Hi @junderw,
Checking with the OpenZeppelin Research team and their recommendation is either the latest Solidity 0.5 or Solidity 0.6 version of the compiler. Soon this will be changed to Solidity 0.6 or Solidity 0.7 latest versions.
They also recommend full unit testing, beta testing, bug bounties, monitoring, and paying close attention to all dependencies including the compiler for your smart contracts.