Multiple appliances would work, but the licensing might not be worth it, and you lose out on correlations: What if "Bad Thing" is only indicated by Event A and Event B, but Event A is getting reported to Engineering and Event B is going to IT? LEM appliances don't chat to compare correlation notes (as of version 6.2).
matej's solution could work: create filters and dashboards (OpsCenter) for each team and set them as "Monitor" accounts. Downside here is it means that you also get to create all the rules and alerts, since your Engineering and IT guys won't be able to modify the rules engine to setup their own notifications and alerts.
Also, the "Manage --> Nodes" screen is universal, so if they have access to that, they can see all the devices logging to the LEM. If they have access to "Explore --> nDepth" they'll see events from any/all devices that match their search criteria. There isn't a way to lock a user out of search results if they have access to nDepth in LEM.
Just trying to give some more info for consideration.