operating systems – How should GNU/Linux noobs harden their dekstop OS?

I’m interested in using GNU/Linux for different reasons. Partly for freedom, privacy, and security. But also to force myself to learn Linux. One issue I’ve found is that desktop Linux seems to have fairly poor security by default which is a little odd considering GNU/Linux is often recommended by security experts in certain circumstances. I looked into hardening Linux but that guide is clearly for very advanced users who have a lot of time on their hands. My threat model is sort of mixed. I’m not a highly targeted individual, but I also plan to do sensitive work with investigations and activism so security is still very important to me. I’m hoping to do everything on one laptop for monetary and practical reasons, so I want to avoid using a burner for my more sensitive work if possible. I’ve also looked into Qubes, but much like the previously mentioned hardened Linux guide, it looks like it is more for advanced users and it comes with a lot of usability issues.

Are there any simpler Linux hardening guides that still address many of the presented Linux security concerns? Or better yet a way to automate the “hardening” process? If it matters, I think I’m most comfortable using Linux Mint Cinnamon since that’s what I’ve used for some time, but I’m open to using anything that’s easy and just works out of the box with little to no configuration necessary.