Built to guide the Defense Industrial Base through CMMC 2.0.
Our Mission
Quantum Shield Consulting exists to help small and mid-sized defense contractors achieve and maintain CMMC 2.0 readiness without the confusion, bloat, or runaway costs that often come with compliance work.
We believe the Defense Industrial Base is strongest when its smallest contractors can compete on a level playing field. That means clear guidance, honest pricing, and advisory services built around your actual scope — not a generic checklist sold to every client.
Every engagement is grounded in the CMMC 2.0 framework, the NIST SP 800-171 control family, and the Code of Professional Conduct required of every Registered Practitioner.
What is a Registered Practitioner?
A Registered Practitioner (RP) is an individual who has been trained and authorized by the Cyber-AB — the official CMMC Accreditation Body — to provide non-certified advisory services to organizations preparing for CMMC certification.
RPs help Organizations Seeking Certification (OSCs) understand the CMMC model, identify compliance gaps, and develop remediation strategies in advance of a formal assessment conducted by a C3PAO.
Every RP completes Cyber-AB-approved training, passes a background screen, and commits to the Cyber-AB Code of Professional Conduct — a standard of integrity and competence you can verify and rely on.
A methodical path from uncertainty to assessment-ready.
Discover
We start by mapping your environment: FCI and CUI footprint, scope boundaries, enclave options, and current security posture.
Assess
A structured gap analysis against all 110 NIST SP 800-171 controls. You get a clear picture of what's in place, what's missing, and what matters most.
Remediate
Prioritized remediation planning with a focus on achievable wins. Policy drafting, SSP authoring, POA&M management, and evidence collection.
Prepare
Pre-assessment dry runs, documentation review, and stakeholder coaching so your team walks into the C3PAO engagement with confidence.
Meet the Founder
CMMC Certification Program
Fifteen years. One mission: building cybersecurity programs that hold up under federal scrutiny.
Quantum Shield Consulting was founded by Steven J. Kalz, a cybersecurity engineer with over 15 years of comprehensive experience from distinguished service in the United States Air Force and federal contracting. Steven holds an active Top-Secret / SCI clearance and is a Cyber-AB Registered Practitioner authorized to provide CMMC 2.0 advisory services.
His background spans the full lifecycle of federal cybersecurity: standing up Authorization-To-Operate (ATO) packages from zero to 100% completion, serving in dual ISSO/ISSM roles on Trusted Systems and Networks programs, and performing Security Control Assessments on classified systems across NIPR and SIPR environments. Steven currently serves as a Cybersecurity Engineer SME on the DISA JWCC Governance, Risk & Compliance program — the contract vehicle that governs cloud services for the entire Department of Defense.
Areas of Expertise
NIST SP 800-53, NIST SP 800-171, RMF, CMMC 2.0, FIPS 199/200, ISO 27001, ITIL, PCI DSS, SOX, GDPR
SCAP scans, STIGs, ACAS, vulnerability management, threat modeling, Zero Trust Architecture, security audits
SSPs, POA&Ms, SARs, RARs, CONOPS, Compliance Self-Tests, System Categorization, Trusted Facility Manuals
AWS, Azure, Google Cloud, Oracle Cloud, IaaS / PaaS / SaaS security, IL2–IL6 environments
Xacta, eMASS, Confluence, Jira, SIEM, IDS/IPS, vulnerability scanners, endpoint security solutions
Strategic advisory, cross-agency collaboration, stakeholder communication, team mentorship, security governance
Education
- Doctoral Student, Information Technology University of Texas at San Antonio
- Master's, Information Technology — Cybersecurity University of Texas at San Antonio
- B.S., Aeronautics Embry-Riddle Aeronautical University · Minors in UAV Operations and Management
- Associate's, Information Systems Technology Community College of the Air Force
- Associate's, Electronics Systems Technician Community College of the Air Force
Certifications & Honors
- Cyber-AB Registered Practitioner (RP) CMMC 2.0 Advisory Services
- CompTIA Security+ (SY0-601)
- ISC2 Certified in Cybersecurity
- Six Sigma Yellow Belt / Green Belt Process improvement & quality management
- USAF Airman Leadership School — Distinguished Graduate
Credentials matter. So does how you work with people.
The RP designation sets a floor for competence and ethics. What you get with Quantum Shield goes further: direct access to the consultant doing your work, transparent pricing scoped to your situation, and advisory engagements built around your timeline — not ours.
We're selective about the clients we take on so that the clients we have get the attention they deserve. If CMMC 2.0 is on your roadmap, let's have a conversation.
Get in TouchSee what we can do for you.
Review our service offerings or schedule a consultation to discuss your specific needs.