Some jobs push to QA and some jobs push to Production.
Only devs should be allowed to push to QA and only QA should be allowed to push to production. Aside from making
You can use matrix-based security to achieve this.
You need Project-based Matrix Authorization Strategy in Global Configuration, and on the Job Configuration, use Enable Project-based Security.
It's all explained here
Standard Security Explained
You have to manage restrictions with the tools that Jenkins provides. If you have administrator status go to "Jenkins configuration" (picture 1) and then to "Manage and assign roles" (picture 2). Here you will see "Manage roles" and "Assign roles".
Use "Manage roles" to create/update roles and assign permissions to determined projects and also to manage the restrictions of each job. Use "Manage and Assign roles" to assign roles to users or to other groups.
Role/permission matrix:
Thus you can configure groups to administrate determined jobs, to execute other jobs or to simply have the ability to visit and see job details.
Now go to the job and add that user and choose read.
You can now see that the user has only access to that specific job
I just found the ownership based security method for doing per-job and per-node permissions. Not applicable in all situations but sometimes very useful - like when other teams are running few jobs on your team's instance.