diff --git a/.circleci/config.yml b/.circleci/config.yml
index 9f863a4f8..4940bf441 100644
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@@ -473,26 +473,3 @@ workflows:
             - basm-api-production
           requires:
             - hold_production
-
-  security:
-    triggers:
-      - schedule:
-          cron: "0 7 * * 1-5"
-          filters:
-            branches:
-              only:
-                - main
-    jobs:
-      - hmpps/gradle_owasp_dependency_check:
-          slack_channel: << pipeline.parameters.alerts-slack-channel >>
-          context:
-            - hmpps-common-vars
-      - hmpps/trivy_latest_scan:
-          slack_channel: << pipeline.parameters.alerts-slack-channel >>
-          context:
-            - hmpps-common-vars
-      - hmpps/veracode_policy_scan:
-          slack_channel: << pipeline.parameters.alerts-slack-channel >>
-          context:
-            - veracode-credentials
-            - hmpps-common-vars
diff --git a/.github/workflows/security_trivy.yml b/.github/workflows/security_trivy.yml
new file mode 100644
index 000000000..e97c89556
--- /dev/null
+++ b/.github/workflows/security_trivy.yml
@@ -0,0 +1,14 @@
+name: Security trivy dependency check
+
+on:
+  workflow_dispatch:
+  schedule:
+    - cron: "30 5 * * MON-FRI" # Every weekday at 05:30 UTC
+
+jobs:
+  security-kotlin-trivy-check:
+    name: Project security trivy dependency check
+    uses: ministryofjustice/hmpps-github-actions/.github/workflows/security_trivy.yml@v0.5 # WORKFLOW_VERSION
+    with:
+      channel_id: ${{ vars.SECURITY_ALERTS_SLACK_CHANNEL_ID || 'NO_SLACK' }}
+    secrets: inherit
diff --git a/.github/workflows/security_veracode_pipeline_scan.yml b/.github/workflows/security_veracode_pipeline_scan.yml
new file mode 100644
index 000000000..281f76d09
--- /dev/null
+++ b/.github/workflows/security_veracode_pipeline_scan.yml
@@ -0,0 +1,14 @@
+name: Security veracode pipeline scan
+
+on:
+  workflow_dispatch:
+  schedule:
+    - cron: "35 5 * * MON-FRI" # Every weekday at 05:35 UTC
+
+jobs:
+  security-veracode-pipeline-scan:
+    name: Project security veracode pipeline scan
+    uses: ministryofjustice/hmpps-github-actions/.github/workflows/security_veracode_pipeline_scan.yml@v0.5 # WORKFLOW_VERSION
+    with:
+      channel_id: ${{ vars.SECURITY_ALERTS_SLACK_CHANNEL_ID || 'NO_SLACK' }}
+    secrets: inherit
diff --git a/.github/workflows/security_veracode_policy_scan.yml b/.github/workflows/security_veracode_policy_scan.yml
new file mode 100644
index 000000000..fce67d461
--- /dev/null
+++ b/.github/workflows/security_veracode_policy_scan.yml
@@ -0,0 +1,14 @@
+name: Security veracode policy scan
+
+on:
+  workflow_dispatch:
+  schedule:
+    - cron: "30 5 * * 1" # Every Monday at 03:50 UTC
+
+jobs:
+  security-veracode-policy-check:
+    name: Project security veracode policy scan
+    uses: ministryofjustice/hmpps-github-actions/.github/workflows/security_veracode_policy_scan.yml@v0.5 # WORKFLOW_VERSION
+    with:
+      channel_id: ${{ vars.SECURITY_ALERTS_SLACK_CHANNEL_ID || 'NO_SLACK' }}
+    secrets: inherit