Hi,
You can easily achive this with the following method.
1. Create roles as per the need ( Engineer, TCT etc).
2. Map VLAN-10 to Engineer role, VLAN-20 to ICT role and so on..
3. Map these roles to each user accordingly in the internal database as shown bellow.
To Map VLAN to a role :
To map a role an user in internal DB :
Hope you got your solution, please feel free for any furhter help on this.