I feel it's well worth the $10/month I pay to know that all my work is "backed up" and that I'll never lose it (again). It gets backed up locally as well, but not offsite - that's part of why I use github. The other parts being it's a standard in the industry and pretty good at doing it's job! If you don't want people to be able to see your code, upgrade your account and make your repo(s) private.
Then, if an employer needs to see your work, you can either grant them full access to your project, or you just send them snippets from your codebase without sending them the whole thing. You have every right to tell an employer that no, you will not send the entire application but you can send snippets. If they can't respect that, that's a red flag right off the bat for me that they are a crappy (and potentially unethical) company.
On (and off) the internet, nothing is stopping someone from ripping/stealing your idea. If you feel strongly enough about it, you can seek legal counsel on how best to protect your idea.