diff --git a/README.md b/README.md
index 6830909..5dcc308 100644
--- a/README.md
+++ b/README.md
@@ -36,12 +36,13 @@ This assumes `SECRET_DETECTION_DISABLED` variable is already defined in `.gitlab
 
 ### Inputs
 
-| Input | Default value | Description |
-| ----- | ------------- | ----------- |
-| `stage` | `test` | The stage where you want the job to be added. |
-| `image_prefix` | `$CI_TEMPLATE_REGISTRY_HOST/security-products` | Override the name of the Docker registry providing the default images (proxy). |
-| `image_tag` | `5` | Override the default version of the `secrets` analyzer image. |
-| `image_suffix` | `""` | Suffix added to the image name. If set to -fips, [FIPS-enabled images](https://docs.gitlab.com/ee/user/application_security/secret_detection/#use-fips-enabled-images) are used for scan. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/355519) in GitLab 14.10. |
+| Input              | Default value | Description |
+|--------------------| ------------- | ----------- |
+| `stage`            | `test` | The stage where you want the job to be added. |
+| `image_prefix`     | `$CI_TEMPLATE_REGISTRY_HOST/security-products` | Override the name of the Docker registry providing the default images (proxy). |
+| `image_tag`        | `5` | Override the default version of the `secrets` analyzer image. |
+| `image_suffix`     | `""` | Suffix added to the image name. If set to -fips, [FIPS-enabled images](https://docs.gitlab.com/ee/user/application_security/secret_detection/#use-fips-enabled-images) are used for scan. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/355519) in GitLab 14.10. |
+| `use-mr-pipelines` | `false` | Set to `true` to enable `secret-detection` job to run on Merge Request Pipelines in addition to Branch Pipelines (except where there is an open MR on that Branch) |
 
 ### Variables
 
diff --git a/templates/secret-detection.yml b/templates/secret-detection.yml
index abe599b..63f36ec 100644
--- a/templates/secret-detection.yml
+++ b/templates/secret-detection.yml
@@ -8,9 +8,30 @@ spec:
       default: '6'
     image_suffix:
       default: ""
+    use-mr-pipelines:
+      description: "If set to `true` secret-detection jobs run on MR Pipelines"
+      type: boolean
+      default: false
 ---
 
+.secret-detection-rules:true:
+  rules:
+    # If there is an open MR on this branch do not run the job on a "Push" pipeline
+    # https://docs.gitlab.com/ee/ci/pipelines/mr_pipeline_troubleshooting.html#two-pipelines-when-pushing-to-a-branch
+    - if: $CI_COMMIT_BRANCH && $CI_OPEN_MERGE_REQUESTS
+      when: never
+    - if: $CI_COMMIT_TAG
+      when: never
+    - when: always
+
+.secret-detection-rules:false:
+  rules:
+    - if: $CI_COMMIT_BRANCH
+      when: always
+    - when: never
+
 secret_detection:
+  extends: '.secret-detection-rules:$[[ inputs.use-mr-pipelines ]]'
   stage: $[[ inputs.stage ]]
   image: "$[[ inputs.image_prefix ]]/secrets:$[[ inputs.image_tag ]]$[[ inputs.image_suffix ]]"
   services: []
@@ -23,7 +44,5 @@ secret_detection:
   artifacts:
     reports:
       secret_detection: gl-secret-detection-report.json
-  rules:
-    - if: $CI_COMMIT_BRANCH
   script:
     - /analyzer run