralized E-6 cutoff drops, he is sitting above the line on points and ALC is already complete. The chain releases him without hesitation, and the warrant is already working on the brigade-level project that will be his first SSG-rank platform.

Preview — The Next Rank

Staff Sergeant 35T (E-6) is the load-bearing senior MI-systems NCO rank — the squad-equivalent leader in the maintainer world. As an SSG you typically run a 10-15 soldier MI-systems shop — a DCGS-A administration platoon, a BCT MICO maintenance section at the senior-NCOIC level, a Prophet Enhanced maintenance bay, or a SCIF infrastructure cell at a named MI brigade (780th at Fort Eisenhower, 706th MI Group at Fort Meade, 470th at JBSA-Fort Sam Houston, 500th at Schofield, 501st in Korea, 66th at Wiesbaden, 513th at Fort Eisenhower supporting CENTCOM, 207th for Africa, INSCOM HQ at Fort Belvoir). You write the brigade MI-systems input to the QTB. You sit on the brigade IA governance board with the S2 and S6 OICs. You build the next two section sergeants into the SSG slate. You will brief brigade-level cyber and system-readiness posture to an O-6 at least once a quarter, and you will defend the residual-risk line to a colonel who wants the analytic line up tonight regardless of what the patch cycle says. The promotion math to E-7 SFC runs through the same AR 600-8-19 framework, with the senior-NCO inventory math tightening further. SLC (Senior Leader Course) is the STEP gate for SFC. MLC (Master Leader Course) is the next STEP gate beyond that. The 35Z conversion conversation at SFC becomes real on the calendar — 35Z is the senior 35-series career management field designator, and the conversion-path eligibility rules and prerequisite PME / experience matrix should be verified with your career manager and the latest HRC SELCONT MILPER, because the rules have moved over the years. The senior cert stack at SSG is where the post-service economic case crystallizes. CCNP-Security maintained, CASP+ or CISSP on the wall, the SANS / GIAC family for the cyber-deep soldiers, AWS / Azure / Red Hat architect-level for the cloud-leaning track. The cleared senior maintainer market at this rank with TS/SCI and CI poly is $100K-$160K+ in the DC / NoVA / Fort Meade / Colorado Springs / Tampa labor markets. The cleared contractor on rotation is now asking for your card before the rotation ends; the NSA / DIA / CIA / FBI / DHS / DoD civilian side is the comparison option for the senior NCO planning ETS. The warrant officer (255S / 255A / 255N / 352-series) packet conversation is now a decision, not a conversation — the SSG who decides yes submits the packet inside the next two cycles; the SSG who decides no commits to the senior-NCO track through E-7 / E-8 / E-9.
FAQ

35T E5 — Frequently Asked Questions

Q01What does a E5 35T (Military Intelligence (MI) Systems Maintainer/Integrator) actually do?
You own a 3-5 soldier maintainer section — the DCGS-A administration cell, a tactical SIGINT vehicle team, the SCIF networking and storage line, the COMSEC account, or the Prophet / Trojan maintenance bay.
Q02What's the most important thing to know as a E5 35T?
Sergeant 35T is the rank where you stop being the maintainer who turns the wrench and start being the NCO who signs for the iron the section runs.
Q03What does a typical day look like for a E5 35T?
Time-blocked day at the E5 35T rank tier: 0500 Wake. Coffee. Phone check for overnight alerts, any IAVA notifications, any incident reports from the on-call rotation. At E-5 you are typically in the on-call rotation for the section — the senior maintainer the privates and SPCs page when something breaks at 0300, 0530 PT formation. Take accountability for your team (3-5 soldiers), report to the platoon sergeant or senior NCO. The team you brought to formation is the team the MICO or brigade sees, 0545-0700 Section PT. As a SGT you set the team's PT plan — rotate cardio, strength, recovery,…
Q04What mistakes get E5 35T soldiers fired or relieved?
Treating leadership and tech as separate jobs. The SGT 35T who runs the section but stops turning the wrench loses the technical credibility the SPCs follow; the SGT who runs the tech but skips the counseling cadence loses the NCOER narrative the senior rater needs to write; Skipping the senior cert stack. CCNP-Security, CASP+, CISSP,…
Q05What career decisions matter most at the E5 35T rank tier?
Warrant officer (255S Information Services Technician / 255A Network Management Technician / 255N Network Operations Technician / 352-series MI Technician) packet — The 255S / 255A / 255N / 352-series WO path is the highest-impact technical career in the signal and MI-systems community. The packet (DA 61, command recommendation, ASB, board file, technical-skill documentation, NCOER bullets, prior school records, cert stack) is approachable at senior SGT or junior SSG with strong chain support.…
Q06What's next after E5 for a 35T (Military Intelligence (MI) Systems Maintainer/Integrator) in the Army?
Staff Sergeant 35T (E-6) is the load-bearing senior MI-systems NCO rank — the squad-equivalent leader in the maintainer world.
Q07What manuals and regulations does a E5 35T need to know cold?
AR 25-1 — Army IT; AR 25-2 — Army Cybersecurity; AR 380-5 — Information Security; AR 380-40 — COMSEC.; AR 381-10 — US Army Intelligence Activities; AR 381-12 — TARP; DoDD 5240.01 — DoD Intelligence Activities.; ICD 503 — IC IT Risk Management; ICD 705 — SCIF Accreditation; ICD 203 — Analytic Standards (you support the analysts who live by it).

This playbook has no tips yet. Be the first to share what you know.

Published by the Honest MOS Editorial DeskVerified against DoD/.gov sourcesUpdated May 2026Editorial standards