Some jobs push to QA and some jobs push to Production.
Only devs should be allowed to push to QA and only QA should be allowed to push to production. Aside from making
You have to manage restrictions with the tools that Jenkins provides. If you have administrator status go to "Jenkins configuration" (picture 1) and then to "Manage and assign roles" (picture 2). Here you will see "Manage roles" and "Assign roles".
Use "Manage roles" to create/update roles and assign permissions to determined projects and also to manage the restrictions of each job. Use "Manage and Assign roles" to assign roles to users or to other groups.
Role/permission matrix:
Thus you can configure groups to administrate determined jobs, to execute other jobs or to simply have the ability to visit and see job details.