How CircleCI Checks Permissions
CircleCI mirrors permissions from your VCS provider: GitHub or BitBucket. Anyone who has admin access to your org there is an admin on CircleCI. Permissions are checked against the VCS for each page load.
An org admin is an Owner on Github and following at least one repo being built on CircleCI
You can read more about GitHub Permissions here (https://help.github.com/en/articles/permission-levels-for-an-organization)
An org admin is an Admin on Bitbucket and following at least one repo being built on CircleCI