What other options are there to secure connection strings and not commit them to version control when using a Worker Role apart from encrypting ServiceConfiguration.Cloud.cscfg - if that is even possible?
Web Apps have accessible variables in the portal - that seems not to be the case with Worker Roles.
Cloud Services, part of which Worker role are, do have Settings exposed in the portal and they can be changed just as in App Service WebApps. You cannot encrypt .cscfg on the cloud. You can have them encrypted locally, but you have to decrypt them before you do a deployment.
If you want to secure your connection strings and sensitive data, you could do that by using Azure KeyVault. Then you can protect your connection strings or other sensitive values and retrieve them from the vault in a secure way within your application.