diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
index 404e34b8f1a..7a9497470d7 100644
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -9,7 +9,10 @@
 # the `language` matrix defined below to confirm you have the correct set of
 # supported CodeQL languages.
 #
-name: "CodeQL"
+name: "CodeQL Security Scanner"
+
+env:
+  java: 11
 
 on:
   push:
@@ -47,15 +50,22 @@ jobs:
           # Prefix the list here with "+" to use these queries and those in the config file.
           # queries: ./path/to/local/query, your-org/your-repo/queries@main
 
-      - name: Test with Java 11
+      - name: Set up JDK ${{ env.java }}
         uses: actions/setup-java@v1
         with:
-          java-version: 1.11
+          java-version: ${{ env.java }}
+
+      - name: Cache Maven packages
+        # FIXME(@JonasCir) #3733 remove '**/*.pom' once serverlib pom is renamed
+        uses: actions/cache@v2
+        with:
+          path: ~/.m2
+          key: ${{ runner.os }}-java-${{ env.java }}-m2-${{ hashFiles('**/pom.xml', '**/*.pom') }}
+          restore-keys: ${{ runner.os }}-java-${{ env.java }}-m2
 
       - name: Build with Maven
-        run: |
-          cd sormas-base
-          mvn install -B -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=warn -DskipTests
+        working-directory: ./sormas-base
+        run: mvn verify -B -ntp -DSkipTests
 
       - name: Perform CodeQL Analysis
         uses: github/codeql-action/analyze@v1