You can secure the userid and password in several ways if you do not use trusted transfer option in XCOM.
XCOM™ Data Transport® for z/OS
1. Remove Parameters USERID= and PASSWORD= fron the SYSIN01 and store it in a separate member.
Then concatenate that member behind DD-Card SYSIN01 as follows:
//SYSIN01 DD *
IPNAME=nnn.nnn.nnn.nnn
IPPORT=8044
TYPE=SEND
FILETYPE=FILE
FILEOPT=REPLACE
LFILE=AAA.BBB.CCC
FILE=/aaa/bbb/ccc.txt
...
/*
// DD DISP=SHR,DSN=DDD.EEE.FFF(USERPASS)
2. You can encrypt the password in that member by using the XCOMENCR job provided in the CBXGLOAD dataset.
This will replace the readeable password by an encrypted one. XCOM is able to interpret that encrypted password.
3. You can restrict access to the dataset (in this example 'DDD.EEE.FFF') to a small number of users.