Skip to main content
HonestMOS
InvestigationsCongress made VA disability claims free to file. An entire industry charges veterans anyway — and nobody can stop them.
Back to 35T Military Intelligence (MI) Systems Maintainer/Integrator — overview, pay, training, civilian translation, reviews
35TE6

Military Intelligence (MI) Systems Maintainer/Integrator

E-6 (Staff Sergeant) · Army

HEADS UP

Staff Sergeant 35T is where the title 'MI Systems Maintainer / Integrator' stops being a help-desk job and starts being the senior enlisted technical authority for the brigade's MI iron. You own 6-12 maintainers, you sit on the brigade IA governance board next to the S2 OIC, the senior MI warrant, and the SSO, and you defend the residual-risk line to a colonel who wants the analytic line up tonight regardless of what the patch cycle says. ALC is behind you; the SLC packet at the Cyber Center of Excellence NCO Academy at Fort Eisenhower (formerly Fort Gordon, renamed 2023) is in motion; the 255A / 352-series warrant officer conversation is on your desk every quarter; the IAT-III stack (CCNP-Security, CASP+, CISSP) under DoDM 8140 is the senior credential ladder the post-service market reads.

The Honest MOS Read
Staff Sergeant 35T is the rank where the Army stops calling you a maintainer and starts treating you as the senior enlisted technical authority for a Military Intelligence shop's iron. You are the SSG running a brigade MICO maintenance section, a DCGS-A administration platoon, a Prophet or Trojan maintenance bay, a SCIF infrastructure cell at a named MI brigade, or a senior 35T billet at an INSCOM enterprise team. The named MI units you might find yourself in at this rank — the 706th MI Group at Fort Meade alongside NSA / CSS infrastructure, the 470th MI Brigade at JBSA-Fort Sam Houston, the 500th MI Brigade at Schofield, the 501st MI Brigade in Korea, the 66th MI Brigade in Wiesbaden, the 780th MI Brigade at Fort Eisenhower (formerly Fort Gordon, renamed in 2023), INSCOM HQ at Fort Belvoir, PEO IEWS staff at Aberdeen Proving Ground — are the institutional homes of the senior 35T community. The SSG 35T slot is the place where the cert stack you have been grinding since PFC starts producing real authority — and where the senior NCO job starts genuinely outweighing the wrench-on-iron job. The shop you own at SSG runs 10-15 soldiers in most BCT MICO and MI-brigade configurations. Two section sergeants (SGTs) report to you directly. Eight to twelve specialists and PFCs are working the DCGS-A workstation imaging cycle, the Prophet vehicle motor pool sustainment, the JWICS / NSANet / SIPR / NIPR enclave administration, the COMSEC inventory under AR 380-40, the IAVA tickler queue against the DISA STIGs published at public.cyber.mil, the SCIF infrastructure work under ICD 705, and the unglamorous compliance grind nobody told them is the senior 35T's signature. You write the section's input to the brigade S2 captain or major. You sit on the brigade IA governance board alongside the brigade S6 OIC, the SSO, the senior MI warrant officer (often a CW2 / CW3 from the 255 or 352 series), the brigade ISSO, and the brigade S2. You are the senior enlisted MI-systems voice when the brigade S2 OIC briefs the BCT CDR at the BUB on the analytic line's posture — DCGS-A uptime, COMSEC clean, IAVA compliance, SCIF accreditation status, ongoing incidents, the residual risk on the open dashboard. The promotion-to-E-7 math runs through AR 600-8-19: 96 months TIS / 24 months TIG (waivable in limited cases), DA 3355 points worksheet for SPC-and-below ratings, the centralized HRC SFC board (paper read, secondary zone vs primary zone, MILPER-message-published results). The Senior Leader Course (SLC) is the STEP gate for SFC — 35T SLC runs through the Cyber Center of Excellence NCO Academy at Fort Eisenhower for the signal-aligned curriculum, and the MI senior NCO institutional pipeline at the U.S. Army Intelligence Center of Excellence (USAICoE) NCO Academy at Fort Huachuca for the MI-aligned curriculum — verify the current 35T SLC sequencing with the brigade S3 and the brigade MI senior NCO chain, because the 35T sits in the seam between the signal community and the MI community and the SLC slot depends on the current MOS-proponent assignment. Without SLC complete, no SFC pin-on regardless of board score. The Master Leader Course (MLC) is the next gate — 14 days at NCOLCoE Fort Bliss — and the MLC packet is the senior NCO institutional credential the board reads at the next centralized look. The cert stack at E-6 is where the senior IT / MI-systems credentials become the post-service market package. CCNP-Security or CCNP-Enterprise (Cisco Certified Network Professional, the senior networking credential), CISSP (Certified Information Systems Security Professional — the ISC2 apex security credential, DoDM 8140-compliant for IAT-III and IAM II/III roles), CompTIA CASP+ (Advanced Security Practitioner — alternative IAT-III credential), the SANS / GIAC family (GSEC, GCIH, GCIA, GCFA, GREM — expensive but ACA-funded for select roles), the AWS / Azure / Google Cloud architect-level credentials, Red Hat RHCE for senior sysadmin work, vendor and platform credentials on the MI-system stack the unit fields (DCGS-A administrator certifications, Trojan / Prophet field engineer course graduations where the program office offers them). An SSG 35T with CCNP-Security plus CISSP plus a TS/SCI in good standing plus a CI poly is one of the most marketable enlisted profiles in the entire Army for the IC contractor market — the day-one civilian salary range at Booz, Leidos, SAIC, CACI, MITRE, Accenture Federal, or ManTech sits in the $130K-$180K band depending on geography and clearance currency. The 255A and 352-series warrant officer conversation becomes structural at this rank. The 255A Information Services Technician warrant is the senior signal / IT technical warrant track; the 352-series MI technician warrants (352N Signals Collection Technician, 352S Signals Collection Technician variants by current HRC alignment — pull the current MOS-mapping MILPER) are the MI-aligned technical warrant track. The 35T sits structurally between the two pipelines. The packet is approachable at SSG with the right cert stack, NCOER profile, senior officer endorsement chain (brigade S2 OIC plus senior MI warrant plus brigade CSM plus the warrant officer recruiting team at Fort Knox), and a defensible packet timeline. Selection rates run competitively — pull the published HRC warrant officer accession board results for the current cycle, because the rate moves year over year and historical cohorts have run sub-50% in tight years. The decision shapes the next 15 years: 255-series and 352-series warrant officers are the senior technical voice the brigade S2 OIC and the brigade S6 OIC trust to design and defend the MI / signal enclave architecture, and the post-CW3 / CW4 contractor market is the strongest in the entire enlisted-to-warrant pipeline. The 35Z (Career Management Field 35 senior NCO) conversion conversation is on the horizon at SFC, not at SSG — but the SSG who is paying attention is already pre-positioning the NCOER bullets, the senior MI NCO mentor relationships, and the institutional credential profile that makes the SFC-rank 35Z conversion competitive when the time comes. Verify the current HRC eligibility rules with the career manager before committing the soldier or yourself to the conversion path; the eligibility windows and PME prerequisites move with the centralized board cycle and the MI Corps senior NCO inventory.
Career Arc
  • 01E-6 pin-on (post-ALC, post-cutoff, post-chain release, post-cert stack maturation).
  • 02Shop NCOIC assignment — 10-15 soldier MI systems shop: BCT MICO maintenance section, DCGS-A administration platoon, Prophet / Trojan maintenance bay, SCIF infrastructure cell, or named-MI-brigade enterprise team.
  • 03Senior cert stack maturation: CCNP-Security / CCNP-Enterprise, CISSP or CASP+, vendor / platform credentials on the MI-system stack, ACA-funded GIAC family where the unit supports the voucher.
  • 04TS/SCI in good standing with CI poly current; clearance-reinvestigation cycle protected through financial discipline and SF-86 transparency.
  • 05255A / 352-series warrant officer packet decision — build the packet 12-18 months out from the relevant HRC accession board window.
  • 06SLC slot — sequenced via the brigade S3 and the brigade MI senior NCO chain; STEP gate for E-7.
  • 07MLC packet build at NCOLCoE Fort Bliss; centralized SFC board read; primary-zone competitiveness shaped 24-36 months out.
Common Screwups
  • ×DUI / Article 15 / drug pop at SSG — separation under AR 635-200 chapter 14, clearance revocation cascade under AR 380-67 and DoDM 5105.21, 255 / 352 warrant packet dead, every senior-cert ACA voucher recouped, the soldiers you mentored re-read by the clearance reinvestigation system because of access-overlap. The 35T community is small and tight; the read propagates inside the MI / signal senior NCO network within a quarter.
  • ×Fraternization with junior soldiers in the shop. The MI shop is a closed-access environment and the NCO/junior-enlisted line is the brightest in the Army at this rank. AR 600-20 chapter 4 is the reg the brigade CSM reads when the climate complaint surfaces, and the SSO is in the loop because the clearance reinvestigation may pull the relationship as derogatory information.
  • ×Financial mismanagement at the cert-bonus and SRB tier. Specialty pay, cert bonuses, and the SRB at this rank put real money through the account; senior MI NCOs whose clearance reinvestigation flags debt or garnishments lose the TS/SCI, the CI poly, and the warrant officer option in the same week.
  • ×Public disagreement with the brigade S2 OIC, the senior MI warrant, or the BCT CSM. SSG 35Ts are senior enough that command-team disagreement is read as a climate failure, not a technical one. Take it in the office; walk out aligned, or push back in writing through the right echelon.
  • ×Underestimating the SHARP / EO / climate piece in a closed-access workforce. Senior MI NCOs are not exempt — the brigade IG reads the shop's climate-survey results, the SSO and the brigade S2 SGM both see the trend lines, and a senior NCO whose shop produces SHARP findings is the senior NCO who does not pin SFC primary zone.

A Day in the Life

  • 0500Wake. PT uniform on. Phone check — overnight shop emergencies. Help-desk on-call rotation: someone's DCGS-A query node bricked, the JWICS link at the brigade SCIF dropped a route, the AD replication failed between two domain controllers on the SIPR enclave, the brigade S2 needs a CAC reset before he briefs the BCT CDR at 0630, the senior MI warrant just got a TARP indicator on a soldier and wants a meeting at 0700.
  • 0530PT formation. Brigade MICO or brigade S2 element falls in with the BCT HHC formation, or the MI battalion at INSCOM falls in with its own formation. You report shop accountability to the platoon sergeant or the senior MI warrant. Wednesdays are brigade run; the MI element runs with the BCT.
  • 0545-0700Unit PT. You run the shop's plan — the senior 35T sets the PT cadence for the MI-systems element. Hex bar / lifts on Tuesday, sprint-drag-carry circuits on Thursday, the 2-mile run on Friday. The SSG who skips PT to "go check on a DCGS-A box" is the SSG whose ACFT score on the brigade slide tells the BCT CDR the answer.
  • 0700-0830Hygiene, breakfast, change to OCPs. Walk through the SCIF on the way to the office — quick read on overnight tickets, the IAVA dashboard, the patch posture, the COMSEC inventory status. Brigade BUB prep with the brigade S2 OIC and the senior MI warrant at 0815.
  • 0830-0900Brigade BUB. The brigade S2 OIC briefs the BCT CDR and the staff; the senior MI warrant briefs the analytic-system technical posture. You sit behind the OIC and the warrant with the MI-systems status slide ready — DCGS-A uptime, COMSEC clean, IAVA compliance, SCIF accreditation status, open CAT-1 / CAT-2 findings, incidents in progress. The BCT CDR asks three questions; you have the answer to the third one cued.
  • 0900-1100Shop work. Walk the SCIF floor — the two SGTs run their sections, you read the tickets in progress, you mentor a SGT writing a counseling form on a specialist who missed an IAVA remediation deadline. RMF artifact work for the next ATO renewal with the brigade ISSO at 1000; coordinate with the SSO on an ICD 705 closure milestone at 1030. The 255A or 352-series warrant packet sits open on your other monitor.
  • 1100-1300Chow. Wednesdays you eat with the brigade S2 OIC, the senior MI warrant, and the BN S2 NCOs from the line battalions — informal coordination on the brigade-wide MI-systems posture, the next CTC rotation's comms and SCIF plan, the senior NCO slate read. The senior MI warrant occasionally pulls you into a warrant-NCO conversation about a soldier in the packet pipeline.
  • 1300-1500Afternoon technical work. Defending a CCRI or ICD 705 closure milestone, walking the brigade ISSO through the next ACAS vulnerability scan, briefing the brigade S2 on an indicator-of-compromise the SOC reported. Or training: bench-build a CCNP lab for the section's next cert candidate or a DCGS-A administrator-training session for a soldier in the JQR pipeline.
  • 1500-1630Counseling cadence. AR 623-3 monthly DA 4856 counselings for the two SGTs. NCOER input drafts for the BN S2 senior NCO's rated soldiers (you provide bullets for soldiers the BN S2 senior rates but you observed daily). The SSG who runs counseling monthly is the SSG whose NCOERs at the centralized board read clean.
  • 1630-1730End-of-day walk. Sensitive items, the COMSEC inventory sign-off, the AGM image refresh status, the night-shift help-desk handover, the SCIF closure protocols with the SSO if applicable. Lock the office.
  • 1730-1900Personal time. Married SSGs: family. The post-service market conversation is real at this rank — LinkedIn currency, networking with the cleared contractors at the Cyber Center of Excellence and USAICoE career fairs, the cert-stack pacing for the next 18 months. If you are 12 months out from the 255 / 352 warrant board, the warrant packet is on the kitchen table.
  • 1900-2100Study. The cert stack does not build itself. CCNP-Security study on Tuesday / Thursday; CISSP review on Wednesday; the SANS / GIAC podcast on the drive home; STP 34-35T review when a JQR signoff session is on the calendar. The senior 35T who stops studying at SSG is the senior 35T whose post-service salary stops compounding.
  • 2100-2200After-hours coordination. The shop's on-call rotation includes you for after-hours brigade-level MI-systems incidents. A JWICS outage at the brigade SCIF at 2130 means you are on the phone with the SGT on duty walking him through the troubleshooting, coordinating with the senior MI warrant on residual-risk acceptance if the analytic line has to come down, or driving back to the brigade HQ.
  • 2200Lights out.
  • Field rotationThe clock collapses. JRTC at Fort Johnson, NTC at Fort Irwin, JMRC at Hohenfels, JPMRC in the Pacific — you are walking the brigade SCIF and the MICO, validating the DCGS-A query nodes, the Prophet platforms, and the SIPR / JWICS uplinks; owning the rotation's IAVA / patch posture; running the IR cycle through the contested-network injects; coordinating with the senior MI warrant on residual-risk acceptance; briefing the brigade S2 OIC and the BCT CDR daily. The 18 hours feels normal; you are running on coffee, motor pool sleep, and the rotation's adrenaline.

Weekly Cadence

Monday is the heaviest planning day. You read the BCT CDR's Friday release, the brigade S2 OIC's Sunday-night priorities, the senior MI warrant's architecture-board notes, the ARCYBER and INSCOM FRAGOs that came through over the weekend. By mid-morning you have the shop's plan for the week aligned: which sections are running which DCGS-A patch cycles, which CCRI / ICD 705 closure milestones are due, which RMF artifacts the ISSO needs sign-off on, which counselings are scheduled, which COMSEC inventory reconciliations are on the calendar. Brief it to the two SGTs at 1000; lock it Friday afternoon for the following week. Tuesday through Thursday is execution. You walk the SCIF floor daily, sit at the brigade BUB Wednesday with the brigade S2 OIC and the senior MI warrant, attend the brigade IA governance board Thursday afternoon, and run the RMF artifact reviews with the brigade ISSO. The brigade-level coordination is the SSG-rank work — the BN S2 senior NCOs from each line battalion coordinate with you informally on the brigade-wide MI-systems posture, the IAVA closure cadence, the next CTC rotation's SCIF and comms plan, and the senior MI warrant's residual-risk acceptance on any open vulnerability windows. Friday is the week's closure. End-of-week IAVA / patch report, ICD 705 SCIF accreditation milestone update, and COMSEC inventory roll-up to the brigade ISSO, the SSO, and the senior MI warrant for the brigade S2 OIC's read. NCOER deadlines hit at the end of the cycle and you are reviewing the SGTs' counseling input and your own NCOER bullets the senior rater will see. The week's third rhythm — the brigade-level institutional work — runs over months: the SLC slot scheduling, the MLC packet build, the 255A / 352-series warrant packet, the cert-stack pacing, the 35Z pre-positioning conversation, the post-service market conversation. The SSG who treats Friday as just an end-of-week formation is the SSG whose institutional credentials drift; the SSG who builds the institutional packet over 24-36 months is the SSG who pins SFC primary zone.

Key Skills — How to Drill Each

  1. 01
    Run a brigade-level MI network architecture conversation — VLAN scheme, IP plan, redundancy, growth roadmap across NIPR / SIPR / JWICS / NSANet enclaves — without hiding behind the senior MI warrant or the brigade S6 OIC.
    Sit with the brigade S2 OIC, the senior MI warrant, and the brigade S6 OIC quarterly and walk the architecture top to bottom: the NIPR / SIPR / JWICS / NSANet enclave separation, the VLAN allocation per MICO platoon and per brigade staff section, the IP-plan blocks reserved for the next field problem, the redundancy posture for the BCT TOC and the brigade SCIF during a CTC rotation, the 6-month growth roadmap as new DCGS-A versions or new MI-system fielding pushes through the brigade. Draw it on the whiteboard from memory; cite the relevant DoDM 5105.21 SCI handling controls and the ICD 503 / 705 risk-management framework. The senior MI warrant who has to draw it for you is the warrant who names a different SSG to brief the BCT CDR. The SSG who can defend the architecture without notes is the SSG the brigade S2 OIC and the senior MI warrant take to the brigade BUB.
  2. 02
    Defend a cybersecurity finding at the brigade Command Cyber Readiness Inspection (CCRI), Command Cyber Operational Readiness Inspection (CORA), or SSO-led ICD 705 SCIF accreditation review — own the gap, present the closure plan, hit the milestone, document the residual risk for the senior MI warrant to sign.
    CCRI and CORA are the DISA-led / ARCYBER-led inspections that audit the brigade against DoDI 8500.01 / 8510.01 / DoDM 8140 controls and the relevant DISA STIGs; ICD 705 governs the SCIF accreditation cycle the SSO chairs. The senior MI-systems NCO in the shop is the soldier the brigade S2 OIC sends to the in-brief and the out-brief. Build the artifact binder 60-90 days out: STIG checklist evidence, IAVA closure documentation, RMF authorization-to-operate (ATO) packets, ACAS vulnerability scan reports, mitigations for any CAT-1 / CAT-2 findings, ICD 705 SCIF physical-security artifacts, COMSEC inventory under AR 380-40 with the SF 153 / DA 3964 cover sheets reconciled. Brief the closure plan, own the milestones, and have the inspector's name correct when you walk him through the SCIF. The brigade S2 OIC and the senior MI warrant name the SSG who carries the inspection without surprises.
  3. 03
    Build a six-month training plan that produces one CCNP-grade or CISSP-grade NCO and two Security+ / CCNA-grade specialists on the MI enclave under DoDM 8140.
    Map the shop's IAT-II / IAT-III requirements under DoDM 8140 against soldier inventory and produce a training calendar that gets the right soldiers to the right credentials in the right order. Pace ACA voucher consumption against the published annual cap (the cap moves year over year per the Army Credentialing Assistance MILPER message). Stack ACA with Tuition Assistance for the related coursework. Coordinate with the brigade S3 and the brigade MI senior NCO chain on Foundry seats at USAICoE Fort Huachuca where the curriculum applies. Track in ATAAPS / GTIMS and brief progress monthly to the brigade S2 OIC and the senior MI warrant. The SSG who graduates two CCNAs and a CCNP or CISSP per fiscal year is the SSG whose NCOER bullets are defensible at brigade.
  4. 04
    Operate as the senior MI systems NCO on a CTC rotation — JRTC at Fort Johnson, NTC at Fort Irwin, JMRC at Hohenfels, JPMRC in the Pacific — through the entire force-on-force without losing the DCGS-A analytic line, the COMSEC, or the SIGINT collection picture.
    The CTC rotation is the brigade's external evaluation, and the MI-systems posture during a contested-network exercise is the senior MI NCO's signature deliverable. Walk the brigade S2 shop and the MICO during installation, validate the DCGS-A query node and the Prophet / Trojan platforms before the OC/T's first pass, own the rotation's IAVA / patch posture, run the IR cycle during the rotation's contested-network injects, coordinate with the senior MI warrant on residual-risk acceptance when the analytic line has to stay up through a controlled vulnerability window. The OC/Ts at the CTC write the rotation grade for the brigade S2 staff and the MICO; the brigade S2 SGM and the senior MI NCO chain read it. The SSG whose MI systems posture survives the force-on-force without a flag is the SSG the brigade S2 OIC names on the next NCOER as Most Qualified.
  5. 05
    Translate MI-system risk to a non-technical CO / CSM in language they will repeat without rewording — 'the analytic line is up but the redundancy is down' instead of vendor jargon.
    The BCT CDR and CSM are not cyber operators or MI-systems engineers. They are operational commanders who need the MI-systems risk read in 90 seconds, in language they can use at the next higher echelon's BUB. Build the analogy library: 'an unpatched DCGS-A workstation is a SCIF tent with the canvas open'; 'a CAT-1 STIG finding is a sensitive item not signed for'; 'a degraded JWICS link is a TOC without commo — the analyst is still in the chair but the picture stops moving'. Coordinate the language with the senior MI warrant and the brigade S2 OIC so the brief reads cleanly across the staff. The SSG who can make the CSM say it back correctly to division is the SSG the brigade names in the slide.
  6. 06
    Mentor your two section sergeants on NCOER writing, board prep, and the cyber-reclass (35Q / 17C) and warrant officer (255A / 352-series) conversations honestly.
    Quarterly counseling on DA 4856 with a development objective tied to the next board cycle. NCOER bullets that name a measurable outcome ('DCGS-A uptime 99.2% across 24 query nodes over 4 quarters' beats 'demonstrated outstanding analytic-system performance') under AR 623-3 and DA PAM 623-3. The SSG who graduates two SGTs to SSG-promotable in 36 months is the SSG the brigade S2 OIC and the senior MI warrant fight for on the senior NCO slate. The 35Q (Cryptologic Network Warfare Specialist) reclass, the 17C (Cyber Operations Specialist) reclass, the 255A warrant packet, and the 352-series MI technician warrant packet conversations are honest at this rank — the selection rates run competitively, the schools eat 6-18 months, the family separation is real. Lay it out; do not sell it.

Manuals & References — What Chapters Matter

  • NIST SP 800-53 — Security and Privacy Controls for Information Systems; NIST SP 800-171 — Protecting Controlled Unclassified Information in Nonfederal Systems.
    The control catalog and CUI framework every Army cyber and MI program inherits. You will be referencing specific control families (AC, AU, CM, IA, IR, RA, SC, SI) in CCRI / CORA closure plans and ATO packets. Know the families cold; look up the specific controls by reference. The brigade S2 OIC and the senior MI warrant who see the SSG cite 800-53 controls correctly in a closure plan are the leaders who take the SSG to the next IA governance board.
  • DoDI 8500.01 — Cybersecurity; DoDI 8510.01 — Risk Management Framework (RMF) for DoD IT.
    The DoD-level cybersecurity policy and the RMF instruction that drive every Authorization to Operate (ATO) and continuous ATO (cATO) packet the shop supports. The six RMF steps (Categorize, Select, Implement, Assess, Authorize, Monitor) are the workflow the GS-13 ISSO at the brigade walks the SSG through. The SSG who treats RMF as 'the ISSO's job' is the SSG who fails the next CCRI; the SSG who owns the bridge between the RMF artifacts and the shop's daily work is the SSG the brigade S2 OIC names in the slide.
  • ICD 503 — IC IT Risk Management; ICD 705 — Sensitive Compartmented Information Facilities; ICD 203 — Analytic Standards.
    The IC-level standards the MI enclave runs under. ICD 503 governs the IC IT cybersecurity framework; ICD 705 governs SCIF physical-security accreditation (the SSO chairs the cycle, but the senior MI-systems NCO signs for the IT-infrastructure side); ICD 203 governs analytic-product tradecraft (the senior 35T does not write analysis, but the systems he sustains carry it, and the IC-level standard matters for the IC-detail billets in the senior 35T's future).
  • AR 25-1 — Army IT; AR 25-2 — Army Cybersecurity; AR 380-5 — Information Security; AR 380-40 — Communications Security; AR 380-67 — Personnel Security; AR 381-10 — US Army Intelligence Activities; AR 381-12 — TARP.
    The Army-side compliance regs the MI shop lives under. AR 25-1 / 25-2 cover IT and cybersecurity; AR 380-5 governs classified material handling; AR 380-40 governs COMSEC (the senior 35T signs for COMSEC under this reg and the SF 153 / DA 3964 cover sheet cycle); AR 380-67 governs personnel security and clearance; AR 381-10 is the US persons / intelligence activities reg the IG inspects against in the MI community; AR 381-12 is the TARP indicator-and-warning reporting requirement.
  • DoDM 8140 — Cyberspace Workforce Qualification and Management; DoDM 5105.21 — Sensitive Compartmented Information Administrative Security Manual; DoDD 5240.01 — DoD Intelligence Activities.
    The DoD-level manuals that govern the cyber workforce qualification posture (the senior 35T audits the shop's IAT-II / IAT-III seat-to-soldier mapping against DoDM 8140) and the SCI administrative security posture (DoDM 5105.21 is the apex SCI admin reg; the senior MI-systems NCO partners with the SSO on the unit's compliance posture). DoDD 5240.01 is the apex DoD intelligence activities directive.
  • STP 34-35T — Soldier Training Publication for the 35T military occupational specialty; DISA STIGs at public.cyber.mil for the platforms the shop administers; MITRE ATT&CK framework.
    STP 34-35T is the MOS-specific training publication that anchors the JQR / OJT signoff progression for the shop's junior soldiers; the senior 35T teaches against it. DISA STIGs are the system-specific hardening checklists every CCRI / CORA closure plan references. MITRE ATT&CK is the adversary tactics catalog ARCYBER increasingly maps incident reports against; the brigade S2 OIC who sees the SSG cite ATT&CK technique IDs in the IR after-action report is the OIC who takes the SSG to the next cyber-strategy working group at the Cyber Center of Excellence at Fort Eisenhower.

Standards — How to Hit Each

  • SLC graduate; MLC packet built; consider the Cyber Center of Excellence senior-NCO offerings at Fort Eisenhower and the USAICoE Foundry catalog at Fort Huachuca as the visible MI / signal differentiator.
    SLC is the SFC STEP gate; the 35T slot sequencing runs through the brigade S3 and the brigade MI senior NCO chain (verify the current proponent-school assignment because the 35T sits in the seam between Cyber Center of Excellence and USAICoE pipelines). Book the slot 12 months out; the cohorts fill. MLC is the next institutional gate (14 days at NCOLCoE Fort Bliss). The Cyber Center of Excellence senior-NCO catalog and the USAICoE Foundry advanced catalog are voluntary, visible cyber / MI credentials that the senior NCO slate reads. The SSG with SLC plus MLC packet plus CCoE / USAICoE senior catalog on the slide is the SSG the brigade S2 OIC names primary zone for SFC.
  • CCNP-Security or CCNP-Enterprise; CISSP or CASP+ if tracking toward warrant officer or contractor space.
    The CCNP family runs through Cisco's certification track — CCNA prerequisite, then the CCNP core (350-701 ENCOR for Enterprise, 350-701 SCOR for Security) plus a concentration exam. Plan for 6-9 months of self-study with ACA-funded boot camps. CISSP requires 5 years of cumulative security work experience (your 35T time counts) plus the ISC2 exam. CASP+ is the alternative IAT-III credential. The CISSP is the credential the 255 / 352 warrant board reads; the CCNP is the credential the contractor recruiter reads; both are DoDM 8140 IAT-III qualifiers for the senior MI-systems billets.
  • Section IAVA compliance over the last 4 quarters at or above 98%; zero CAT-1 unresolved past the published window; SCIF ICD 705 accreditation defensible; COMSEC inventory clean under AR 380-40.
    IAVAs are tracked in the DoD CMRS dashboard and the brigade's local compliance system. The 98% threshold is the senior MI-systems NCO bar at brigade; the BCT CDR reads the slide quarterly. Build the patching cadence around the published IAVA windows; never let a CAT-1 sit past the window. SCIF accreditation under ICD 705 runs through the SSO; the senior 35T owns the IT-infrastructure side. COMSEC inventory under AR 380-40 reconciles monthly with the SF 153 / DA 3964 cover sheets; a missing key or a missing inventory cover sheet is the kind of finding that surfaces at brigade IG. The SSG whose section runs green for 4 consecutive quarters is the SSG the BCT CSM names in the slate.
  • NCOER profile defensible at brigade — Top Block / Most Qualified rate matching the actual delta in soldiers selected.
    Write to the reg (AR 623-3 + DA PAM 623-3), not to inflation. The senior rater profile at brigade is defensible only if the SGTs you rate as Most Qualified actually pin SSG, and the SSGs you rate as Most Qualified actually move to senior assignments. The brigade S2 OIC, the senior MI warrant, and the BCT CSM all read the senior rater profile; the SSG who writes inflated bullets is the SSG whose rated soldiers do not get selected — and the next centralized board catches the gap.
  • ACFT 540+ minimum at this rank; brigade MI senior NCO fitness is on the brigade CO's slide.
    ACFT 540 (3-event 180 average) is the floor the BCT CDR reads. The MI community has a reputation problem on PT in some BCTs — the SCIF schedule, the round-the-clock watch rotation, and the analytic / maintenance workload all push the section toward skating on the test. The senior 35T who walks the brigade run formation in the rear is the senior NCO the BCT CDR does not name in the slate. Train the events at the brigade fitness center 4-5 mornings a week.

Technical Mistakes — Concrete Consequences

  • Confusing tactical MI-system maintenance with garrison-enclave cyber-defense expertise.
    The brigade needs both. The senior 35T who pretends to be the apex DCGS-A administrator is the SSG who breaks the brigade's JWICS forest during a routine GPO push because he does not understand the enclave-trust relationships at the INSCOM / NSA / CSS interface. The opposite mistake is the garrison-deep sysadmin who pretends to be the tactical Prophet maintainer and loses the SIGINT collection picture during a JRTC rotation. Pick your lane; defer honestly outside it. The senior MI warrant is your partner on the residual-risk acceptance, not your replacement on the technical lane.
  • Skipping the RMF / cATO conversation because 'that is the ISSO's job' or 'the warrant runs it.'
    Your soldiers fail the next CCRI / CORA if you do not own the bridge between RMF artifacts and the shop's daily work. The brigade GS-13 ISSO produces the SSP and the POA&M; the senior MI warrant signs the residual risk; the SSG translates the controls into the daily STIG checklist, the IAVA closure cadence, the vulnerability scan posture, and the COMSEC inventory cycle. The SSG who walks away from the RMF conversation is the SSG whose section is the CCRI's CAT-1 surprise.
  • Letting a junior soldier act as IAT-II or IAT-III when they are not certified under DoDM 8140.
    The DoDM 8140 audit catches it. The senior NCO who signed off on a non-certified soldier touching IAT-II / IAT-III systems is the senior NCO whose ATAAPS sign-off appears in the IG report. The fix is procedural — every IAT seat is mapped to a certified soldier, every voucher is tracked, every continuing-education window is on the calendar — and the consequence of the audit finding is the brigade IG read and the next NCOER's senior rater bullet.
  • Bypassing the SSO on a SCIF physical-security or PERSEC finding.
    The SSO outranks the senior 35T on SCIF compliance, and the report goes up the chain you cannot influence. The SSG who tries to work around an SSO finding to protect a soldier, to protect a product timeline, to protect the section's reputation is the SSG whose name comes up in the next ICD 705 accreditation review or the next AR 380-67 clearance reinvestigation cycle. The SSO is your partner on compliance; treat the relationship that way.
  • Treating cyber-incident response as a help-desk ticket.
    A phishing campaign, a credential-compromise event, or an indicator-of-compromise on the MI enclave is reported through the brigade S2 / S6 channel and up to ARCYBER and INSCOM inside the published timelines (timelines vary by event severity per the ARCYBER incident reporting playbook). The SSG who closes a credential-compromise ticket as 'user education completed' instead of escalating is the SSG whose name surfaces in the ARCYBER after-action report — and in the MI community the IR cycle also touches the SSO and the 902nd MI Group CI investigators, which means the senior 35T who freelances the incident triggers a CI-investigation cascade he cannot stop.

Career Decisions at This Rank

  • 255A / 352-series warrant officer packet — submit or not.
    The 255A Information Services Technician warrant is the senior signal / IT technical warrant track; the 352-series MI technician warrants are the MI-aligned technical warrant track. The 35T sits structurally between the two pipelines; the SSG with the right cert stack, NCOER profile, senior officer endorsement chain (brigade S2 OIC plus senior MI warrant plus brigade CSM plus the warrant officer recruiting team at Fort Knox), and a defensible packet timeline can compete for either. Pull the published HRC warrant officer accession board results for the current cycle before committing — the selection rate moves year over year and historical cohorts have run sub-50% in tight years. Building the packet eats 12-18 months. The decision: are you a technical leader or an enlisted manager? 255 / 352 warrants spend the rest of their careers as the senior technical voice the brigade and division S2 / S6 OICs trust; SSG-track 35Ts become 1SGs and senior staff NCOs of MI / signal units. Both pay; the warrant post-service contractor market is the stronger of the two.
  • 35Q (Cryptologic Network Warfare Specialist) or 17C (Cyber Operations Specialist) reclass.
    35Q is the cryptologic-network-warfare operator MOS aligned with NSA / CSS at Fort Meade and the IC SIGINT enterprise; 17C is the Army's cyber-operations-specialist MOS aligned with ARCYBER at Fort Eisenhower and the Cyber Mission Force. Both require TS/SCI in good standing with CI poly, both push through intensive school pipelines (35Q at Goodfellow AFB through joint SIGINT training and then onward to Fort Meade-aligned units; 17C through the Cyber Center of Excellence at Fort Eisenhower for the ~6-month-plus operator pipeline), and both produce a post-service market materially stronger than general 35T. The reclass is approachable at SSG; the timing is the decision. The 17C community is small and tight; the senior 17C NCOs are visible at ARCYBER, INSCOM, and the Cyber Mission Force teams. The 35Q community sits closer to the NSA / CSS enterprise. The reclass eats the school pipeline plus a re-set of the cert stack; the upside is the cyber-operator or cryptologic credential the post-service market values most.
  • Drill Sergeant / Recruiter / Instructor broadening — voluntary special-duty tour.
    AR 614-200 governs the special-duty assignment slate. Drill Sergeant at the USAICoE NCO Academy at Fort Huachuca (the 309th MI Battalion runs the MI OSUT pipeline; senior MI Drill Sergeant cadre is the MI-specific institutional billet), the Cyber Center of Excellence NCO Academy at Fort Eisenhower for the signal-aligned cadre billets, USAREC senior recruiter, or instructor / cadre billet at one of the MI proponent schools. These are voluntary tours that are visibly career-shaping in the senior NCO slate — the institutional credential signals broadening, and the X-coded ASI (drill sergeant, recruiter, instructor) appears on the slide at the next centralized board. The cost: 2-3 years out of the technical track, family-separation reality, and the cert stack does not advance during the special-duty tour.
  • MLC packet and SFC primary-zone competitiveness.
    MLC is the next institutional gate (14 days at NCOLCoE Fort Bliss). The packet is built 18-24 months out from the SFC centralized board. The primary-zone vs secondary-zone read at SFC is materially career-shaping: primary-zone selection means SFC at 8-10 years TIG as SSG; secondary-zone means waiting one or two boards. The packet build is the NCOER profile, the senior rater bullets, the institutional credentials (SLC plus MLC plus CCoE / USAICoE senior catalog plus the cert stack), and the senior MI officer / senior MI warrant endorsement. The SSG who builds the MLC packet deliberately is the SSG who pins SFC primary zone.
  • Reenlistment beyond the 12-year inflection.
    The reenlistment math at SSG for 35T and the 35-series conversion is published in the current MILPER message — SRB tier and bonus amounts vary year over year, and 35-series MI MOSes often sit in higher SRB tiers because of the clearance and credential pipeline cost. The 12-year inflection is the half-pension marker; the conversation past 12 years is about retirement timing (20 years vs 24 vs 30) and post-service market entry. Under BRS, the 2% multiplier compounds at the senior pay grades — the difference between a 20-year retirement and a 24-year retirement at SFC / 1SG is meaningful in the long-run retirement-and-TSP math. The senior 35Ts who landed the best post-service careers planned 24-36 months ahead; the financial counselor and the retention NCO at this rank are not optional conversations, especially in an MOS where the IC contractor and federal civil service market gives a strong six-figure floor at separation.

How the Seat Varies by Unit Type

  • BCT MICO maintenance section / DCGS-A administration platoon (line BCT — IBCT, SBCT, ABCT)
    The most common SSG 35T billet. You are the senior MI-systems NCO in the brigade MICO maintenance section or the DCGS-A administration platoon under the Military Intelligence Company within a brigade engineer battalion (BCT structure puts the MICO under the BEB in most BCTs). You own the brigade's MI-systems iron — DCGS-A query nodes, Prophet / Trojan platforms where the BCT fields them, the SCIF infrastructure, the SIPR / JWICS extensions. The BCT CDR and CSM read the analytic-line posture at the BUB weekly; the brigade S2 OIC and the senior MI warrant brief. The OPTEMPO is the rotational readiness model — train-up, CTC rotation, available, deploy or hold. The cert stack matures, the 255 / 352 warrant conversation is real, and the NCOER profile reads inside a known senior-rater context. Most SSG 35Ts go on to pin SFC from this seat.
  • Theater MI Brigade (470th at JBSA-Fort Sam Houston, 500th at Schofield, 501st in Korea, 66th in Wiesbaden)
    The senior 35T in a section of a theater MI brigade is running a deeper MI-systems portfolio at the theater-army level — supporting USAREUR-AF (66th MI BDE), USARPAC (500th MI BDE), USFK (501st MI BDE), or USARSO and the JBSA-based regional intel mission (470th MI BDE). The analytic-line posture is more strategic than the BCT level; the systems portfolio integrates with the theater army G2 and the supported COCOM J2. The OPTEMPO is calmer than tactical BCT but the institutional credential is heavier. The post-service market values the theater-MI-brigade credential alongside the cert stack.
  • 780th MI Brigade at Fort Eisenhower / Cyber-aligned MI units
    The 780th MI Brigade at Fort Eisenhower (formerly Fort Gordon, renamed in 2023) is the Army's cyber-aligned MI brigade — TS/SCI required with CI poly, the 17C reclass conversation is structural at this point, and the senior 35T billets at the 780th and the Cyber Mission Force teams compete with 17C-native NCOs for talent. The mission-set is offensive and defensive cyber operations; the credentials valued are the SANS / GIAC family and the offensive-security certs (OSCP, OSEP) alongside the senior IAT-III stack. The senior NCOs at the Cyber Mission Force teams are among the strongest post-service candidates in the entire MI / cyber community.
  • 706th MI Group at Fort Meade / NSA-aligned MI billets
    The 706th MI Group at Fort Meade is the Army's senior MI element operating alongside NSA / CSS infrastructure. The senior 35T at the 706th is running MI-systems work at the IC enterprise level — JWICS, NSANet, the SIGINT enterprise IT infrastructure that the NSA / CSS mission depends on. TS/SCI plus CI poly is the minimum; the credentials valued are the IC-fluency stack (ICD 503 / 705 fluency, the senior IAT-III cert stack, vendor and platform credentials on the IC IT infrastructure) and the joint-duty credit at NSA / CSS. The post-service market for 706th-credentialed senior 35Ts is the strongest IC IT pipeline in the Army.
  • INSCOM HQ / PEO IEWS staff (Aberdeen Proving Ground) / USAICoE cadre at Fort Huachuca
    The institutional Army senior 35T seats — INSCOM HQ senior MI-systems NCO billets at Fort Belvoir, PEO IEWS (Program Executive Office Intelligence, Electronic Warfare, and Sensors) staff at Aberdeen Proving Ground for the program-office liaison and field-engineer-equivalent senior NCO billets, USAICoE NCO Academy cadre at Fort Huachuca for the SLC / MLC / Foundry instructor billets. The OPTEMPO is calmer than tactical or BCT MICO; the institutional credential signals broadening. The X-coded ASI for instructor cadre is visible on the slide at the next senior NCO board. The cost is 2-3 years out of the technical-line track; the upside is the institutional credential and the post-service market access to the program-office and IC-vendor pipeline.

What Good Looks Like at This Rank

The good SSG 35T runs the shop the BCT CDR names in the brigade slide as "MI systems is solid." He turns out two CCNA / Security+ NCOs per cycle, his cyber-inspection findings are closed before the brigade IG asks, the COMSEC inventory under AR 380-40 clears without a finding, and his shop's IAVA dashboard is green for four consecutive quarters. The BCT CDR, the brigade S2 OIC, the senior MI warrant, and the BCT CSM all call him by name at the BUB — not because he briefs frequently, but because the analytic line is invisible in the right way: it works, the dashboard is green, the soldiers are getting certified, and the contractor on rotation is asking for his card. His section sergeants are two SGTs who pin SSG on the next centralized board because their NCOERs are written to the reg (AR 623-3) and the senior rater profile is defensible. His specialists are running the DCGS-A administration cycle, the Prophet motor pool sustainment, the JWICS / NSANet enclave administration, and the COMSEC inventory cycle without his daily intervention. His 255A or 352-series warrant officer packet sits in the company senior MI officer's desk drawer, ready to submit when the next HRC accession board opens — built over 18 months of NCOER bullets, cert stack maturation, and senior MI warrant / senior MI officer endorsement at the brigade level. He has SLC complete, MLC packet built, CCNP-Security or CCNP-Enterprise on the wall, CISSP or CASP+ if he is tracking toward 255 / 352 warrant space or the contractor market, vendor and platform credentials on the DCGS-A / Trojan / Prophet stack he sustains, and the post-service market conversation has already started. The Booz, Leidos, SAIC, CACI, MITRE, Accenture Federal, and ManTech recruiters at the Cyber Center of Excellence and USAICoE career fairs know his name. The brigade S2 OIC fights for him on the senior NCO slate; the BCT CSM names him primary zone for the next SFC board. His ACFT is 540+ and the BCT run formation has him near the front.

Preview — The Next Rank

SFC 35T is the rank where you stop running a shop and start running a brigade-level conversation. The platoon-sergeant-equivalent for the 35T community is the brigade MI-systems senior NCO or the battalion MICO senior NCO — you sit at brigade or battalion staff alongside the captain or major, you build the unit's MI-systems and cybersecurity readiness posture for the next CCRI / CORA / ICD 705 cycle, you write four-to-five NCOERs per cycle that will pick the next batch of SSGs and SFCs across the brigade. The two SGTs you mentored at SSG are now your SSG bench; the cert stack you built is now the credential signal you carry into the brigade-level technical conversations. The 35Z (Career Management Field 35 senior NCO) conversion conversation goes live at SFC — verify the current HRC eligibility rules with your career manager, but it is the path many senior 35Ts take into broader MI senior NCO leadership. The institutional load grows. The Master Leader Course (MLC) is the SFC STEP gate (14 days at NCOLCoE Fort Bliss). The U.S. Army Sergeants Major Academy (USASMA) at Fort Bliss becomes the next gate if you are tracking toward SGM / CSM. The warrant officer mentor role is real — the brigade looks to the SFC senior MI-systems NCO to identify and develop the next 255 / 352-series candidates from the SSG bench. The NCOER pen is heavier: four-to-five NCOERs per cycle, the senior rater profile is judged by which of your rated NCOs actually pin SSG / SFC. The post-service market conversation matures. At SFC with 14-18 years TIS and TS/SCI plus CI poly, the cleared-contractor recruiters at Booz, Leidos, SAIC, CACI, MITRE, Accenture Federal, and ManTech are running structured pipelines for senior MI / cyber NCOs. The federal civil service (GS-13 to GS-14 senior IT specialist at INSCOM, NSA, DIA, CIA, FBI, DHS) is the alternate path. The senior 35Ts who landed the strongest post-service careers planned 24-36 months ahead — clearance currency, cert-stack maintenance, defense-industry networking, the warrant vs SFC-line-track decision settled long before retirement orders. The SSG who built the institutional packet deliberately at E-6 is the SFC who has the post-service market open at the right time.
FAQ

35T E6 — Frequently Asked Questions

Q01What does a E6 35T (Military Intelligence (MI) Systems Maintainer/Integrator) actually do?
You manage a 10-15 soldier MI systems shop — a DCGS-A administration platoon, a BCT MICO maintenance section, a Prophet / Trojan maintenance bay, or a SCIF infrastructure cell at a named MI brigade (780th at Fort Eisenhower, 706th MI Group at Fort Meade, 470th at JBSA-Fort Sam Houston, 500th at Schofield, 501st in Korea, 66th at Wiesbaden, INSCOM HQ at Fort Belvoir).
Q02What's the most important thing to know as a E6 35T?
Staff Sergeant 35T is where the title 'MI Systems Maintainer / Integrator' stops being a help-desk job and starts being the senior enlisted technical authority for the brigade's MI iron.
Q03What does a typical day look like for a E6 35T?
Time-blocked day at the E6 35T rank tier: 0500 Wake. PT uniform on. Phone check — overnight shop emergencies. Help-desk on-call rotation: someone's DCGS-A query node bricked, the JWICS link at the brigade SCIF dropped a route, the AD replication failed between two domain controllers on the SIPR enclave, the brigade S2 needs a CAC reset before he briefs the BCT CDR at 0630, the senior MI warrant just got a TARP indicator on a soldier and wants a meeting at 0700, 0530 PT formation. Brigade MICO or brigade S2 element falls in with the BCT HHC formation,…
Q04What mistakes get E6 35T soldiers fired or relieved?
DUI / Article 15 / drug pop at SSG — separation under AR 635-200 chapter 14, clearance revocation cascade under AR 380-67 and DoDM 5105.21, 255 / 352 warrant packet dead, every senior-cert ACA voucher recouped, the soldiers you mentored re-read by the clearance reinvestigation system because of access-overlap. The 35T community is small and tight; the read propagates inside the MI / signal senior NCO network within a quarter; Fraternization with junior soldiers in the shop.…
Q05What career decisions matter most at the E6 35T rank tier?
255A / 352-series warrant officer packet — submit or not — The 255A Information Services Technician warrant is the senior signal / IT technical warrant track; the 352-series MI technician warrants are the MI-aligned technical warrant track. The 35T sits structurally between the two pipelines; the SSG with the right cert stack, NCOER profile, senior officer endorsement chain (brigade S2 OIC plus senior MI warrant plus brigade CSM plus the warrant officer recruiting team at Fort Knox), and a defensible packet timeline can compete for either.…
Q06What's next after E6 for a 35T (Military Intelligence (MI) Systems Maintainer/Integrator) in the Army?
SFC 35T is the rank where you stop running a shop and start running a brigade-level conversation.
Q07What manuals and regulations does a E6 35T need to know cold?
NIST SP 800-53 / 800-171 — the controls every Army cyber and MI program inherits.; DoD CIO RMF — Risk Management Framework workflow (every ATO you support runs through it).; ICD 503 — IC IT Risk Management; ICD 705 — SCIF Accreditation; ICD 203 — Analytic Standards.

This playbook has no tips yet. Be the first to share what you know.

Published by the Honest MOS Editorial DeskVerified against DoD/.gov sourcesUpdated May 2026Editorial standards