You can give variables the same name and scope to each to its respective Environment to get exactly what you want. http://docs.octopusdeploy.com/display/OD/Variables
Taking a step back, you could also revisit Windows Authentication\NTLM integrated security for ACLs, NTFS permissions, database access and such. If this is an IIS Application Pool, for example, you can look into granting the Windows Domain machine account access, if it is using Network Service. See the bottom of this page https://www.iis.net/learn/manage/configuring-security/application-pool-identities