About SOMA

Johnny has more than 30 years of information technology (IT) experience. Most of his operational experience was acquired during active duty in the U.S. Air Force and DoD projects where he was a system engineer over multiple platforms, as well as a chief information security officer (CISO). 

He focuses on cybersecurity, payment card industry audits, IT audits, system security, policy, procedure, business continuity, and disaster recovery reviews for various industries, including healthcare organizations, financial institutions, and institutions of higher learning.

Before establishing SOMA Cyber, Johnny was a director at one of the nation’s largest accounting and consulting firms where he established new business practices and service lines while building a team of well-trained security professionals. Prior to joining his previous firm, Johnny was senior engineer for a large IT company that managed a sizable international project for the U.S. Department of Defense. In addition to leading network and datacenter administration teams, he was responsible for system audits, security, and network accreditation. He also served as the chief operating officer (COO) for a regional broadband development company where he directly managed all installation and IT personnel, as well as overseeing network security and product development. 

Johnny also taught basic and advanced network design, network security, and routing administration for Cisco Networking Academy at Arkansas State University. He holds Payment Card Industry Qualified Security Assessor (PCI-QSA), Certified Information Security Manager® (CISM®), Certified Information Systems Auditor® (CISA®), and CompTIA Security+ certifications. 

Johnny is a retired member of the United States Air Force and a graduate of Mid-America Christian University, Oklahoma City, Oklahoma, with a B.S. degree in business management.

  With a career spanning over 20 years in Information Technology (IT), Braden is an accomplished consultant in cybersecurity, IT risk management, and control assessments. He leads various cybersecurity initiatives, including internal and external network security assessments. Braden also holds the Certified Information Systems Auditor® (CISA®) designation and actively contributes to both ISACA® and the Arkansas Infosec community. 

Before establishing SOMA Cyber, Braden accumulated a diverse set of experiences across multiple sectors through a successful IT career, including a role as a Managing Consultant at one of the nation’s largest accounting and consulting firms.

His professional journey began with service in the United States Air Force as a Systems Administrator, Information Assurance Manager, and IT asset management specialist. He later transitioned to government contracting, where he managed IT systems for a significant international project under the U.S. Department of Defense. His industry experience also extends to the telecommunications and financial sectors, including a lead role in managing IT systems at a major bank in Little Rock, Arkansas. Braden found a specialized focus when he joined a large national advisory firm in 2015, becoming a Managing Consultant in IT Risk Services. In this capacity, he conducted comprehensive IT audits in compliance with Internal Controls over Financial Reporting (ICFR), Sarbanes-Oxley (SOX) control assessments, and Information Technology General Controls (ITGC) reviews specifically targeted at financial institutions. It is here that he also evolved into a dedicated penetration tester. 

With over a decade of specialized experience in IT security, Braden excels in identifying and rectifying security vulnerabilities to protect organizational assets. In addition to his professional responsibilities, he remains committed to continuous learning and skill enhancement, actively participating in cybersecurity Capture the Flag (CTF) hacking competitions to sharpen his skills.  

 Sarah brings nearly 20 years of experience in writing, editing, quality assurance, and instructional design to her role at SOMA Cyber, where she plays a key part in the review and finalization of client deliverables. Sarah has spent the last several years working in the information security and compliance field with SOMA Cyber and has quickly become a vital member of the consulting team. Sarah has quickly gained strong familiarity with industry standards and regulatory frameworks through hands-on engagements with SOMA’s audit and assessment team. Her rapid growth in cybersecurity knowledge, combined with meticulous attention to detail, ensures the consistency, clarity, and professionalism of SOMA’s work products.

Prior to joining SOMA Cyber, Sarah served as a Senior Instructional Systems Designer supporting the Army National Guard. In this role, she developed interactive, SCORM-compliant web-based training programs and led a team responsible for ensuring technical accuracy and adherence to established standards. Her ability to translate complex subject matter into accessible, user-friendly content is a strength she now applies to the documentation and reporting processes at SOMA.

Sarah has also held key administrative and editorial roles in both the private and public sectors. She has worked with accounting firms and nonprofit organizations on organizational projects and curriculum development and served as a Certified Government Administrative Manager. Her background includes freelance editing for books, grant proposals, and technical documents—experience that is reflected in her commitment to excellence in every project she supports.

She holds a bachelor’s degree in English and Spanish from Arkansas Tech University and a master’s degree in Organizational Leadership from Gonzaga University.