This is something you can easily resolve with the granular permissions of SharePoint or OneDrive for Business. Both are excellent if you’re bought into the Microsoft ecosystem like Office 365. If security is a concern you can manage your own encryption key with Microsoft although this requires storing it on a Thales HSM and you need some knowledge of how this works.
Google offer a similar, slightly less secure, service with G Suite (formerly Google Apps). Again, it depends what your level of vendor lock-in is at the moment.
If true zero-knowledge encryption is what you’re after then Tresorit offer a service (not cheap) which has seamless sharing and granular permissions. It’s very popular in Europe amongst regulated companies but they’re a cloud-based provider. They incorporate Microsoft’s Digital Rights Management platform to control access to sensitive content and it’s a case of allocating files to different users whilst keeping everything encrypted at all times. Each user needs an account so there’s quite a bit of expense.
What you’re after Rob is a very commercial service. If you’ve got a big team then AxCrypt may be difficult because of the ‘Share Files’ feature. The benefit of AxCrypt is that it’s cheap and geared towards small companies. Bigger companies are better served by the vendors above but there comes a cost which may or may not be affordable for you.
As I said earlier – you don’t actually need file-level encryption providing your hard drives are fully encrypted. You only need file-level encryption when sharing the files externally.
I think keeping AxCrypt as a solution to encrypt files that are uploaded to the cloud, mailed on disks etc. is the best option for you – based on what you’ve said – and then using something like SharePoint locally to keep your files secure.