Can we add an Office 365 dynamic group inside SharePoint site permissions?

A bit late but thought I'd add some comments.

• If you are using dynamic groups to control access to sensitive sites/libraries, etc. then you should make sure the rules for the dynamic groups work exactly as expected (you don't want any false positives that give incorrect people access to HR data as an example).
• If a user moves to a different role and their details are updated in SAP (or other system) those changes may not be reflected in Active Directory for quite some time, if ever. In large companies it's difficult to manage synchronizing between your employment systems and AD. I'd be finding out exactly how the syncing works, how frequent, and exactly what properties.
• If your SharePoint site is group connected you can change your Microsoft 365 group from Static to Dynamic, so it becomes a dynamic group. This will manage the Microsoft 365 Members dynamically based on the rules you set - the Owners will still be static.

Dynamic groups are basically created to automatically include / exclude users into a group who meet a criteria like Department, Office Location etc., So, the group is managed automatically, so as users meet the dynamic criteria, they will be granted access or removed from the SharePoint site accordingly. Important points to consider

Permissions Inheritance: If the site permissions are inherited from a parent site, you may need to break inheritance first to modify the permissions at the site level.

Permissions Sync: Changes to the dynamic group (e.g., a member added or removed) will be reflected in the SharePoint site permissions, but it may not reflect immediately.

See if this guide helps. 

https://blog.atwork.at/post/Dynamic-groups-accessing-SharePoint-Online

That is correct. If the users profile updates to change departments and the Dynamic Group is only looking for HR, then once the profile changes, the user no longer meets the criteria and is removed, hence losing access.