You can have membership of groups managed through AD.
Basically let's say you have a Security Group in AD called "Service Desk Users". This Security Group contains numerous users that you want to provide specific Service Desk permissions to.
When you sync AD within the Service Desk you should find that the Group has been created and the membership updated. This will appear in your Groups list as <your domain>\Service Desk Users
What you then do is apply the permissions to that AD synced group.
However this implies that you are syncing the part of your AD that contains the Security Group and that you haven't set your syncing to only deal with user accounts. You can check these settings as follows:
To check sync settings:
1. Goto Admin > AD Servers
2. Click on the lightning bolt > Edit AD Server
3. Enter your AD elevated user password, then click Next
4. If you have "Entire Domain" selected this will sync everything in the AD server so no need to do anythng.
5. If you have "Organization Units" selected you will need to hand pick the OUs that contain the Groups you want to sync (and the OUs that contain the members as only syncing the Group won't help!).
6. If you make changes remember to hit Save.
To check user only sync setting:
1. Goto Admin > Portal > Master Settings
2. Under "Process Manager Active Directory Settings" there is a tick box called Sync Only Users.
3. Uncheck this box to sync AD Groups and remember to hit Save.
The out-of-the-box Groups can't be mapped back into AD but you can essentially re-create them and copy their permissions so members in the Groups will be able to carry out the same functions. The better way to do this is to update the Process to deal with your custom groups and not the default ones - this I can't help with as I haven't personally done it.