What are you protecting against?
You've enabled TDE at the data warehouse level, but what about the source systems? What's stopping someone going to source and getting all your data?
You need to go back and work from the ground up, if the source systems don't need TDE why does the data warehouse. Source is just as if not more so important, without it you have no DW, you have no business as you can't operate without the source.
Things to look at securing the cube would be row level security. Same at the engine layer. Potentially dynamic data masking at the engine layer. Using schemas and groups and views and everything else to create marketing views to see only marketing data, sales views to see only sales data etc then depending on groups you can select from the right views.
But again "it depends" on what is actually needed, what you are actually protecting against as to the solution you need to follow.