diff --git a/.zuul.yaml b/.zuul.yaml
index 70992e1..32cb24e 100644
--- a/.zuul.yaml
+++ b/.zuul.yaml
@@ -21,12 +21,14 @@
     check:
       jobs:
         - openstack-tox-pep8
+        - spyglass-dependency-vulnerability-check
         - spyglass-docker-build-gate-ubuntu_xenial
         - spyglass-docker-build-gate-ubuntu_bionic
         - spyglass-docker-build-gate-opensuse
     gate:
       jobs:
         - openstack-tox-pep8
+        - spyglass-dependency-vulnerability-check
         - spyglass-docker-build-gate-ubuntu_xenial
         - spyglass-docker-build-gate-ubuntu_bionic
         - spyglass-docker-build-gate-opensuse
@@ -43,6 +45,15 @@
       - name: primary
         label: ubuntu-xenial
 
+- job:
+    name: spyglass-dependency-vulnerability-check
+    parent: openstack-tox
+    voting: false
+    timeout: 600
+    nodeset: spyglass-single-node
+    vars:
+      tox_envlist: safety
+
 - job:
     name: spyglass-docker-build-gate-ubuntu_xenial
     timeout: 1800
diff --git a/tox.ini b/tox.ini
index 2a308b1..de170df 100644
--- a/tox.ini
+++ b/tox.ini
@@ -1,5 +1,5 @@
 [tox]
-envlist = py36, py37, pep8, docs, cover
+envlist = py36, py37, pep8, safety, docs, cover
 minversion = 2.3.1
 skipsdist = True
 
@@ -39,12 +39,11 @@ commands =
   yapf -dr {toxinidir}/spyglass {toxinidir}/setup.py {toxinidir}/tests
   flake8 {toxinidir}/spyglass {toxinidir}/tests
   bandit -r spyglass -n 5
-  pipenv check
-  safety check -r {toxinidir}/doc/requirements.txt --bare
 whitelist_externals =
   bash
 
 [testenv:safety]
+basepython = python3
 deps =
   pipenv
   safety
@@ -54,6 +53,7 @@ commands =
   safety check -r {toxinidir}/doc/requirements.txt --full-report
 
 [testenv:bandit]
+basepython = python3
 deps =
     pipenv
 commands =