IT Auditor

Domtar is a leading producer of pulp, paper, packaging, tissue and wood products. Through our focus on safety and sustainability, as well as our commitment to operational excellence and our network of facilities across Canada and the United States, Domtar delivers high-quality and cost-effective products to customers around the world.

Our workforce is comprised of 14,000 talented and hardworking individuals. We are proud to offer competitive compensation, a supportive working environment, rewarding career paths and plenty of opportunities for learning and growth.

The location in Montreal, (Quebec, Canada), is seeking talent to fill the position of IT Auditor. This job is full-time permanent.

Overview: Reporting to the Assistant Manager, IT Audit, you will act as an independent partner in assessing the effectiveness of the organization’s IT governance, risk management, and internal control processes. You will contribute to the execution of the IT audit plan under the supervision of audit management. Your strong understanding of IT processes, IT risks, and cybersecurity will be leveraged to perform testing, formulate practical recommendations, and follow up on remediation plans. In addition, you will participate in IT compliance reviews in accordance with company policies and procedures and Sarbanes-Oxley (SOX) requirements.

You will leverage data analytics and artificial intelligence tools to enhance audit efficiency, identify trends and anomalies, and detect risks within the organization’s systems, controls, and processes. Finally, you will also have the opportunity to develop your skills while contributing to the continuous improvement of the internal audit department’s methods and practices.

Your challenges:

• Execute risk-based IT audit engagements in alignment with the annual audit plan.
• Evaluate and test IT General Controls (ITGCs), particularly in a SOX compliance context.
• Analyze data using analytics tools to identify trends, anomalies, and potential risks.
• Document audit procedures, findings, and recommendations clearly and concisely.
• Provide practical, risk-based recommendations to improve systems, processes, and controls.
• Assess remediation plans developed by IT teams and monitor their implementation.
• Support ad hoc audit or advisory engagements as required.
• Contribute to continuous improvement of audit methodologies, tools, and practices, including automation and data-driven auditing.
• Build and maintain strong relationships with stakeholders to support effective communication on risks and controls.

Your skills:

• Strong analytical and problem-solving skills, with the ability to interpret and leverage data to support findings and recommendations.
• Critical thinking and attention to detail
• Strong organizational skills, and adaptability to evolving technological environments.
• Proficiency in data analytics tools (e.g., Excel, Power BI, Tableau, Python, ACL or similar).
• Good understanding of IT risks, cybersecurity principles, and control frameworks.
• Excellent written and verbal communication skills, including report writing and presentation.
• Ability to communicate complex concepts in a clear, concise, and persuasive manner.
• Adaptability and willingness to learn new technologies and business processes.

Your Profile:

• University degree in Computer Science, Information Systems, Information Technology, Accounting, or a related field.
• Minimum of 3 years of relevant experience in IT audit, IT risk, or a related field.
• Professional certifications such as CISA, CRISC, CPA, CIA, CISM, CISSP, or CFE are considered an asset.
• Knowledge of ERP systems, databases, operating systems, and security controls (e.g., SAP, JD Edwards, Windows, Linux).
• Basic understanding of SOX compliance requirements is an asset.
• Bilingual in English* and French (spoken and written).

What we are offering

• Competitive salary and annual bonus 
• At least three weeks of vacation and three floating holidays a year from the first day of work, depending on your experience
• Full range of group insurance from the first day of work
• Telemedicine services
• Defined-contribution pension plan with generous employer participation from the first day of work
• Employee and family assistance program
• Education assistance program
• Hybrid workplace: in-person and remote work
• Work environment based on respect, inclusion and diversity
• Office accessible by public transit

(*) English bilingual: If listed, this qualification is required since this function requires regular verbal and/or written interaction with customers, partners and/or our American subsidiaries.

Domtar is firmly committed to placing greater emphasis on the principles of equity, diversity and inclusion to empower all employees to reach their full potential. We form a dynamic team whose diverse backgrounds and wealth of perspectives are one of the keys to our success. We offer an inclusive, rewarding and safe work environment with opportunities that will help grow your skills.

To learn more about our company, consult the Domtar Company Web Site and follow us on LinkedIn, Instagram and Twitter.

#LI-Hybrid

22806
[[titleNOC]]
Information Technology