diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
new file mode 100644
index 00000000..b6a0db02
--- /dev/null
+++ b/.github/workflows/build.yml
@@ -0,0 +1,16 @@
+name: "Build"
+
+on:
+  push:
+    branches: [ main ]
+  pull_request:
+    types: [ labeled, opened, reopened, synchronize ]
+  schedule:
+    - cron: '45 12 * * 1'
+
+jobs:
+  build:
+    name: 'Gradle build'
+    uses: UKHomeOffice/sas-github-workflows/.github/actions/gradle-build-project@v2
+    with:
+      java_version: '17'
diff --git a/.github/workflows/trivy-scan.yml b/.github/workflows/trivy-scan.yml
index 61c0cadc..547308df 100644
--- a/.github/workflows/trivy-scan.yml
+++ b/.github/workflows/trivy-scan.yml
@@ -10,15 +10,8 @@ on:
 
 jobs:
   scan:
-    name: 'build + scan'
-    steps:
-      - name: 'Gradle build'
-        uses: UKHomeOffice/sas-github-workflows/.github/actions/gradle-build-project@v2
-        with:
-          java_version: '17'
-      - name: 'Trivy scans'
-        uses: UKHomeOffice/sas-github-workflows/.github/workflows/trivy.yml@v2
-        with:
-          severity: 'UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL'
-          checkoutSubmodule: true
-        secrets: inherit
+    uses: UKHomeOffice/sas-github-workflows/.github/workflows/trivy.yml@v2
+    with:
+      severity: 'UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL'
+      checkoutSubmodule: true
+    secrets: inherit