Thanks for the replies so far. From a technical security standpoint I'm comfortable. I use 2-factor authentication with a unique password. My browsers never save logins, etc.
I don't do paper anything, and shred what little does come my way, so not worried about identity theft in that manner.
As far as 'someone has to know your account number, SSN, and security questions'. That's how my cell phone got shut off, they knew all 3 of those. Since I've had it happen to me, social engineering is my biggest concern and the biggest hole I see (the whole human factor being the weakest thing). Security questions tend to be horrible public/widespread knowledge items, like your elementary school and mothers maiden name (or horrible, changing ones like 'your favorite actor'). I'll have to review what I have set up and see if I can create custom ones. The suggestion to make up fake answers and writing them down is good, as well. I've done this for sites in my password manager, but I don't have my financial sites in the password manager so haven't really thought to do it there.
I've thought about distributing across multiple institutions, since everything banking and investing is at one right now. Glad someone else does this, I won't feel overly paranoid if I go that way ;-)
Good idea on the text alerts for transactions over a dollar amount. I'll see if that's an option.