They likely already have a number of 0-day protocol, hardware and kernel level software vulnerabilities for the majority of modern OS, so I advice to reconsider the threat model.
This is mostly a choice of responsibility.
You rely either on a commercial platform vendor, or on community and your own knowledge and skills.
The fact you are here indicates you are inclined towards the second option.
So, select a platform that you can study well enough to maintain a decent level of security.
To minimize the overhead, you can use the criteria of interoperability between the home and work tasks.
In my opinion, a good option is to use/join open source hardware and software projects with large enough communities.
The rest is up to you and depends on how much time can you afford to invest in your own education and your system configuration.