diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml
new file mode 100644
index 0000000..a3a4b09
--- /dev/null
+++ b/.github/workflows/security.yml
@@ -0,0 +1,34 @@
+name: Security
+
+on:
+  # Run on all pushes and on all pull requests.
+  push:
+  pull_request:
+  # Also run this workflow every Monday at 6:00.
+  schedule:
+    - cron: '0 6 * * 1'
+  # Allow manually triggering the workflow.
+  workflow_dispatch:
+
+# Cancels all previous workflow runs for the same branch that have not yet completed.
+concurrency:
+  # The concurrency group contains the workflow name and the branch name.
+  group: ${{ github.workflow }}-${{ github.head_ref }}
+  cancel-in-progress: true
+
+jobs:
+  security:
+    name: 'Security check'
+    runs-on: ubuntu-latest
+
+    # Don't run the cronjob in this workflow on forks.
+    if: github.event_name != 'schedule' || (github.event_name == 'schedule' && github.repository_owner == 'Yoast')
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v2
+
+      # This action checks the `composer.lock` file against known security vulnerabilities in the dependencies.
+      # https://github.com/marketplace/actions/the-php-security-checker
+      - name: Run Security Check
+        uses: symfonycorp/security-checker-action@v2
diff --git a/.travis.yml b/.travis.yml
index f112dec..f27c19d 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -12,7 +12,7 @@ jobs:
   fast_finish: true
   include:
     - php: 7.4
-      env: PHPLINT=1 SECURITY=1
+      env: PHPLINT=1
     - php: 5.6
       env: PHPLINT=1
     - php: 8.0
@@ -50,14 +50,12 @@ cache:
 
 before_install:
 - if [[ "$COVERAGE" != "1" ]]; then phpenv config-rm xdebug.ini || echo 'No xdebug config.'; fi
-- export SECURITYCHECK_DIR=/tmp/security-checker
 
 install:
 - |
   if [[ "$PHPLINT" == "1" ]]; then
     composer install --no-interaction
   fi
-- if [[ "$SECURITY" == "1" ]]; then wget -P $SECURITYCHECK_DIR https://github.com/fabpot/local-php-security-checker/releases/download/v1.2.0/local-php-security-checker_1.2.0_linux_amd64 && chmod +x $SECURITYCHECK_DIR/local-php-security-checker_1.2.0_linux_amd64;fi
 
 before_script:
 - export -f travis_fold
@@ -79,6 +77,3 @@ script:
   if [[ "$PHPLINT" == "1" ]]; then
     composer lint
   fi
-
-# Check for known security vulnerabilities in the currently locked-in dependencies.
-- if [[ "$SECURITY" == "1" ]]; then $SECURITYCHECK_DIR/local-php-security-checker_1.2.0_linux_amd64 --path=$(pwd)/composer.lock;fi