What hardware setup do you use that you feel secure on? In my own searching I haven't found any off the shelf SoCs that have meaningfully more secure architectures. You either have IME or a garbage ARM based SoC that doesn't have an SMMU and forces you to fully trust your wifi card not to scribble over kernel memory. Most vendors really just don't care about system security. Maybe you should look into running your computer off an Ultrascale FPGA :)
Currently, my main workstation uses a Power 9 processor made by IBM, which is definitely much more expensive and much slower than modern Intel & AMD processors, but comes with the privilege of having a completely open ISA, open hardware schematics, and 100% open source firmware & microcode for the CPU itself.
I am not a big fan of ARM as many ARM chips have a TrustZone core, which is in the same camp as (CS)ME and AMD ST (PSP).
Fun fact: AMD ST (PSP) is actually implemented using an ARM TrustZone core.
