Admin Tools for WordPress will help you a lot towards a secure WordPress installation.
We did our research and we came up with the equivalent of .htaccess Maker for WordPress. That's what really
helps securing your site since it blocks access to most random named files.
On top of that, we applied the concept of our web application firewall on WordPress. Except for a few universal things (such as SQLiShield and RFIShield) all of the features were rewritten to be relevant to WordPress.
Admin Tools for WordPress is currently in beta. You can subscribe to the beta
Regarding WooCommerce, having seen the code and how they treat data originating from the user I am not very confident about it being super secure. At least they respond very fast to security issues. Unfortunately you have little other choice on WordPress. It's a bit like VirtueMart back in the Joomla! 1.5 days: not really good but the alternatives are probably worse. I'm not opposed to using it, just keep regular backups.