mphalak,
You can give the one group the admin role and not the other. There is not right management for only scans but the scan feature is part of the admin role. So you could give the IT Infr the Admin role and not the other group. The other option is if you know who in the IT Support role is supposed to have the scan right you could give them admin only as a single user. The ability to delete and modify nodes is a separate right which is call Node Management. Sorry it is not exactly the answer you are looking for but hoe it help.
Regards,
Adam Stephen
Loop 1 Systems
Remote Engineer Level 2
www.loop1systems.com