The engineering requirements to build a branch of a company with the security needs of specialized SOC would be crazy endeavor and to the point that whatever comes of it would probably look as foreign to the main company's function than what currently exists. Having a separate non-profit agency handle these cases would not only allow for the agency's incentives to align, but also the overall security design approach to its facilities and internal networks. It's a win-win for both private and public interest imo.