Hi @rmourey26,
_From: https://docs.openzeppelin.com/contracts/3.x/#usage_
To keep your system secure, you should always use the installed code as-is, and neither copy-paste it from online sources, nor modify it yourself.
You can use the PresetERC20MinterPauser as inspiration or you can extend from it. See: https://docs.openzeppelin.com/contracts/3.x/erc20#Presets
It really depends on your use case, whether to deploy an upgradeable contract or a non-upgradeable contract. Though you can't change a non-upgradeable contract to be upgradeable.
You can deploy as a non-upgradeable contract but you won't be able to change it to an upgradeable contract.
I recommend looking through:
Yes. You can give your Gnosis Safe control of any admin functions, including control of any upgrades.
See: https://docs.openzeppelin.com/learn/preparing-for-mainnet#key-management
Defender is great if you have any admin functions in your contracts or you need to securely automate calling your contract.