Brandon Chanco

Enterprise security leader for a Top Secret–cleared, SBA-certified woman-owned DoD firm; owns security strategy, risk governance, the DCSA/FSO program, and CMMC posture.

• Sets and executes enterprise security strategy as the senior security authority to the executive team
• Owns the RMF authorization lifecycle for multiple DevSecOps platforms: SSP development, control implementation, and continuous monitoring, driving systems to authorization
• Built the company's security policy framework and governance, aligned to NIST 800-53 and CMMC Level 2
• Leads a team of security architects securing AWS and Kubernetes infrastructure to DoD mission standards while preserving platform scalability

Security strategy advisor to the BESPIN CISO across the platform ecosystem.

• Set security architecture and compliance strategy across the BESPIN platform ecosystem
• Defined a secure-platform proof of concept and growth roadmap to expand BESPIN offerings across DoD, incorporating FedRAMP and IL5 requirements
• Led RMF and platform authorization efforts for multiple AWS DevSecOps environments

Authorization lead for critical DoD systems spanning Impact Levels 2 through 6.

• Directed ATO efforts across IL2–6: gap analyses, POA&M remediation, and authorization for critical DoD systems
• Drove Zero Trust adoption via Next-Generation Firewalls and Software-Defined Perimeter
• Established policy-based access controls in Kubernetes for secure, scalable deployment across AWS and Azure
• Led “Big Bang” integration strategies that delivered rapid, low-downtime security upgrades

Federal lead of IBM's enterprise compliance program for the government market.

• Built and led IBM's Federal Program, defining the strategy to align 500+ products with FedRAMP and FISMA for government market access
• Directed gap analyses against NIST 800-53, guiding software teams through remediation and evidence collection
• Embedded compliance into product architecture reviews early in the lifecycle, accelerating ATO timelines
• Shaped multi-cloud compliance strategy across AWS, Azure, GCP, Oracle, and IBM Cloud; influenced roadmaps for IoT, AI/ML, and Kubernetes capabilities

CIO-office program lead for global voice infrastructure and the Kyndryl carve-out.

• Led global voice infrastructure strategy within the CIO office for 300,000 employees across 100+ campuses
• Led the Kyndryl spin-off bifurcation, separating network, voice, and billing across global campuses with zero service disruption
• Global Change Manager for Call Control; led CAB reviews and assessed contracts, SOWs, and vendor security posture to drive savings

Led a 5-engineer team across monitoring, incident response, architecture, and policy for a classified DoD VoIP environment.

• Designed and deployed a NIST-compliant secure VoIP solution to ATO for a critical DoD program at IL6; authored runbooks and DRP/BCP

Led build, security, and operations of a Hosted Collaboration Solution for multiple DoD entities, including NOC Tier 1–3 training and client onboarding.

• Drove Cisco products through DISA APL and STIG processes; supported 20K+ end users and earned seven peer awards in ten months

Led a 5-person team modernizing USAF base infrastructure: replacing legacy systems, executing network upgrades, and resolving ~1,000 tickets annually.