On the Job DSL wiki (https://github.com/jenkinsci/job-dsl-plugin/wiki/Script-Security) it states undr Groovy Sandboxing:

"All Job DSL methods are whitelisted by default, but Jenkins access control checks are applied."

However, when creating a freestyle job with the example from (https://jenkinsci.github.io/job-dsl-plugin/#path/javaposse.jobdsl.dsl.DslFactory.pipelineJob-definition-cps) as the DSL script, and running as an appropriately authorised user with sandboxing enabled, the following error message is displayed:

ERROR: Scripts not permitted to use method groovy.lang.GroovyObject invokeMethod java.lang.String java.lang.Object (javaposse.jobdsl.dsl.helpers.workflow.CpsContext readFileFromWorkspace java.lang.String)

The DSL for those interested:
pipelineJob('example') {
definition {
cps {
script(readFileFromWorkspace('project-a-workflow.groovy'))
sandbox()
}
}
}