Create a security projects tracked context on first security scan ingestion if none present

In this comment, @bwill identified a distinct inefficiency in the already implemented approach to creating security_project_tracked_context records during the creation of projects.

Rather than fill the db with records that are not useful unless the project is actively utilizing security scan behaviour, we're proposing to rather create one by default if one is not present during the ingestion of security data.

We should, however, continue to note that this behavior may be temporary, as the implementation of the quota system may preempt the creation of a new tracked context if the tracking quota for the respective organization is full.