@PierreArowana
there can be a lot more to security than just code reviews. i.e. incident response, penetration testing, architecture reviews, protocol spec matching, economic verification, hardware, managed security, etc.
so, yes - i'd say you partially are. but there's often more to it.