I thought it might be interesting to weigh in a little here, as someone in the security industry. Anti-virus products serve as excellent defenders against certain attack vectors, such as email, and web downloads. However, they are only so good at defending your system from new and emerging attack vectors.
The way antivirus programs work, is they look at malicious file signatures. Those signatures can range from a file hash (bad antivirus programs use this), machine code heat mapping, and file names. If the malware is new, and unregistered, then the antivirus will not catch it.
The best way to keep yourself protected is to make sure your machine has all of the latest updates installed. Every patch contains security fixes for things that range from remote code execution to privilege escalation. You can find a list of those fixes for Apple products and software here:
https://support.apple.com/en-us/HT201222
To be clear, there is a difference between being on the bleeding edge (latest hardware / latest OS) and being up to date in security updates. Apple's support policy is that they provide security updates for the latest OS and the two previous versions. This means currently Mojave, High Sierra, and Sierra receive fixes. If you are running an earlier OS to that, you are vulnerable to every Mac vulnerability that is discovered afterwards and never will get protection against it, except from an antivirus that may miss an obfuscated malware attack.
Common attacks these days are ransomware, which elevates it's privileges to System (kernel) and then encrypts your files, demanding money in exchange for decrypting them (supposedly, in practice most criminals never bother to decrypt or even to store decryption keys). MacOS is not immune to these attacks. The days of worms and viruses are behind us, and relying on the fact that worms and viruses are becoming less common as a source of confidence that you do not need to update your system or use an antivirus is blind to the ever-changing security landscape.
TL;DR - Antivirus is good, but installing security updates and staying on a supported OS is more important. Do both and you're in good shape, but you don't "need" an antivirus if you don't want one.