Add security scanning jobs to this pipeline?

I've realised that we do not have any of the container/dependency scanning jobs enabled directly on this pipeline, we are relying on other projects having them enabled to pick up any vulnerabilities/issues. I wonder if it would make sense to enable these jobs here at the source?

This will require a bit of trial and error to implement as this repo's pipeline is non-standard to accommodate the nature of creating all the different docker images dynamically etc.