iOS is safer in terms of attack vector as far as I am aware (due to general restrictions and approval validation which is definitely more aggressive than on Android) but a silver bullet to attackers doesn't exist. You can go out in public wearing a bullet-proof vest 24/7 but only part of your body will be protected, the rest will still be vulnerable to bullets, and even the bullet-proof vest will become saturated depending on impact - vest or no vest you can still feel shock and pain.
If you're using the Safari browser you can run into phishing pages, if you're using e-mail you could become socially engineered by an e-mail scam campaign, JavaScript can still execute on the Safari browser (otherwise most of the websites in the world would not even work properly) and thus crypto-currency mining is still possible.
Good luck to anyone trying to find a virus for iOS, that will be impressive. Viruses spread via infection and this isn't going to generate any income even if an attacker managed to do this. On Android, you have a permission mechanism and it does work really well but when you install an application, you grant the application specific permissions to do what it is allegedly going to do, and thus if you install a rogue application... Now it has the permissions it needs.
On iOS there is a ton of things you cannot do by default, and Apple are big haters of jail-breaking (they used to file court cases trying to get it banned) unlike Google who seem to support Android rooting. For the record, jail-breaking your Apple device or rooting your Android device is definitely a bad idea from a security point of view because it introduces a higher threat surface and provides new and creative opportunities for attackers.
If you're using iOS:
1. Password protect your lock-screen using a PIN or normal password. Don't enable finger-print/iris scanning (?) features.
2. Only install applications from the official store (e.g. Apple Store)
3. Check reviews and reputability before installing any applications even from the official store. Data theft is still possible, advertisement spam is still possible, etc...
4. Browse safely.
5. Keep a backup of your personal documents with iTunes on a Desktop/Laptop so you can factory reset if anything unexpected happens.
If you're using Android:
1. Follow #1, #2 (Google Play), #3, #4 and #5 (of course not with iTunes for Android) from the iOS tips.
2. Make use of the Permissions mechanism to restrict this and that.
3. You are likely going to want free security software available (e.g. Avast).
There are many different attack vectors for iOS you may have thought of but such are present for all environments and usage of online web. For example, if you have sensitive and important data stored in iCloud and your account becomes breached (e.g. you re-used passwords and then another service was breached and a dump was leaked and then an attacker tried the e-mail and password combination which belongs to your account for another service but with iCloud and it was successful) then an attacker could steal those personal documents.
I think Apple Store is doing much better in terms of providing a safe environment. I rarely hear of issues regarding malware with the Apple Store, so maybe it's lack of experience with iOS, arrogance, or both. However, I regularly hear of issues with Google Play. Then there's the Chrome Store (also by Google) which isn't for Android and I've first-hand gone hunting for rogue extensions and managed to find about 30 in an hour, all obviously rogue by infringing the names of popular AV vendors... And then it took more than a week for the report to be handled.
I would get either iOS or Android if I was in your shoes - whichever one you prefer/trust the most. I've been an Android fan for many years and this isn't going to change because I prefer it but if I had to recommend either iOS or Android from a general security point-of-view against online attackers then I think I would choose iOS because: a). I see it as a lower target because it appears to be easier to target Android; b). Apple do not support jail-breaking/rooting techniques; and c). the requirements for Apple Store is greater than with Google Play.
You need to take all of this with a grain of salt, but just remember that there are attack vectors no matter what environment you're using. Don't disregard good security practices while operating an iOS device.