diff --git a/requirements.txt b/requirements.txt
index 9a60bfe4..ff723b8d 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -5,4 +5,5 @@ packaging>=21.3
 pypng>=0.0.20
 PyYAML>=5,<7
 requests>=2.25.0,<3.0.0
+security~=1.2.0
 urllib3>=1.26.5,<2.0.0
diff --git a/sigopt/orchestrate/iam/service.py b/sigopt/orchestrate/iam/service.py
index 4f1683f1..06f6a62c 100644
--- a/sigopt/orchestrate/iam/service.py
+++ b/sigopt/orchestrate/iam/service.py
@@ -6,8 +6,8 @@
 
 import boto3
 import certifi
-import requests
 from OpenSSL import SSL
+from security import safe_requests
 
 from ..services.aws_base import AwsService
 
@@ -36,7 +36,7 @@ def describe_eks_role(self, role_name):
     return self.iam.Role(role_name)
 
   def get_thumbprint_from_oidc_issuer(self, oidc_url):
-    response = requests.get(f"{oidc_url}/.well-known/openid-configuration")
+    response = safe_requests.get(f"{oidc_url}/.well-known/openid-configuration")
     response.raise_for_status()
     keys_url = response.json()["jwks_uri"]
     parsed_url = urlparse(keys_url)