@Ciyaresh 

I had a somewhat similar problem where i wanted to create a query for alerting on brute-force attempts against users in specific "high risk groups". A user then came up with this solution:
https://learnsentinel.blog/2021/07/04/enrich-hunting-with-data-from-ms-graph-and-azure-ad/ 

This way you can have a updated table of the high risk users from our AD, then you can join other tables to cross reference activity regarding changes to group membership. 

www.000webhost.com