diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
index 2da340a70..84a42eb5b 100644
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -8,6 +8,10 @@ Please read through this document before submitting any issues
 or pull requests to ensure we have all the necessary information
 to effectively respond to your bug report or contribution.
 
+## Security issue notifications
+If you discover a potential security issue in this project we ask that you notify AWS/Amazon Security
+via our [vulnerability reporting page][vulnerability reporting].
+Please do **not** create a public github issue.
 
 ## Reporting Bugs/Feature Requests
 
@@ -63,12 +67,6 @@ This project has adopted the [Amazon Open Source Code of Conduct][code of conduc
 For more information see the [Code of Conduct FAQ][code of conduct faq] or contact 
 opensource-codeofconduct@amazon.com with any additional questions or comments.
 
-
-## Security issue notifications
-If you discover a potential security issue in this project we ask that you notify AWS/Amazon Security
-via our [vulnerability reporting page][vulnerability reporting].
-Please do **not** create a public github issue.
-
 ## Licensing
 
 See the [LICENSE][license] file for our project's licensing.
diff --git a/README.md b/README.md
index 9600031e8..338eb688b 100644
--- a/README.md
+++ b/README.md
@@ -3,6 +3,8 @@
 The AWS Encryption SDK for Javascript provides a fully compliant,
 native Javascript implementation of the [AWS Encryption SDK](https://docs.aws.amazon.com/encryption-sdk/latest/developer-guide/introduction.html)
 
+[Security issue notifications](./CONTRIBUTING.md#security-issue-notifications)
+
 ## Client Packages
 
 | Package | Description |