[XorNot]

This isn't too hard - Git supports folder path separated config settings, so usually I just have a "foss" and "work" profile.

More annoying can be commit signing, but this is actually something GPG has baked right into it - I issue and sign a new key with my work email address while I'm there, and when I quit revoke the key as superceded (and set the expiry to roughly my contract renewal period/performance eval period).

The real problem is corporate IT doesn't understand encryption or signing beyond how their vendors pitch it too them as "secure" so trying to extend any of this to actually support business processes is a losing battle.