diff --git a/.github/workflows/security-scan.yml b/.github/workflows/security-scan.yml
new file mode 100644
index 0000000..b5efb06
--- /dev/null
+++ b/.github/workflows/security-scan.yml
@@ -0,0 +1,36 @@
+name: Security Scan
+
+on:
+  push:
+    branches: [main, develop]
+  pull_request:
+    branches: [main, develop]
+  schedule:
+    # 10:17 on Fridays
+    - cron: '17 10 * * 5'
+  workflow_dispatch:
+
+jobs:
+  analyze:
+    name: Analyze
+    runs-on: ubuntu-latest
+
+    strategy:
+      fail-fast: false
+      matrix:
+        language: ['javascript']
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v2
+
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@v1
+        with:
+          languages: ${{ matrix.language }}
+
+      - name: Autobuild
+        uses: github/codeql-action/autobuild@v1
+
+      - name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@v1
diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml
new file mode 100644
index 0000000..dfc6c1d
--- /dev/null
+++ b/.github/workflows/tests.yml
@@ -0,0 +1,47 @@
+name: Tests
+
+on:
+  push:
+    branches: [main, develop]
+  pull_request:
+    branches: [main, develop]
+  schedule:
+    # 00:00 on Saturdays
+    - cron: '0 0 * * SAT'
+  workflow_dispatch:
+
+jobs:
+  test:
+    name: Test
+    runs-on: ubuntu-latest
+
+    strategy:
+      fail-fast: false
+      matrix:
+        node-version: [10.x, 14.x]
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v2
+        with:
+          fetch-depth: '2'
+
+      - name: Test on Node ${{ matrix.node-version }}
+        uses: actions/setup-node@v1
+        with:
+          node-version: ${{ matrix.node-version }}
+
+      - run: npm install
+      - run: npm run lint
+      - run: npm run build
+      - run: npm run test
+
+      - name: Upload test coverage report to Codecov
+        uses: codecov/codecov-action@v1
+        with:
+          fail_ci_if_error: true
+
+      - name: Run Snyk to check for vulnerabilities
+        uses: snyk/actions/node@master
+        env:
+          SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
diff --git a/.travis.yml b/.travis.yml
deleted file mode 100644
index 3f43eb2..0000000
--- a/.travis.yml
+++ /dev/null
@@ -1,9 +0,0 @@
-language: node_js
-node_js:
-  - 'node'
-  - '10'
-script:
-  - npm run travisci
-cache:
-  directories:
-    - node_modules
diff --git a/README.md b/README.md
index 0afcf7f..46c65f4 100644
--- a/README.md
+++ b/README.md
@@ -3,7 +3,7 @@
 [![npm package](https://badge.fury.io/js/regex-to-strings.svg)](https://badge.fury.io/js/regex-to-strings)
 ![node version](https://img.shields.io/node/v/regex-to-strings.svg)
 ![npm type definitions](https://img.shields.io/npm/types/regex-to-strings)
-[![Build Status](https://travis-ci.org/wimpyprogrammer/regex-to-strings.svg?branch=main)](https://travis-ci.org/wimpyprogrammer/regex-to-strings)
+![Tests](https://github.com/wimpyprogrammer/regex-to-strings/workflows/Tests/badge.svg)
 [![codecov](https://codecov.io/gh/wimpyprogrammer/regex-to-strings/branch/main/graph/badge.svg)](https://codecov.io/gh/wimpyprogrammer/regex-to-strings)
 [![Known Vulnerabilities](https://snyk.io/test/github/wimpyprogrammer/regex-to-strings/badge.svg)](https://snyk.io/test/github/wimpyprogrammer/regex-to-strings)
 
diff --git a/package.json b/package.json
index 774c89a..4658c88 100644
--- a/package.json
+++ b/package.json
@@ -25,21 +25,22 @@
     "node": ">=10"
   },
   "scripts": {
-    "build": "npm run clean && babel src -d lib --extensions '.js,.ts' --ignore '**/*.spec.js','**/*.spec.ts' && npm run build-types",
-    "build-demo": "npm run clean-demo && webpack --config demo/webpack.config.js",
-    "build-types": "tsc -p ./tsconfig.release-types.json",
-    "clean": "rimraf lib/*",
-    "clean-demo": "rimraf demo/lib/*",
+    "build": "run-s clean:* build:*",
+    "build:src": "babel src -d lib --extensions '.js,.ts' --ignore '**/*.spec.js','**/*.spec.ts'",
+    "build:demo": "webpack --config demo/webpack.config.js",
+    "build:types": "tsc -p ./tsconfig.release-types.json",
+    "clean:src": "rimraf lib/*",
+    "clean:demo": "rimraf demo/lib/*",
     "format": "prettier --write '{src,demo/src}/**'",
-    "lint": "tsc -p ./tsconfig.release.json && eslint . --ext .js,.ts --report-unused-disable-directives --parser-options=project:./tsconfig.release.json",
-    "lint-demo": "tsc -p ./demo/tsconfig.json && eslint . --ext .js,.ts --report-unused-disable-directives --parser-options=project:./demo/tsconfig.json",
-    "lint-tests": "tsc -p ./tsconfig.test.json && eslint . --ext .js,.ts --report-unused-disable-directives --parser-options=project:./tsconfig.test.json",
+    "lint": "run-s lint:*",
+    "lint:src": "tsc -p ./tsconfig.release.json && eslint . --ext .js,.ts --report-unused-disable-directives --parser-options=project:./tsconfig.release.json",
+    "lint:demo": "tsc -p ./demo/tsconfig.json && eslint . --ext .js,.ts --report-unused-disable-directives --parser-options=project:./demo/tsconfig.json",
+    "lint:tests": "tsc -p ./tsconfig.test.json && eslint . --ext .js,.ts --report-unused-disable-directives --parser-options=project:./tsconfig.test.json",
     "precommit": "pretty-quick --staged",
     "prepublish": "npx publish-please guard",
     "publish-please": "npx publish-please",
     "publish-please-prereqs": "npm run lint && npm run test && npm run build",
-    "test": "jest --coverage",
-    "travisci": "npm run lint && npm run test && codecov && npx snyk test"
+    "test": "jest --coverage"
   },
   "devDependencies": {
     "@babel/cli": "^7.5.5",
@@ -66,6 +67,7 @@
     "jest": "^26.4.2",
     "jest-when": "^2.7.0",
     "node-sass": "^4.12.0",
+    "npm-run-all": "^4.1.5",
     "prettier": "1.18.2",
     "pretty-quick": "1.7.0",
     "rimraf": "^2.7.1",