←Back to CMS Cyber Mission Specialist — overview, pay, training, civilian translation, reviews
CMSE1-E3
Cyber Mission Specialist
E-1 to E-3 (Junior Enlisted) · Coast Guard
HEADS UP
CMS is one of the newest ratings in the Coast Guard — established around 2023 — which means the A-school pipeline, the PQS, and the career norms you are stepping into are still being codified as you walk into them. That is not a bug; it is an opportunity. The non-rate who figures that out early and runs toward the rating with curiosity instead of waiting for someone to hand them a checklist is the one the CMS2 wants next to them when a real incident fires. Your floor credential is CompTIA Security+ and your DoD 8570.01-M / DoD 8140.01 IAT Level I baseline — get it done before your A-school class date posts.
The Honest MOS Read
CMS (Cyber Mission Specialist) is the Coast Guard's dedicated cyber rating, established around 2023 to formalize the enlisted cyber workforce defending CG networks and supporting the DHS cyber mission under CGCYBER (Coast Guard Cyber Command, Hampton Roads, VA). You completed Coast Guard Recruit Training at Training Center Cape May, NJ — the only CG boot camp, approximately eight weeks — and reported to CGCYBER or a subordinate cyber protection team as a non-rated Coastie striking for the CMS rating. The pipeline for a CMS striker is still maturing; verify the current A-school location, length, and prerequisites against the Coast Guard Institute and the most recent ALCGPSC advancement message for the CMS rating before making any plan around them.
At this stage you are the newest person in a rating young enough that the senior CMS petty officers above you helped build the norms you are now training against. That is unusual in the Coast Guard, where BM and MK have decades of institutional knowledge behind their qual books. The CMS PQS is one of the newer qual books in the service, and it is worth reading end to end on day one — not skimming, reading — because the tasks it describes are the tasks the CMS2 is going to ask you to execute before they sign the line.
Your day-to-day at the non-rate and early striker level is foundational: learning the unit's network architecture, watching CMS3s and CMS2s work the alert queue on the SIEM dashboard, sitting in on cyber incident logs and cyber protection team (CPT) mission briefs under close supervision, and completing whatever DoD 8140.01 / DoD 8570.01-M aligned coursework your chain of command directs you toward as a prerequisite to formal designation. The Security+ is the IAT Level I baseline credential the rating's advancement structure references — if nobody has handed you a study plan, that is on you to build and execute, not on the chain of command to notice.
You also fill the duty section roles the unit assigns. CGCYBER and its subordinate cyber protection teams have their own watch rotation; the non-rate fills gaps in the watchbill the same way a non-rate at a small boat station fills gap watches there. In garrison you are the striker who shows up early, keeps the classified workspace squared, reads the current operational directives the unit posts, and demonstrates physical and information security habits — locking your workstation every time you walk away, treating every removable media item as a potential security event, and not discussing operational details outside of authorized spaces and channels — because one security violation at this paygrade is a designation-denial conversation and possibly a command investigation.
The structural fact about the CMS rating that the recruiter may not have spelled out: this is not a desk job where the stakes are low until you make petty officer. CGCYBER defends real networks, coordinates with DHS CISA and NSA-adjacent elements, and stands watches that matter operationally from day one. An alert you dismiss without reading may be the alert that is not a false positive. A log entry you write from memory at end of shift instead of in real time is an operational record error in an environment where time-of-detection is a primary metric. The stakes are real from the first day you sit down at the console under the CMS2's supervision.
The advancement path from SR/SA/SN to BM3 — wait, to CMS3 — runs through the Servicewide Examination under COMDTINST M1000 series. Verify the current advancement criteria, the SWE schedule, and the CMS rating knowledge bibliography against the Coast Guard Institute and the most recent ALCGPSC advancement messaging. The CMS community is small enough that the cutting score, the advancement cycle, and the community manager's priorities are visible in real time if you read the messages.
Career Arc
- 01Coast Guard Recruit Training at TRACEN Cape May, NJ — ~8 weeks.
- 02First unit assignment: CGCYBER (Hampton Roads, VA), a District or Area cyber protection team, or a subordinate cyber security element — verify current billet landscape via the CMS community manager and the most recent ALCGPSC messaging.
- 03CMS striker PQS initiated day one at first unit; DoD 8570.01-M IAT Level I baseline certification (CompTIA Security+ or equivalent) pursued in parallel — get it before the A-school class date.
- 04CMS A-school designation and class date: verify current course location, length, and prerequisites against the Coast Guard Institute and the current ALCGPSC advancement message — the rating is new enough that pipeline details change.
- 05Network defense watchstanding under close supervision — SIEM monitoring, alert-queue work, incident log entries — building the observable record the CMS2 and the A-school designation endorsement write from.
- 06E-2 at 6 months TIS; E-3 at 9 months TIS / 6 months TIG; CMS3 via SWE. Verify current advancement eligibility criteria against COMDTINST M1000 series and the current CMS ALCGPSC message.
- 07First reenlistment / EAOS conversation begins 12-18 months before contract end — timing the IAT Level II cert and the A-school designation pipeline correctly is how you build leverage for the conversation.
Common Screwups
- ×Security violation at the non-rate level — classified handling error, unauthorized media, workstation left unlocked in a classified space. One incident at this paygrade is a designation denial; in a small rating, it is also the story that follows you to every unit.
- ×OPSEC breach — posting unit details, network configuration specifics, or watch schedule information on social media or in personal messages. CGCYBER's operational posture is not a conversation topic outside of authorized channels, full stop.
- ×DUI or drug pop. The CMS rating requires a security clearance. Either event is clearance-terminal and, in the CG's small institutional memory, career-terminal. The non-rate who loses the clearance before designation is done.
- ×Letting the baseline certification drift — treating Security+ as something to worry about 'after A-school' rather than before. The CMS2 who sponsored your designation read the requirement; the chain of command that writes your EER also reads it.
- ×Conduct / NJP during the striker period. The chiefs' mess at a CG cyber unit is small and the community manager knows the unit chiefs. An Article 15 equivalent in the CG (NJP under the UCMJ) during the striker phase closes the A-school door in most cases.
A Day in the Life
- 0530-0600Wake up; check personal communications before entering the classified workspace; coffee at the facility break area. Quick gear and security badge check before quarters.
- 0600Morning quarters / muster. Accountability called, watch turnover brief for the incoming section. Non-rate reports to the watch supervisor for the day's tasking.
- 0600-0700Unit PT formation or individual PT in accordance with the unit's schedule. CMS units run PT on the same CG-wide cycle as any other unit — typically Mon/Wed/Fri unit PT, Tue/Thu individual.
- 0700-0800Hygiene, breakfast, change into working uniform. Colors at 0800 if the unit observes the formation.
- 0800-0900Supervised time at the SIEM console or in the classified workspace with the watch CMS2. Observe the alert queue workflow — what the CMS2 reads, what they dismiss with notes, what they escalate. Take notes on alert categories.
- 0900-1100PQS work or Security+ study time if the operational tempo allows. The non-rate builds PQS time in the gaps between supervised tasks — ask the CMS2 which PQS lines can be worked today and which need a formal event.
- 1100-1200Assist on workspace and equipment security maintenance tasks — the physical security checks the watch section runs as part of the standard day. Classified areas require documented access logs; the non-rate assists the CMS3 on these tasks.
- 1200-1300Lunch — typically at the facility break area. CMS units are shore-based; lunch works like any other shore billet.
- 1300-1500Training block: Security+ coursework (self-directed), a unit tabletop scenario run by the CMS2, or a structured PQS walk-through where the CMS2 covers a system or procedure the non-rate has not encountered yet. If the unit is running an active assessment, this is when the non-rate sits in the read-only observer seat.
- 1500-1600Log documentation and workspace security check before the watch section transitions. Non-rate ensures all temporary notes are properly marked and handled; workstation locked; media accounted for.
- 1600End of day quarters or section debrief. Watch supervisor covers anything notable from the day's alert queue. Non-rate asks one question in the debrief — not during the task.
- 1600-1800If on duty section, the duty rotation begins. The non-rate fills the duty watch role the watch supervisor assigns — not a classified operations watch, but the administrative duty function the section runs when off-watch CMS personnel hold the after-hours accountability.
- 1800-2100Personal time — Security+ study sessions in the barracks or on-base. 45-minute blocks with a break are more effective than three-hour marathon sessions.
- 2100-2200Lights-out equivalent. Phone and personal communications checked before sleeping. Physical security badge secured.
Weekly Cadence
The week at a CGCYBER subordinate unit runs on the operational rhythm of a shore command with a technical mission overlay. Monday and Tuesday are typically the heaviest administrative days — watch schedules posted for the coming week, cert training tracked, the unit leadership meeting where the watch supervisors brief the officer in charge on section readiness. For the non-rate, the week starts with quarters, PT, and the early supervised console time where the CMS2 walks through the previous week's notable alerts and explains the disposition decisions.
The middle of the week is where most of the structured training sits. Unit tabletops, PQS walk-throughs, and any scheduled certification coursework run on Wednesday or Thursday when the week's administrative load is lighter. If the unit is running a CPT assessment element or a scheduled vulnerability scan tasking, those events drive the week's rhythm — the non-rate sits in on pre-mission briefs and post-mission hot washes as an observer, which is where the watch-floor pattern recognition that eventually earns the Security+ a real context actually comes from.
Friday is typically the unit's review day — EER inputs for the week collected, training records updated, the cert tracking spreadsheet touched. The good non-rate uses Friday to update their own PQS spreadsheet, confirm the Security+ exam is scheduled, and send one honest email to the chain of command with a status update. The CMS community is small enough that the watch supervisor at your first unit knows the CGCYBER personnel shop chief; the tracker you maintain is the record you are building, whether you treat it as one or not.
Key Skills — How to Drill Each
- 01Complete DoD 8570.01-M / DoD 8140.01 IAT Level I baseline certification (CompTIA Security+ or equivalent) per the current ALCGPSC advancement message and unit direction.Build a study plan the week you check in — not the week before the exam. The Security+ exam covers six domains: threats/attacks/vulnerabilities, architecture/design, implementation, operations/incident response, governance/risk/compliance, and cryptography. The CompTIA Security+ official study guide is the baseline; supplement with Professor Messer's free course materials. Give yourself 60-90 days of consistent 30-45 minute daily sessions. The CMS2 above you passed this exam; ask how they studied. Schedule the exam before you need to — Pearson VUE testing centers book out, and a scheduled exam is harder to procrastinate than an unscheduled one.
- 02Assist on basic network monitoring tasks under direct supervision — reading a SIEM alert queue, identifying anomalous traffic signatures on a packet capture, and escalating correctly to the CMS2 without improvising.The SIEM is a tool; the skill is triage judgment. When you are at the console with the CMS2, do not just watch — ask what they are looking for in each alert category, what makes a flag a false positive versus a real indicator of compromise (IOC), and what the escalation threshold is at this unit. After each session, write down what you saw and what disposition it received. The pattern recognition that makes a good watch stander builds from the log you keep, not from the hours you sit there not paying attention.
- 03Maintain information security hygiene on every system you are authorized to touch — password management, CAC authentication, classified system handling, and physical security in authorized spaces.Treat the security rules as technical standards, not administrative overhead. The classified space rules exist because the attack surface is real. Lock the workstation before you walk away — every time, even for 30 seconds — until it is muscle memory. Never plug a personally-owned device or uncleared media into any government system, including to charge a phone. If you are ever uncertain whether an action is authorized, stop and ask before acting. The CMS2 would rather answer a question than write an incident report.
- 04Complete the CMS Rating Performance Qualification Standard (PQS) task items available at your paygrade — read the entire qual book on day one and build a completion timeline.Pull the PQS from the unit's training office or the Coast Guard Institute the first week. Read it cover to cover before you start pursuing signatures — the structure of the qual book tells you what the rating expects you to be able to do, in what order, and at what standard. Build a simple spreadsheet: task, status, supervisor, target date. Show it to the CMS2 your first week and ask who signs which sections. The non-rate with a visible PQS plan gets signatures; the non-rate who asks for signatures ad hoc gets them later.
- 05Write accurate, time-stamped watch log entries for every shift — event, time (UTC), action taken, disposition — to the standard the watch section uses.Write the entry when the event happens, not at the end of the watch. The time-of-detection accuracy in the log is an operational record, not a housekeeping task — post-incident reviews and CGCYBER leadership read those entries, and the 45-minute time gap between when the alert fired and when you logged it is exactly the kind of detail that surfaces in a review. Borrow the format the CMS2 uses and replicate it exactly until you understand why each field matters.
Manuals & References — What Chapters Matter
- DoDD 8140.01 — Cyberspace Workforce ManagementThe DoD directive that defines the cyberspace workforce framework the CMS rating trains inside — qualification categories, work roles, and the certification-to-work-role mapping that explains why Security+ is the IAT Level I baseline rather than some other cert. Read the overview and the work role definitions so you understand what the rating's career structure is actually tied to; verify the current edition on the DoD Issuances website.
- DoD 8570.01-M — Information Assurance Workforce Improvement ProgramThe implementing manual for baseline certifications by IA role category. The certification tables in 8570.01-M are the specific reason your chain of command is pushing Security+ — IAT Level I requires it (or equivalent). Even though DoD 8140.01 is the strategic successor, 8570.01-M baseline cert tables remain operationally referenced. Verify the current approved cert list and the CMS rating's specific certification requirements against both documents.
- NIST SP 800-53 — Security and Privacy Controls for Information Systems and OrganizationsThe control framework your unit's network defense operations reference. You do not need to memorize all 1,000+ controls as a non-rate, but reading the introduction and skimming the control family summaries (access control, audit and accountability, incident response, system and information integrity) gives you the vocabulary the watch floor uses. When the CMS2 mentions 'SI controls' or 'IR procedures,' you will know what they are talking about.
- COMDTINST M1000-series — Coast Guard Personnel ManualThe umbrella for everything on you as a member — leave, liberty, advancement, conduct, enlisted evaluation. Sections on the Servicewide Examination and advancement eligibility are directly relevant at this paygrade. Verify the current revision against the Coast Guard Directives System.
- CMS Rating Performance Qualification Standard (PQS)The qual book that takes you from non-rate to CMS3. It is one of the newer qual books in the service; read it end to end rather than treating it as a checklist. The tasks it describes are the things the CMS2 is evaluating you on whether or not they are actively running you through lines. Obtain the current version from the Coast Guard Institute — verify it is the current edition before starting.
- Unit Standard Operating Procedures, OPSEC Plans, and Classified Systems Security GuidesThe unit-level documents that govern what you are actually authorized to do, in what spaces, on which systems, at what classification level. Read the unit's OPSEC plan, the communications security brief, and the watchstanding instructions your first week. They exist; ask for them by name; they are your operating authority from day one.
Standards — How to Hit Each
- DoD 8570.01-M IAT Level I baseline certification (CompTIA Security+ or equivalent) completed or in active pursuit per unit direction.Schedule the exam within 60-90 days of checking in unless your chain of command directs otherwise. Consistent daily study sessions over 60-90 days are more reliable than cramming. The exam is a standard Pearson VUE proctored test — schedule it at a testing center near the installation before you think you need to.
- CMS A-school designation and class date — verify current course details against the Coast Guard Institute and the most recent ALCGPSC advancement message.The designation endorsement comes from the chain of command at your unit; the class date comes from the schoolhouse through the CGPSC assignment process. The inputs are your EER as a non-rate, your PQS progress, your supervisor's endorsement, and your certification progress. Do not wait to be told to pursue these inputs — build them visibly from day one.
- Coast Guard physical fitness assessment passed every cycle per current COMDTINST M1000-series standards; weight and body composition compliant with COMDTINST M1020.8.The CMS rating does not have a physical fitness waiver. The PFT cycle and the body composition standards are the same for CMS as for BM and OS. Build a consistent PT routine from day one at first unit — the non-rate who falls a PFT at a small technical unit is remembered for it.
- CMS PQS lines signed consistently and visibly ahead of the A-school class date.Build the tracking spreadsheet week one, show it to the CMS2, and update it after every signature. The CGCYBER supervisors who write your EER blocks check the qual book, and in a small young rating the PQS progress of the non-rates is visible to the entire chain of command.
- Zero security violations — classified handling, workstation lockout, removable media, physical access — from day one.There is no 'learning curve' grace period on security violations. Build the habits immediately: lock the workstation before you walk away, treat every piece of removable media as contaminated until proven otherwise, never discuss operational specifics outside authorized channels. The standard is binary; one incident report at this paygrade is a designation conversation.
Technical Mistakes — Concrete Consequences
- Treating a SIEM alert as low-priority because it looks like the same category you saw dismissed yesterday.False positive fatigue is the attacker's friend. The confirmed intrusion that gets missed at a watch-floor desk was, in almost every post-incident review, an alert that was dismissed without analysis. The non-rate who establishes the habit of reading the alert before closing it — every alert — is the one the CMS2 trusts to sit at the console unsupervised.
- Sharing any details about the unit's operational posture, network configuration, or active missions outside of authorized channels — including to family in personal messages.CGCYBER OPSEC is a classification issue, not just a conduct issue. The details that seem innocuous — unit location, watch schedule, the nature of the mission the team ran yesterday — are the details that aggregate into an intelligence picture. One OPSEC disclosure at this paygrade is a command investigation and a designation denial, and in a rating that depends on clearances it can be career-terminal.
- Letting the Security+ certification drift because no one scheduled the exam for you.The DoD 8570.01-M IAT Level I baseline requirement is not a recommendation — it is the certification floor for the work role the rating fills. The CMS2 who is designating you and writing your EER had a certification when they were at this paygrade. The chain of command that reads your EER knows whether you do too.
- Logging a watch event from memory at end of shift instead of in real time.Cyber incident logs are operational records. The time-of-detection gap between when the alert fired and when you documented it is exactly the metric that post-incident reviews measure — and the CMS non-rate whose end-of-watch entry says '0300 (approximately)' is the entry that generates follow-up questions in the incident review the following day.
- Plugging a personally-owned device or uncleared media into any government system in the unit, including to charge a phone.The classified lab is not a phone charging station. The security violation report is generated automatically on most systems; the CMS2 and the CGCYBER security officer get the notification before you finish the explanation. This is not a nuanced situation — there is no approved exception.
Career Decisions at This Rank
- Pursue CMS A-school designation at first unit versus striking for a different rating.The CMS rating is new and the pipeline is still establishing norms — which is both the risk and the opportunity. The risk: career advancement structures (SWE cutting scores, broadening assignment options, senior billet availability) are still being built, and the comparisons to more established ratings are difficult. The opportunity: the CMS non-rate who performs well at CGCYBER and earns early trust in a small, technically specialized community gets noticed faster than a non-rate in a rating with 2,000 members. If you have genuine interest in network defense work and can demonstrate the information security habits the CGCYBER watch floor requires, the CMS pipeline is the right call. If you are there because it sounded technical and interesting but the security discipline does not come naturally, lateraling to OS, IT, or ME before the A-school designation is the honest move.
- First reenlistment / EAOS conversation — stay in CMS, lateral to another rating, or separate.The CMS first reenlistment window arrives roughly 6-12 months before your first contract end. The Selective Reenlistment Bonus (SRB) for CMS varies by authorization year — verify the current SRB authorization via the most recent CGPSC ALCGENL message for the rating; do not plan around what you heard from someone last year. The compelling argument to stay: an active security clearance plus DoD 8570.01-M certifications plus operational CPT experience plus the CMS rating crow is a credential combination that the federal civilian and contractor markets pay well for — and building it on the government's dime for four to six years is a better investment than most. The compelling argument to leave: the CMS community is small enough that billet options are narrow, some members find shore-based cyber work unsatisfying compared to what they imagined, and the advancement competition in a small new rating can feel opaque. Decide based on the actual job, not on what the SRB number looks like in isolation.
- Pursue the Security+ immediately versus waiting until closer to the SWE or A-school class date.Get it done immediately. The Security+ is not a pre-requisite to checking in, but it is the IAT Level I floor credential for the work role the rating fills, and the chain of command that writes your first EER is checking whether you pursued it. The cost of waiting is the EER block that says 'working toward' instead of 'completed' — and in a new rating where every performance input is visible, that difference matters. The Security+ is a 90-day project for a motivated non-rate; start the study plan the first week you check in.
How the Seat Varies by Unit Type
- CGCYBER (Coast Guard Cyber Command, Hampton Roads, VA)The main CGCYBER installation is the canonical first assignment for CMS personnel. The watch floor, the CPT elements, and the classified operational environment are here. For the non-rate, CGCYBER means a shore-based technical billet with a meaningful operational mission — real incident logs, real SIEM consoles, real CPT mission prep — and the small-unit environment where the senior CMS petty officers know every junior member's PQS status by name. The CGCYBER watch floor is where the CMS rating norms are being built in real time.
- District or Area cyber element (subordinate to CGCYBER)Some CMS billets sit at District or Area staff cyber positions rather than directly at CGCYBER. The work is still network defense and cyber mission support, but the watch-floor structure and the peer CMS community are smaller. The non-rate at a District billet may have fewer CMS2s and CMS3s immediately above them to learn from — which means the PQS and certification work has to be more self-directed. The advantage: the chain of command at a small District element is often more directly involved in the non-rate's qualification progress because the team is so small.
- Joint or DHS-adjacent billet (future option, not typical at E1-E3)CMS personnel at more senior paygrades may be assigned to joint cyber tours or DHS CISA adjacent billets. At E1-E3 this is not a realistic assignment option, but knowing it exists helps frame the career arc. The non-rate who builds the foundational watch-floor skills and the certification baseline at CGCYBER is the one who will eventually be competitive for the joint or broadening assignment at CMS2 or CMS1.
What Good Looks Like at This Rank
The good CMS non-rate is the striker the CMS2 invites into the working session even when there is no PQS line to sign, because the kid's log entries from the previous watch are clean and specific enough to brief from, and the questions they ask are about the alert disposition logic rather than about what time lunch starts. The Security+ exam is scheduled before anyone asks when it will be scheduled. The PQS spreadsheet exists and is updated. The workspace is locked every time the striker walks away from the console.
What the good CMS non-rate is not is loud about it. The CGCYBER watch floor is a small, tight community that notices who reads the operational directives and who does not, who demonstrates information security habits and who has to be reminded, who arrives with intellectual curiosity about how the network defense mission works and who is waiting to be handed tasks. The striker who earns early trust is the one who demonstrates they understand why the security rules exist — not just that they exist.
By the time the A-school designation posts and the class date arrives, the good CMS striker has the Security+ done or scheduled with a test date, the PQS is visibly ahead of the class date, the CGCYBER watch supervisor has already written the EER input about the striker who logged alerts in real time and asked the right question in the debrief, and the CMS2 is making a phone call to the schoolhouse to say this member is worth the seat.
Preview — The Next Rank
CMS3 is the first paygrade with the rating crow and the first paygrade where you are a Petty Officer in the Coast Guard rating structure with actual watch authority and a section of non-rates to supervise and sign PQS for. The SWE under COMDTINST M1000 series is the gate — a competitive multiple-choice exam covering CMS rating knowledge, military requirements, and leadership topics, with cutting scores published by CGPSC for each SWE cycle. Verify the current CMS SWE schedule and the rating-specific bibliography against the current ALCGPSC advancement message; the rating is new enough that the cycle cadence and bibliography have been updated more frequently than legacy ratings.
What actually changes at CMS3 is not the work — the alert queue and the incident logs look the same. What changes is the accountability. As a CMS3 you stand the watch with real authority over the non-rates and strikers on your section, you sign PQS lines that affect someone else's qualification progress, and you write the first round of training records for the personnel below you. The IAT Level II baseline certification (CompTIA CySA+ or equivalent) is the next credential tier and it has a direct line to your SWE score and your EER block — the CMS3 who shows up with only a Security+ and no plan for CySA+ is the CMS3 who loses the advancement cycle to the CMS3 who scheduled the exam six months ago.
FAQ
CMS E1-E3 — Frequently Asked Questions
Q01What does a E1-E3 CMS (Cyber Mission Specialist) actually do?
You came out of TRACEN Cape May after eight weeks and reported to CGCYBER (Coast Guard Cyber Command) or a District cyber protection team as a non-rated Coastie striking for CMS.
Q02What's the most important thing to know as a E1-E3 CMS?
CMS is one of the newest ratings in the Coast Guard — established around 2023 — which means the A-school pipeline, the PQS, and the career norms you are stepping into are still being codified as you walk into them.
Q03What does a typical day look like for a E1-E3 CMS?
Time-blocked day at the E1-E3 CMS rank tier: 0530-0600 Wake up; check personal communications before entering the classified workspace; coffee at the facility break area. Quick gear and security badge check before quarters, 0600 Morning quarters / muster. Accountability called, watch turnover brief for the incoming section. Non-rate reports to the watch supervisor for the day's tasking, 0600-0700 Unit PT formation or individual PT in accordance with the unit's schedule. CMS units run PT on the same CG-wide cycle as any other unit — typically Mon/Wed/Fri unit PT, Tue/Thu individual,…
Q04What mistakes get E1-E3 CMS soldiers fired or relieved?
Security violation at the non-rate level — classified handling error, unauthorized media, workstation left unlocked in a classified space. One incident at this paygrade is a designation denial; in a small rating, it is also the story that follows you to every unit; OPSEC breach — posting unit details, network configuration specifics, or watch schedule information on social media or in personal messages. CGCYBER's operational posture is not a conversation topic outside of authorized channels,…
Q05What career decisions matter most at the E1-E3 CMS rank tier?
Pursue CMS A-school designation at first unit versus striking for a different rating — The CMS rating is new and the pipeline is still establishing norms — which is both the risk and the opportunity. The risk: career advancement structures (SWE cutting scores, broadening assignment options, senior billet availability) are still being built, and the comparisons to more established ratings are difficult. The opportunity: the CMS non-rate who performs well at CGCYBER and earns early trust in a small,…
Q06What's next after E1-E3 for a CMS (Cyber Mission Specialist) in the Coast Guard?
CMS3 is the first paygrade with the rating crow and the first paygrade where you are a Petty Officer in the Coast Guard rating structure with actual watch authority and a section of non-rates to supervise and sign PQS for.
Q07What manuals and regulations does a E1-E3 CMS need to know cold?
DoDD 8140.01 — Cyberspace Workforce Management (the DoD directive governing the credentialing and qualification framework the CMS rating trains inside; verify the current edition on the DoD Issuances website).; DoD 8570.01-M — Information Assurance Workforce Improvement Program (the implementing manual for baseline certifications by IA role category; verify the current edition — DoD 8140 supersedes portions but 8570.01-M baseline cert tables remain operationally referenced).;…
This playbook has no tips yet. Be the first to share what you know.
Published by the Honest MOS Editorial DeskVerified against DoD/.gov sourcesUpdated May 2026Editorial standards