Apologies for the direct approach but I see there is a similar issues you are dealing with an I am have more or less the same issue.
I am provisioning an AAD Guest User (third party vendor), adding to AAD Security Group which is associated in Salesforce SSO and with profile (down from Salesforce to AAD).
This issue is that the User gets created AAD >> Salesforce but not with the correct profile as intended.
Am I missing any particular attribute?
Your assistance is highly appreciated.