1.Yes, SharePoint Online is a good choice. You could create site collection first, store files in the site collection, then grant different users with different permissions.
2.You could store files in different libraries then grant users with different permissions for libraries. And you also could set unique permissions for single document.
References:
Customize permissions for a SharePoint list or library
6 locations can set security files SharePoint
3.You could sync SharePoint Online with local files through OneDrive.
If the response is helpful, please click "Accept Answer" and upvote it.