PaulyD,
Sounds like you've done just about everything an end-user can do to protect themselves except run a firewall. Being rooted, you could benefit from AFWall+ or one of the other iptables-based firewalls. I knew I had been pwned when the rules I kept trying to apply wouldn't stick and were allowing certain apps unlimited access no matter what I did. You'll also be protecting yourself from leakage from ad-based apps and google privacy rape. Remember that encryption is only helping you in the case you lose your phone, it's not going to prevent bad apps from reading your data (especially since you are rooted). Personally I would hate dealing with such a long complicated boot pw. If only my yubikey would work in my droid.. ugh.
The best defense is not having the most popular phone, running a stock ROM. *cough stupidgalaxys3ididntneedanyway*. I want to get an old school beater clamshell burner phone for my phone calls and texts. something with no browser, bluetooth, wifi or fun.