You can't.
Modifiing the local security policy can only be done by members of the local Administrators group. This restriction is implemented internally within Windows and there are no settings exposed by which to change it.
but [the service] needs to be able to give the newly created accounts permission to log in as a batch job.
Code that is creating or modifying permissions for other user accounts needs to be at least as privileged as the permissions being assigned. It's illogical to imagine a process that can grant privileges greater than the code itself has, because in fact the code already has said privileges by virtue of the fact it can grant them.
Due to the restrictions on editing the local security policy, it will be necessary to give your service administrative level permissions.