Use multiple roles. I agree with Elliot this should be justified because it's a PIA for administration, but I'd just create new roles, perhaps one for each table if needed, and grant rights to the roles, dropping people in those roles.

To simplify, I'd actually use AD groups and stick multiple roles (tables) with an AD Group (AD Group has multiple roles). Then the "table" security management is handled by the security group that puts people into the proper roles (or removes them).