Hi,
If the Security teams want implement the 3 tiers administration model , it's recommended to remove domain admins group on local administrators on each server and computer in tiers 1 and tiers 2.
To get more details about 3 tiers model you can refer to the following link : use-microsofts-active-directory-tier-administrative-model
Before performing this action , you should check if there is any service account member of domain admins already used to run a scheduled task or service in member server.
Please don't forget to mark helpful reply as answer