While probably not the answer you're looking for, find an outside company to do it. You're too close to the systems that you'll either ignore some things you see, or think it's not an issue. By having an outside 3rd party doing to the assessment, you get a semi-impartial view of the systems.
I say semi-impartial, because there are groups out there that will do the scans and then try to sell you their support or service to help you fix the problems.
However, that's not to say you shouldn't get the skills yourself. Don't practice on your production systems, even if your test lab is a desktop that can run virtual software, and look in to Nessus and other vulnerability scanners.