Advice is fairly standard: don't make your main account an Admin account, give your password out sparingly to apps that ask for it, try to use only sandboxed apps (i.e. from the App Store), don't turn on un-needed services (these are mostly in the Sharing pane in System Preferences). If you don't like Apple's default firewall rules, I believe OS X has BSD-standard ipfw installed by default, so you can use that and modify it to your liking.
Mostly, though, I'd say don't panic. Keep OS X updated and you should be fine (inc. Flash if you use it in Safari, and keep rarely-used web plugins disabled by default). Zero-days are always a worry, but you'll never see them coming by definition, so there's not a lot you can do about it...
[Note, I am by no means an expert]
Edit: and, as another poster said, enable FileVault. It's a great, stable and fast (on modern Macs, any slow-down should be imperceptible to the user) protection against casual data theft if someone steals your computer.
I can't offer exactly domain advice. I don't use OSX myself. But I can offer board advice. Learn the options, learn what they do, learn why they do that, and what you gain.
Basically never trust a computer to keep you safe on its own, if it promises to its likely lying (or OpenBSD).
Mostly, though, I'd say don't panic. Keep OS X updated and you should be fine (inc. Flash if you use it in Safari, and keep rarely-used web plugins disabled by default). Zero-days are always a worry, but you'll never see them coming by definition, so there's not a lot you can do about it...
[Note, I am by no means an expert]
Edit: and, as another poster said, enable FileVault. It's a great, stable and fast (on modern Macs, any slow-down should be imperceptible to the user) protection against casual data theft if someone steals your computer.