Security != Configuration Management
I'm a *nix head so I admit my bias, may colour my opinion.
Terraform / Ansible / PXE lets you image and provision.
The rest is testing, monitoring, and documenting the process for improving.
I can hire experts to pour over the source code, and make fixes for me. I can't do that for windows without serious cash, which makes it out of reach for a lot of firms.
Systems are complicated to manage properly but it's considerably more tractable a problem on Linux/*BSD kit.
The key things are the ability to nuke and pave, and relentless focus on improving cycle time.
Yes, real world systems require managing/securing and maintaining.
That's the profession, it's tractable on Linux, it's possible on Windows.